64.62.227.29 Open in urlscan Pro
64.62.227.29 Public Scan

URL:
http://64.62.227.29/
Submission: On May 01 via manual (May 1st 2020, 10:24:52 pm UTC) from PH

Summary HTTP 170 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 52 domains to perform 170 HTTP transactions. The main IP is 64.62.227.29, located in Fremont, United States and belongs to HURRICANE, US. The main domain is 64.62.227.29.

This is the only time 64.62.227.29 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	64.62.227.29 64.62.227.29	6939 (HURRICANE) (HURRICANE)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2016	15169 (GOOGLE) (GOOGLE)
3	2401:c900:110... 2401:c900:1101:143:9::e	36351 (SOFTLAYER) (SOFTLAYER)
1	162.144.153.251 162.144.153.251	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	2606:4700:303... 2606:4700:3033::6812:2159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
2	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
4	198.151.217.193 198.151.217.193	22671 (AAAS) (AAAS)
1	132.148.46.86 132.148.46.86	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2606:4700::68... 2606:4700::6812:3ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:12a:8000::1 2620:12a:8000::1	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3035::681f:5baa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.72.26 192.0.72.26	2635 (AUTOMATTIC) (AUTOMATTIC)
1	54.164.167.223 54.164.167.223	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2 16	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	54.77.250.219 54.77.250.219	16509 (AMAZON-02) (AMAZON-02)
9 9	52.59.135.20 52.59.135.20	16509 (AMAZON-02) (AMAZON-02)
1 1	94.130.165.158 94.130.165.158	24940 (HETZNER-AS) (HETZNER-AS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS) (SERVERS)
1 1	148.251.129.84 148.251.129.84	24940 (HETZNER-AS) (HETZNER-AS)
2 2	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	54.227.146.141 54.227.146.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:6b97:77eb:242a:52b4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.105.254.92 23.105.254.92	7979 (SERVERS) (SERVERS)
1 2	2.16.31.65 2.16.31.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	54.76.76.151 54.76.76.151	16509 (AMAZON-02) (AMAZON-02)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::681b:b406	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::681b:8a51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:192::221c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3030::681c:e9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	192.124.249.6 192.124.249.6	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2606:4700:10:... 2606:4700:10::6816:45b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.55.249.212 207.55.249.212	17054 (AS17054) (AS17054)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3 3	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	94.23.144.220 94.23.144.220	16276 (OVH) (OVH)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	18.197.178.227 18.197.178.227	16509 (AMAZON-02) (AMAZON-02)
9	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	18.185.207.113 18.185.207.113	16509 (AMAZON-02) (AMAZON-02)
170	46

45 64.62.227.29 (Fremont, United States)

ASN6939 (HURRICANE, US)

64.62.227.29	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2401:c900:1101:143:9::e (Singapore)

ASN36351 (SOFTLAYER, US)

tapnewswire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.144.153.251 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.prepforshtf.com

prepforshtf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6812:2159 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clipground.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

justusaknight.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.151.217.193 (Washington, United States)

ASN22671 (AAAS, US)
PTR: ekamedia03.eurekalert.org

media.eurekalert.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.148.46.86 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-132-148-46-86.ip.secureserver.net

www.dodgingdeception.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:3ad (United States)

ASN13335 (CLOUDFLARENET, US)

www.brown.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:12a:8000::1 (United States)

ASN54113 (FASTLY, US)

news.cornell.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681f:5baa (United States)

ASN13335 (CLOUDFLARENET, US)

lisahaven.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

officeoftheworldteacher.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.167.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.newswise.com

www.newswise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.136.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.250.219 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-250-219.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.59.135.20 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-135-20.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.165.158 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.158.165.130.94.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.84 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.84.129.251.148.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.227.146.141 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-146-141.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:6b97:77eb:242a:52b4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.92 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)
PTR: mixer.mixmarket.biz

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.31.65 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.76.76.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::681b:b406 (United States)

ASN13335 (CLOUDFLARENET, US)

moremonmouthmusings.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681b:8a51 (United States)

ASN13335 (CLOUDFLARENET, US)

www.catholicnewsagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:192::221c (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

media.defense.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681c:e9b (United States)

ASN13335 (CLOUDFLARENET, US)

www.wklaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.6 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10006.sucuri.net

www.nowtheendbegins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:45b5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ancient-origins.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.55.249.212 (St. Petersburg, United States)

ASN17054 (AS17054, US)
PTR: s212.s249.n55.n207.deluxehosting.com

www.titansgab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.31 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.144.220 (Netherlands) 1 redirects

ASN16276 (OVH, FR)
PTR: ip220.ip-94-23-144.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.178.227 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-178-227.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.207.113 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-207-113.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	revcontent.com trends.revcontent.com cdn.revcontent.com img.revcontent.com	395 KB
22	youtube.com img.youtube.com www.youtube.com	637 KB
16	mgid.com 2 redirects jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com	81 KB
9	bidswitch.net 9 redirects x.bidswitch.net	3 KB
5	gstatic.com fonts.gstatic.com	78 KB
4	defense.gov media.defense.gov	834 KB
4	mfadsrvr.com 4 redirects rtb-usw.mfadsrvr.com rtb.mfadsrvr.com	2 KB
4	eurekalert.org media.eurekalert.org	399 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	zemanta.com 3 redirects b1sync.zemanta.com	2 KB
3	blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com	116 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	1 KB
3	criteo.net static.criteo.net	30 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	2 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	wordpress.com justusaknight.files.wordpress.com officeoftheworldteacher.files.wordpress.com	731 KB
3	tapnewswire.com tapnewswire.com	428 KB
3	ytimg.com i.ytimg.com	52 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	bttrack.com bttrack.com	760 B
2	catholicnewsagency.com www.catholicnewsagency.com	35 KB
2	moremonmouthmusings.net moremonmouthmusings.net	143 KB
2	lockerdome.com lockerdome.com
2	criteo.com bidder.criteo.com	282 B
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	wp.com i0.wp.com i1.wp.com	146 KB
2	lisahaven.news lisahaven.news	1 MB
2	wikimedia.org upload.wikimedia.org	405 KB
2	clipground.com 1 redirects clipground.com	250 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	erne.co 1 redirects green.erne.co	447 B
1	titansgab.com www.titansgab.com	93 KB
1	ancient-origins.net www.ancient-origins.net	73 KB
1	nowtheendbegins.com www.nowtheendbegins.com	127 KB
1	wklaw.com www.wklaw.com	42 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	lentainform.com cm.lentainform.com	329 B
1	loopme.me 1 redirects csync.loopme.me	190 B
1	idealmedia.io cm.idealmedia.io	547 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	newswise.com www.newswise.com	29 KB
1	cornell.edu news.cornell.edu	74 KB
1	brown.edu www.brown.edu	152 KB
1	dodgingdeception.com www.dodgingdeception.com	45 KB
1	prepforshtf.com prepforshtf.com	225 KB
170	52

	Domain	Requested by
20	img.youtube.com	64.62.227.29
14	trends.revcontent.com	64.62.227.29 trends.revcontent.com cdn.revcontent.com
9	x.bidswitch.net	9 redirects
9	cm.mgid.com	jsc.mgid.com 64.62.227.29
7	img.revcontent.com	cdn.revcontent.com
5	fonts.gstatic.com	64.62.227.29
4	media.defense.gov
4	jsc.mgid.com	2 redirects 64.62.227.29
4	media.eurekalert.org	64.62.227.29
3	ib.adnxs.com	3 redirects
3	b1sync.zemanta.com	3 redirects
3	static.criteo.net	jsc.mgid.com 64.62.227.29
3	tapnewswire.com	64.62.227.29
3	i.ytimg.com	64.62.227.29
2	prod.perf-serving.com	2 redirects
2	cdn.revcontent.com	64.62.227.29
2	rtb.mfadsrvr.com	2 redirects
2	bttrack.com
2	www.youtube.com	64.62.227.29
2	1.bp.blogspot.com
2	www.catholicnewsagency.com
2	moremonmouthmusings.net
2	lockerdome.com	cdn2.lockerdomecdn.com
2	bidder.criteo.com	static.criteo.net
2	sb.scorecardresearch.com	1 redirects 64.62.227.29
2	i.liadm.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.betweendigital.com	2 redirects
2	match.adsrvr.org	2 redirects
2	servicer.mgid.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	lisahaven.news	64.62.227.29
2	justusaknight.files.wordpress.com	64.62.227.29
2	upload.wikimedia.org	64.62.227.29
2	clipground.com	1 redirects 64.62.227.29
2	fonts.googleapis.com	64.62.227.29
1	green.erne.co	1 redirects
1	www.titansgab.com
1	4.bp.blogspot.com
1	www.ancient-origins.net
1	www.nowtheendbegins.com
1	i1.wp.com
1	www.wklaw.com
1	cdn.onesignal.com	64.62.227.29
1	cdn2.lockerdomecdn.com	64.62.227.29
1	udata.mixmarket.biz	1 redirects
1	i6.liadm.com	64.62.227.29
1	cm.lentainform.com	64.62.227.29
1	csync.loopme.me	1 redirects
1	cm.idealmedia.io	64.62.227.29
1	bidswitch-eu.splicky.com	1 redirects
1	cdn.mgid.com	64.62.227.29
1	b.scorecardresearch.com	jsc.mgid.com
1	www.google.de	64.62.227.29
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	64.62.227.29
1	www.newswise.com	64.62.227.29
1	officeoftheworldteacher.files.wordpress.com	64.62.227.29
1	i0.wp.com	64.62.227.29
1	news.cornell.edu	64.62.227.29
1	www.brown.edu	64.62.227.29
1	www.dodgingdeception.com	64.62.227.29
1	prepforshtf.com	64.62.227.29
170	65

This site contains links to these domains. Also see Links.

Domain
telegram.org
t.me
www.herbanomic.com
tinyurl.com
forum.beforeitsnews.com
www.youtube.com
trends.revcontent.com
widgets.mgid.com
nixagrim
be2
dream-singles.com
beforeitsnews.com
www.suppressedhealthsecrets.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-08` - `2020-09-07`	a year	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
*.eurekalert.org DigiCert SHA2 High Assurance Server CA	`2019-07-25` - `2021-10-27`	2 years	crt.sh
5727217287954432-fe1.pantheonsite.io Let's Encrypt Authority X3	`2020-05-01` - `2020-07-30`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.newswise.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-19` - `2020-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.liadm.com Amazon	`2019-12-28` - `2021-01-28`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
revcontent.com Amazon	`2019-09-19` - `2020-10-19`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2019-09-27` - `2020-11-26`	a year	crt.sh
www.defense.gov GeoTrust RSA CA 2018	`2019-05-15` - `2020-08-13`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
nowtheendbegins.com Go Daddy Secure Certificate Authority - G2	`2020-02-23` - `2021-02-23`	a year	crt.sh
ancient-origins.net CloudFlare Inc ECC CA-2	`2019-09-28` - `2020-09-27`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
cdn.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
img.revcontent.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2020-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://64.62.227.29/
Frame ID: F1CB7CBACC20EAE8CC5A7ADF1A933D58
Requests: 163 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Frame ID: F03ADF574AEBABB0001D887E97E6BFD5
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122
Frame ID: EACC67E3394DFCCE0A93760A4D1913CA
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=158837187401138511095
Frame ID: 001315D8A454ACF72C5D76C9B69B5E1E
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=http%3A%2F%2F64.62.227.29&rid=&width=370
Frame ID: 9D06B68109ADB3B43D63737D7556B5CC
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=http%3A%2F%2F64.62.227.29&rid=&width=370
Frame ID: 7E841FFD351906A38B20D965714B7A76
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HgL9XfqaIoo?rel=0&autoplay=0&mute=0
Frame ID: 873AE0E089B2B0103015D845E09F2268
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cIHgzaaewTk?rel=0&autoplay=0&mute=0
Frame ID: 69ECB8F2EC149FF69D838B6440334D1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

170
Requests

66 %
HTTPS

43 %
IPv6

52
Domains

65
Subdomains

46
IPs

10
Countries

7405 kB
Transfer

8322 kB
Size

0
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/
Title: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://t.me/BeforeitsNews
Title: https://t.me/BeforeitsNews

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/oxy-powder-safe-natural-colon-cleanser-120-capsules
Title: Try This And You'll Lose 15 Pounds of Extra weight in Your Colon! (VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y5l79sq5
Title: ALERT - Try This New Tech and You'll Never Run Out of Clean Drinking Water Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/immusist-beverage-concentrate-1-2-oz

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/mmitosynergy-copper-1-advanced-formula-120-capsules
Title: Has This Egyptian Copper Secret Caused Problems For the Illuminati Depopulation Plans? (See Blood Video)

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/vars-liposomal-glutathione-mint-burst
Title: THIS is Why Glutathione is Called the Miracle Molecule for Health and Anti-Aging! (VIDEO)

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y29fu3rf
Title: Try This Discreet Weapon - They Never See It Coming Until They Are On The Ground and Can't Move!

Search URL Search Domain Scan URL

URL: http://forum.beforeitsnews.com/b4in/login.php
Title: FORUM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/nsearchofsouls/videos
Title: Listen to God's Word on Youtube!

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/androtrex-all-natural-male-vitality-booster-2oz

Search URL Search Domain Scan URL

URL: https://tinyurl.com/y23ghhwe
Title: Try This Ancient Device and You'll Never Have High Monthly Electric Bills Again! (VIDEO)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=8eWfvTeB94PU7FmAnj%2Bin%2BhNIKuIp3y0KcHj6EkRKW5GNYy70HymDuA8fzhiqAwoK52NHJg6kum9ty7QSJIcZMb1UMAv%2BJhrk4Uj9ezlhAD6eSuErQg8g%2BVirrJhApHlT3UofmkvEO3nac576C6fflItAm%2FHpmvlgpXgQAfdpcuYFfiGCms6WKcCCAvLPG9uHmwS%2B0pxvEgqXMnOq2wbOqBBkrzSPp3nTLj0KL5QoGoML%2BId2C2YOVRMnCOO96nLgVBnhCWGjcRQRZ0vSLGVZ7AbIMTBFnoyqlsCF%2Bu25wcSrBkswl74fhJD%2FEFShNnmdGHv0G878V6V4qBuuO%2FrN8uB6q4j9btNhNhzS%2BLsmcH7Apxbg7NIBzo8LV%2FIeRh1c0Q2rS2t%2BjVNKpWEaB6L7Q%2BnbIGpuCrNukyQkzTryMxPKWQ6siuEMpss6%2FIOSD2UIDat9NpoHyeXlDiHyfq6jq5nKwTbFCbFiW902ab6xKISn5ngpgn352Dusu8CSzeaSIvt0oZZUSM7G8TxIn2BG7d6vcPXfNKar%2BlDxSXu46QepVWCQklsGC7x%2BDt1aRKeUZs%2FHMKdbwP6c9SqyL8l3eWLottadRkZt%2FRZXTvBe905oIeJOaemk02hQxP8WQBlb5Abuj6nj4TDsFr0JQBomrmnl9OtYdCzsgqhC6rLXV6t5K5O2GZbexXGCfRG%2Fzf8uJwozvB%2BBjZtCda%2Fr4Ka%2BDZI7CnFaRIfee1%2FUylCz27GwetePKeqCmiDYTvO6NJ8Tw57%2FaIDRNNTmU06Q01OP14ljXivUhTCbUM5H4B8PXfSVvlQKCMpz8TvRaZU%2BJeFazeZYI3fwNgqXOkOF6Rw5RIWX2uZElp%2B1JzG6d70o4drg%2FOg0Ap07B4VjapvKvxPV0xSAhFKyioXabNcRvXNB3Pvq644QXuYin1mnDw6TKQX8n2CcRhbF2lYnWaCaKfsaY91C1WnZF4HtTvzyrRmj5Y7ycQ8MPpW10DLYX5fhf%2BMiS0tkbY8N3cvsv7%2BfMNbF4Fa%2B2F2L%2BP5rWuC2rrhLB%2F0A7cDZ5ZvJ8kwcXn5uPYG%2F9hDrktpuwSykTruQmzOctXSWXCE%2FtLKi2MsnYEHHQ%3D%3D&s2s=1
Title: What She Did to Lose Weight Stuns Doctors: Do This Daily Before Bed!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Qk%2BMCVbZJDJRavjc%2FBM1oIIwaExcTzpivUELaKihLdzkgHjM6KADgE5OCLXEzxfCgPfCdeeNlHn0lfJo9q%2B7qPm909HozHvdchoVoyko%2BBnOCIYSHizW0h9TCgMXyYdr5ORvaTJNRoy%2Fjez69JgRqp07P5a%2F63k8B4gCu76K1T%2FTLiiFscJwlXY9If4wXYhI92Tx36TuT2%2BMqpJAGpDUnTKbS3C5Qg777NrUjt53avdyC8elQTSMbrUxyP1fHj%2FBa0%2FNFhDB87FGpNpVoxPXswe0i0HYsoRvbtvN9k4KchHjCFsNgeXJQK2Skz5N3KBXBkRAgS9mhkQ%2BDpj%2BYwjXMk7iOLMNPC5rv5to2nLLVLfEvBzVeTrH9kIafk9JAIIdkUS1yohJCNh1gjtTPM0KdhfbVOaI%2Bu4lqx5LSWfvMeo6AfQbJ3vV2KFNP6F3CPg3FksoubptLCnGV5xrBqieBrbQGhoF%2F5WLU7fQRZSFddW16noUIMAvSKzdYwvXZyicUWBM2rLhFzht%2FUDpPdvXsXMJYcUpSrEFieKzk%2BkUWVf7TPH5nW%2FywdG2aDpLC7MP4QLWNs7Q1ZRXrEH%2F%2F0Cx4RA4SYndPDpI3doTO80xdjgEhlIWHzGNAwy8SYoifSL6Hx8aBvNV5MvOYxhRRVytvbjIpLZqlXGLsLn%2FexzOOYISmmJoLjYOvyg5FI%2Bo64IEU2UW1KVUe3BLuK%2Ffgp72IvInphPGX5GP4fXFBtUmYZRGFczTN0gg%2FlxsVh%2BEKDJyQGEvZNpXRiTtlYY4vR9yCE4jX1aThS7QboWGd10kyQHYovJISD6XgEU%2B6j2O2FRKTweI5YZa4vy3Q9brOVyIdl1rLiM5IDh7zEuZM%2FRCctHhLYuECRyYZSFPwrYlDQwPjRaWc31rchL1hgh7NvDO9fIa2rYUvvzkq9%2BVP0mKeUbh8zWRBPFyG%2FHWkgS1LezPU7EA6Cxyi8axi3q0RV%2Bnqw%3D%3D&s2s=1
Title: *a*the Best Way to Relax Tight Musc

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=u2SrlobfjUErhuR7Og4RTlvK%2FAPTiB4isaN4QSR8qU%2Bf%2BOwFsPZWAn0BYNW4BsX0fGxzJ%2FWSza5VC%2B%2B4IOwvdtJq9VLAlByFYJY7VRAmIwDmZBggfgwZ%2FtkIDW641iyjclaOMNwRs931ij9eUOD%2BwRhxETRMW%2FZyeIUU43Nlovxqo7HScLZoMIuwI0EsMmSTTV5Bobq2eu9hB%2FLh%2BoqtBAdr9M8JtHVsAcfQJ%2Fhq0iXtiPiNW67U6PUL6fV3pFteY3RtVP%2Bym3UGxjCaN7OID59HEo3Hdfx8qec%2BEVR7hi3ASDZUUuFbHtrpAFg6W5BiyWhovEjbKVwDGSEImvftJ%2FoQWS8dBbmeTf8GWicbZ%2BZUjl6IVN3u%2Bhl6KP09Gc1rYBKull9wGTZChdBxGJUYoC%2BwUF3Raz5qHZeuRWtBxyffeB6i7x4BESZ%2BaTjIZnqn6Mm1N6qA%2BfQt7PAwkBt9UelELcOIaEovt7Kh4aH6e7kRvH7DogwezmP8i8b32cnh5dgp0qAjtOiUyjjiVIvVEtxtrNpSKajRmrpGv8yo48i5oDUPnDXm2tuocITQF3qFlmPfBuDFpx8wKju7dXQlncob1WvZJFbWu9JTEpe8THjBsLKB73toNtqqY%2FoksRwaF9UkMiWEjCEkUoYz8CDneQ0W0lAZqpVwq2PKLMNeeL%2BJxgdD0Ig0qUUh1I20uY36St9UwwSv4GClRCaZk%2Bl5G0o2Wx8wmxo7cUy4qA%2FGKd6LD2Peu0%2Fca%2FfOllZbdcuIn2ZbWJotMT%2FyQwTjaGBGPDmIVhQlTVNQU0yOnZe%2F6tragqmFOc0SucEw8eQPGMaLH5EHdC68rlNXVgQAhGCTPYXmLb69I6GkZkwPQfB9BDS59UZbmsSv7PwegBIUdkzuee8X3L94VCU%2B2PgiC3L5j6tJz1S%2FqP5D3U458JiVrqMNrTNg581DaK33AfMF8Xth%2FvsYQg45PPHou%2BIp3e3bErjyCFFnqN4dvcUIJOPqXHOp24Net342v9df8%2B7tb4sypgZ58mU6TrBpHQLibeU2Lfbf3qdWptVEqPUJ7feH%2BRY%3D&s2s=1
Title: New 'Legal Steroid' Turning Men into Beasts

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=64.62.227.29&utm_medium=referral&utm_campaign=widgets&utm_content=351459

Search URL Search Domain Scan URL

URL: https://nixagrim/1_Tasse_vor_dem_Schlafen_und_20_Kilo_weniger_ohne_Di%C3%A4t

Search URL Search Domain Scan URL

URL: https://be2/Reiche_einsame_Frauen_suchen_reife_M%C3%A4nner

Search URL Search Domain Scan URL

URL: https://nixagrim/Verlieren_Sie_12_Kilo_in_2_Tagen._Einfach_zu_Hause_bereiten

Search URL Search Domain Scan URL

URL: https://dream-singles.com/Single_Girls_Are_Looking_For_Single_Men

Search URL Search Domain Scan URL

URL: https://beforeitsnews.com/v3/donate/
Title: Get in the Fight! Tithe to our Ministry and Help Finish Recording God's Word Seen on Every Page!

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxwvh36c
Title: Try This New Way to Control the Matrix and You'll Get Anything You Want! (VIDEO)

Search URL Search Domain Scan URL

URL: https://www.herbanomic.com/product-page/copy-of-detoxadine-organic-nascent-iodine-supplement-2oz
Title: Your Body Cries for Iodine! Here's What You Don't Know About Iodine and Your Health!

Search URL Search Domain Scan URL

URL: http://www.suppressedhealthsecrets.com/
Title: Try These Natural Methods for All Diseases and You'll Never Depend on Big Pharma Again!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=IalURC7H072i6KoV4s3yFWiwVxEGz2x%2FI%2FaQjicLdPLlLiF2WiUrfv8tondgMMIcIIdFutJOpLYFAZ0pjEJ2oi1igowhndf9F0Ld%2B4KqWnxO%2B%2BU2ZlkkeK1RQMDEmKYrJu9g6ZLDoLsghZWPS4ADS7pADmcnyiXxWOampFidDorsDfSEtUoGQKXxTf%2BVJIv2%2FmcnMg8c9KQ7s%2FUrAympBdISBrrXC6iCHFrrGX7D824iV9vOD%2FkQ369%2BSb907EEfO77o1qyFr6c%2FjeEkG57RFsmCjjAK40GWMRO7KANXMjp1XIOBxkboGXhbaxSyw22QBytrd8H7y1vfsqcHlmADgYQNkGuwTngVtER1PVcl9fFfNPvSH8JIpwW4tewvy%2FGpQyv12JkL6sOFqfkClScuThCRWKXW2T%2Bsm4VtMQZweg9G30DJLO6g%2Bh5H2VSSdkFQgftnyCPm58xtwuhNHHlv26rOLrhftwqDct5XPj4Y3AQqKmiZFmRgWmZR%2F8pacQmyiBK%2Bdb%2FZXy1ImIrYUCMuhc3npeHBzQttta0BEGbisfbuUFgE3shIzksOy7QN2ByGAhCNNQ0pfIMaTJeNgQogHCUhULlTAGgkuezihu4wwX%2BpGbid4S0D2y%2BabwC4b9op%2Faw0lzMsJ4ryVqNSFobReoLySvXVIKSg4uDrToGhPCJ7UwgUIjfGaGSqfnvCLy06IkTzhZZ2ga3xeDpKesDSCdRYfiOD8U6w%2FR4hrJavJFmg1FXy8S19lvd3yRp5I9wIghLb2l9b%2BarNzqP9TYN7jaHVQ5dWOhPO4Z8rphjI9cbp9NfM8xovx%2FspDNAtTVb1U2PiH7X9TWtf%2FavdfjAFQwuGMX8UvdRCn5uG8rKEpVfgoabmUK9DP0J0idZIMyHtP7AUr2kVr8QRZjWLxC0cRMp54JJyEGAriHqToBOe3UgNjkRFKH0yzBGJS1TzE3KBVAfrRhKdb6YT%2Fb2NKUdHzXpQSbmZEMFUbZLfS4%2FL5feGH7NPeY0vW87LDWfe%2FKAomiHFupar2sv9uqfuVOdtk%2Fpwlli2mMeZJLG4yZpbpWx%2FFDnUgU0ZkYuRIKbNfRS9&s2s=1
Title: One Cup of This (Before Bed) Burns Belly Fat Like Crazy! Smart Life Reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=4iHybZGlX%2FONIObmxP2wJTkep90QrbmVmhlhurJers2I3bCJocIb0Z4x5220utx7KoPOEvQF3ikF6PiFqWQzvZdQfzsKzaTvkUoPVeeNgYYZ%2FDN%2BeTM7DpOKZPvwKW2ZuajnSR4ghbq6FseuNqOWJt9NJ7igxBoCytp0L0ZDn0rQ7JA%2Bp8XYuPlI2%2FHJ4fZNunSISoEo3qGPepxO42a3QgQUM%2FlneoseurJJI8MS9B%2F7rqXs3ZHsbAgMZtRLoeCZ1Uhz0SY%2BqWPF%2B2ipXdzi8Z30Er%2FQNTClMg3Ibjy9C0%2FXdgebfFyhiFjexuWJ61VsTFFcZbd3lmknMzF7USQKa3C%2FZIyFn9OVsn%2Bbrm5AB2ECF44miqgRzAgnXd58U75W%2B4MQbE5f1RmsT%2FRiBdizBwpcHFCRzeAs0ZFtVsobPNlPGaug5QFevQaCLV6tEt1c8rUNiqyB0b4%2Fu4bpz9VbEtsEVR7Q4ENq2OkAXc60zFQ%2B%2FS4pAy0uZ9CFe%2F2ZhEzXvsjzofxKXShyeZPMvh2XqU5dY%2Bhaj%2BJQM%2BaMW9jobETPkM%2FYvt%2F4Hgaksg1p1H7lZWFrTwgbQQWohDFDT8wpDMLQytCT5bi5J8VLCyOxRfPnO3eo%2BiVYprkj4hWoE0FwX9Bjac3WeU0JO6A5kTjnVbgL%2FSZBNo1JU1wfkw%2Bypn%2BzCdWSgCx5ZWsMPKuuu3vNgncOJcPwLdbtODU%2FSmaLLEae2L9dzBiIEn%2B%2FdXYkc8iezKal3dWwEBHhpZOWAi9GXL5V%2FhB%2BwOtrwAfscdd4zM7MzUGVc%2BoU16QowcsHaT9u4C2Swt7oBziEHqgAqpvqSkYrruLTpzQ0whZ8kr%2B7Gnwj0H8WGrb9lFINp8FSsWLasXHWb2Z40tqsBH9yqy841Vt90XhRY3sD67ktQGeQ4lBo9Zj5AoSc871%2BE8FjbXqaLtrGoF7G60CfPqp1Fq1kuJDcA7JsT9sbvQq582GcyeckssWSoNAfyvDyQpuA1PV14NGwUrJz3cpIX3l3dS%2BRzzmS3cwvXhtr3HJq2OHoh9GDiyy3CNy3DSQpHT54%2FA4%3D&s2s=1
Title: New 'Legal Steroid' Turning Men into Beasts Smart Life Reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=2HKSp6DJbDvK1LsAJJNKbNaOroPhCa53b95FA77wqjPW47SdIStYNpbf6%2F%2BeC%2FUQSePKIJt0MiOikwyLWnVmM6LdWcPi4XSQ2D58sVgjoU5AEP2t5FKwTl2WE1g9zGwrDW0%2B%2FMB%2Bwdks9PsMo62FsdC8NJKqtK9HMPZKBEr%2FIZ0hNZ4KkmIwGnititrejt32xwUp3jmdem1Ncu0yPKBq8rm%2Fejpc4TeYxK%2F3kstGpz6NDYA8RXQlyRIScLafEnxzGZTR9pgs2Yut%2FT2xq6uEzVAvQGW%2Fv5sfcnlmqCJDxMhXMgCMXeOBYuXJlnVjxbo5A108D72vSV1Xt%2F4WJSjlJpOVrwxkRRs0j79Sm0nvIWR%2FZ36HZyOja2t8HPaeu3%2BlEpjzMunS3PLF11hQEs%2FrPfwqh2fLKyPdFYksPvqJXaXv5X9PoowvSX65FnolfZs78qQf5HX0uhTOGdRvgmkuPQAbQy6v3MAKEr41ond94vs6CH1OHSMPVoSrRnZQSoGJhYoh2GJZRriqw15CzgV4BUZh6A7bJYGXbHZ2aOMDlspwBcHQIiQ4ojs7%2FBDN5D9S6h2N56v8XXssCVgIFvdyPQp0sNC6it9p%2FXR4d5yLeaH07W%2FIicZRqRhbj3wxo%2Fmg1GCL5S8uZXtrEirYt5CnXDMJzaH%2F30CTjuVfaQw8jRcaKrSUAUsExHRGFeZ7154m%2BZ3iP%2FqkNxXfCRNnUimmkWrf1ENAJYG9pbAqp8Hmgp%2FgpI6pDqNRr%2Bdg39%2Bjna5sLuYI04umN1MR4hvwFA2Yo1RmTsUkdfpa13tUSujcxNNiBmjjz2koVUSxOulDXyPSSBavl5unSfIFfCz2vsEm6GBLdeL2UU8NfSbusHe2h1kr04zsidQsTor1ZvqqN1B0YOQ49F%2FS78kCYLPBHpgoJX8QT3DhmIrJUjvtzTy71hkiUqfoi568WpJFCNjs1ceL2Kr2Qgx5mk4uAyvErrcSa1qL9cvQNBsoi%2F%2BkxZfr5AiiyF5Q0ZdaOHsRVmFMyf%2Brc%2F0FDOm0ZxR5X%2FycP1ohFGUWGNd%2B6Hudx%2Bc6fsI35ieOjRj5WOC%2BO4akTZMBs6Tk&s2s=1
Title: Urologists: Men, Forget the Blue Pill! This "Destroys" ED Smart Life Reports

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Wgoi2H0RHkRnho6q4LzI5T%2F%2BzyTZ6LZxA%2F6C4owiWYRBDPxMNdgZ4JhfbaTdPQEqoXBEz5crHu9sRWY7MGGN7dkSL8YvelvP1gx3gZz0w%2FPzwVDFU98roGyiwJtlo9EcYYbIeK3sAO9C02dcwqJlsaDvBzNxdwcWzFQvvLT9N4atvSaHa1%2FSUypSJheP9tqgQBVNao68faL43ckSZ81Z4h121QmsGvjj8g6N1j9ISdulUxncFUy%2FfrIFUKvPSosXLM%2F06v2Nl%2B%2F0m3FMPJdyaltZ4WzFMbuLLSiMtUax303ZdKPJ68rreN9yYZ3sLWEgzCwOgrYRmdar5Lbzb2jrO2WI4%2FE0kv5cFmd3YjpxZhjeyBdkEOcoAu9IH2e%2FoRE67LKDV%2B9%2BgeJ3WnZi3V3WHK3OsaptF550zlcKDpKAulTcX7fk%2FjP3XCmiChwDvI8jWxjBBpjdWcLUJmPCYXuBp%2BVpZjKh2b7T0ikRyGj%2FmkLvT5O5r34IiAD3qHfOx%2FUkwFM5l8H5rxbeS9l6D%2FKYeGf0igHgXBTsdAgQYFvnwgfE2JHb5GhJeTALmlG9n0zlBZt9jkJ93ASza4OaWf5B0%2F8Z%2Fu4S0Vbklin1uzWD28STO89fa0dh9LiHdwjcQxWnUvcUOdmrAw1YaqvPwIqPdVA01zRQGqfpUZHbUzxFXyOBqzrZrG8k1js8PVJ8PRQycWn6DU2QOkjZdv83YOsUnet4PdZWEaqXDZnY%2FyyYMU3SVMlHqd2wN6LAP%2FpN9vq8ekBKCcgF7ntb9rg%2FfLwG6phkPUv5pNpmznUH0RUNz5AvZTd1ZDYzFEaadJHtly0eawql9H%2FYwNpXXdRUP7gWVeGFjUxF4X5p8fYnk88dExBd9DkyIuKPYO21t9Aie3t4ES1rYVttR9mpDHkDLXVRY1bUglofxWVTJ5xhmkIxaToLmnVuBaIDpjjVcb5wbSuseKekpvY4PcWxL2bdb27ZS9tt5G31o3nHngv8nqZOcFh8YGBbKllCVo722mHEq0wLOFwVhUzDxwImVd3%2BX0Mfkoq1OZbWZd2wgXkgns4J6r2OjzLJlupjgEGeU1t9vr2%2BpC4bYAeGi%2Fs3cvgzpTdUcjjoJFnzaw9m7pjV2LNeiPVMY03UETvRByDl7d5VVNCuJFcoUx3uIdoPZz%2FyezOXNrG%2F5inaMWiJ1upv7udXOjo%3D&s2s=1
Title: Zurich: Millionaires Want to Ban This Video - Watch It Now! Taohua-dao.com

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yxsj8ra9
Title: I Killed Bruce Lee with the Death Touch - Caution: Don't Use it Unless Your Life is in DANGER!

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=64.62.227.29&utm_medium=referral&utm_campaign=widgets&utm_content=720412

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://clipground.com/images/clipart-connecting-the-dots-19.jpg HTTP 301
https://clipground.com/images/clipart-connecting-the-dots-19.jpg

Request Chain 66

http://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122 HTTP 301
https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122

Request Chain 68

http://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122 HTTP 301
https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554316536&t=pageview&_s=1&dl=http%3A%2F%2F64.62.227.29%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=129993519&gjid=282170733&cid=1750972945.1588371874&tid=UA-16055024-1&_gid=889929641.1588371874&_r=1&gtm=2ou4m0&z=110277052 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_gid=889929641.1588371874&gjid=282170733&_v=j81&z=110277052 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052&slf_rd=1&random=2383611565

Request Chain 85

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=92cf3d09-74b8-4d32-83eb-66cac92dec0f&ttl=1590963874

Request Chain 86

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7

Request Chain 88

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=4c423569-f9ea-527b-b4ba-f88aea165928

Request Chain 89

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=6f6a5fdc-1f31-456f-aecc-413f8e4501ac

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQxeDZyeXdXWm9m&muidn=k41x6rywWZof HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQxeDZyeXdXWm9m&muidn=k41x6rywWZof&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k41x6rywWZof&google_ula={guid},5&google_gid=CAESEAFHrII4BovAIYfgQIrFQw0&google_cver=1

Request Chain 92

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=862d68fa-795e-476e-b22a-71afc413ef83

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=303&user_id=k41x6rywWZof HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7 HTTP 303
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7&_li_chk=true&previous_uuid=f2ca42979e284e2c841d86af39e37e70 HTTP 303
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7

Request Chain 94

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 95

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.29%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.29%2F&c9=&cs_ak_ss=1

Request Chain 145

https://b1sync.zemanta.com/usersync/revcontent/?puid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1588371875 HTTP 302
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&rev_dt=1588371875&s=2 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y

Request Chain 146

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D&geo=35&rev_dt=1588371875 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%25253D%26geo%3D35%26rev_dt%3D1588371875 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&geo=35&rev_dt=1588371875

Request Chain 147

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588371875 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1588371875 HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=revcontent&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=kWLRv8Iey1TxFpnqOovPUuxg&ssp=revcontent HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02

Request Chain 149

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&rev_dt=1588371875 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83

Request Chain 158

https://b1sync.zemanta.com/usersync/revcontent/?puid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1588371880 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DYTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%253D&geo=35&rev_dt=1588371880 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&geo=35&rev_dt=1588371880

Request Chain 160

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588371880 HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d5edb9ed-dc9a-49e9-ae00-e1e6ea644942&ssp=revcontent&user_group=1 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02

Request Chain 162

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&rev_dt=1588371880 HTTP 302
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83

170 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
64.62.227.29/ 80 KB
19 KB 319ms
307ms Document
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

cf11edd56772952b727f64d496f8305b6d5af355592a3f65ca2e6fac50b5a233

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: 64.62.227.29
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Fri, 01 May 2020 22:24:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 21ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Oswald:700|Scada:700

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33e89acec5c07a37996a6fda0ab9c029199b2ae3f8913fda8fbee66d0cc58ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 May 2020 22:24:32 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 01 May 2020 22:24:32 GMT

GET
H/1.1 200
OK global-bin-rev-493.css
64.62.227.29/static/css-v3/ 15 KB
4 KB 323ms
311ms Stylesheet
text/css 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/css-v3/global-bin-rev-493.css
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 84ba294d86a6a8c4ec2962bb2e461958d5bc4e101e798b145604dca530b30041

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:59:00 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba254-3b12"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK fancybox-bin-rev-493.css
64.62.227.29/static/css-v3/ 8 KB
2 KB 324ms
312ms Stylesheet
text/css 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/css-v3/fancybox-bin-rev-493.css
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0b21fd04aad89a54b03408155906f1cd1b363cb16cf0753504b18e996d8a6662

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:59:00 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba254-1f5d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK home-bin-rev-493.css
64.62.227.29/static/css-v3/ 28 KB
8 KB 337ms
326ms Stylesheet
text/css 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/css-v3/home-bin-rev-493.css
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f35f2e9629cb78bbd4f678617d0c66a026de966a932596d22ad4306c9b449292

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:59:00 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba254-6f5a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK responsive-bin-rev-493.css
64.62.227.29/static/css-v3/ 20 KB
4 KB 323ms
311ms Stylesheet
text/css 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/css-v3/responsive-bin-rev-493.css
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 282ab5b6f36b8ea72f1cd6847968dc52be62ae5d7c97119a335a6d2673c258c5

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:59:00 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba254-4eaa"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK jquery-fancybox-mobiledetect-uuid.js Show response
64.62.227.29/static/js-v3/ 146 KB
62 KB 320ms
308ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: db135e93bd989f186cc30e9846c9b9c02e19d1bfd319ed0f1703282ac40d500f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 07:42:38 GMT
Server: nginx/1.12.2
ETag: W/"5d5269ee-248c5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK global-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 18 KB
6 KB 448ms
158ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 290a97a808d03681d8189c9d6b1c327780f2730b6af5b1faced70c4ceb535666

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:17 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba229-476a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H/1.1 200
OK top-logo.png
64.62.227.29/img/v3/ 2 KB
3 KB 169ms
169ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/top-logo.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Last-Modified: Mon, 18 Jun 2018 21:28:42 GMT
Server: nginx/1.12.2
ETag: "5b28240a-8ab"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2219
Expires: Sat, 01 May 2021 22:24:32 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/HgL9XfqaIoo/ 43 KB
44 KB 61ms
40ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/HgL9XfqaIoo/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f61a64f136059a57a37f529607cde5c21ddc712fc78835d18e5e4c960d152e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1588369200"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44365
x-xss-protection: 0
expires: Fri, 01 May 2020 22:29:33 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/cIHgzaaewTk/ 39 KB
39 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cIHgzaaewTk/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b446b84b6af05a88997d60472ccb256a81c1478718beeec74590b2f6f4edef1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1588342758"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39578
x-xss-protection: 0
expires: Fri, 01 May 2020 22:29:33 GMT

GET
H/1.1 200
OK no-img.png
64.62.227.29/img/v3/ 2 KB
2 KB 169ms
169ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/no-img.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0acb257899ff2d4a9e60070bf9ecc351d2b849a1a0ce9a4bbd3e9a2a96fc1c5f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Wed, 06 Jun 2018 18:26:21 GMT
Server: nginx/1.12.2
ETag: "5b18274d-644"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qq2uuHfmq8k/ 38 KB
38 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qq2uuHfmq8k/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

044d653d3ceb3b946b4c68e520b86f374d292597f367112348802146a377ae17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 20:59:28 GMT
x-content-type-options: nosniff
server: sffe
age: 5105
etag: "1588102025"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38676
x-xss-protection: 0
expires: Fri, 01 May 2020 22:59:28 GMT

GET
H/1.1 200
OK 444444.jpg
64.62.227.29/contributor/upload/106013/images/ 11 KB
12 KB 164ms
159ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/444444.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1d66ea0645104ca4aad60e60d8503b4b6ff11f0ac73e0bcdd4eb9f61bca27293

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Fri, 01 May 2020 11:27:46 GMT
Server: nginx/1.12.2
ETag: "5eac07b2-2cd0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11472
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/vyjYiSBFYMw/ 22 KB
22 KB 31ms
7ms Image
image/jpeg 2a00:1450:4001:81a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vyjYiSBFYMw/hqdefault.jpg?sqp=-oaymwEXCPYBEIoBSFryq4qpAwkIARUAAIhCGAE=&rs=AOn4CLAvyG6KwRnCkU0cJU4Db3Z0cumCtA

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b9b8913183ccc67373efa22a1d5cd514aa036d1bc3626e6c2e2f168f2590c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:46:29 GMT
x-content-type-options: nosniff
server: sffe
age: 2284
etag: "1579123030"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22478
x-xss-protection: 0
expires: Fri, 01 May 2020 23:46:29 GMT

GET
H/1.1 200
OK twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 498ms
166ms Image
image/png 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Fri, 23 Aug 2019 03:39:16 GMT
Server: nginx
ETag: "27e00bc-ad4-590c08cee5349"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2772

GET
H/1.1 200
OK Bugging_Out.jpg
prepforshtf.com/wp-content/uploads/2014/01/ 225 KB
225 KB 377ms
361ms Image
image/jpeg 162.144.153.251
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://prepforshtf.com/wp-content/uploads/2014/01/Bugging_Out.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 162.144.153.251 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.prepforshtf.com
Software: nginx/1.18.0 /
Resource Hash: 433539c7c956ed132a3ae11f86e1c30364ad74265738100c2c69c44961cb2728

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Tue, 29 Apr 2014 19:10:03 GMT
Server: nginx/1.18.0
X-Server-Cache: false
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229991

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/XnukTEzd_1c/ 37 KB
37 KB 32ms
26ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/XnukTEzd_1c/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9be76ccc3670f2642ee91049a17a21e248f8388b589f16fbe486c35814f13781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:20:39 GMT
x-content-type-options: nosniff
server: sffe
age: 234
etag: "1588289343"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37587
x-xss-protection: 0
expires: Fri, 01 May 2020 22:25:39 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/qjFuCdFAzlE/ 38 KB
38 KB 31ms
25ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qjFuCdFAzlE/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775fba6b7aea8ecede20dda92897c38651528c7f1cb73924a9dd34a23411d2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 20:37:34 GMT
x-content-type-options: nosniff
server: sffe
age: 6419
etag: "1588095336"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39258
x-xss-protection: 0
expires: Fri, 01 May 2020 22:37:34 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/rnbf9wccdxE/ 29 KB
29 KB 30ms
24ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/rnbf9wccdxE/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

521adc59704ee23346cec5bab1abeb63cf7421a4b46c9f8346f3dcea5c951ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:19:55 GMT
x-content-type-options: nosniff
server: sffe
age: 278
etag: "1588073809"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29669
x-xss-protection: 0
expires: Sat, 02 May 2020 00:19:55 GMT

GET
H2

200

clipart-connecting-the-dots-19.jpg
clipground.com/images/
Redirect Chain

http://clipground.com/images/clipart-connecting-the-dots-19.jpg
https://clipground.com/images/clipart-connecting-the-dots-19.jpg

249 KB
250 KB

38ms
21ms

Image
image/jpeg

2606:4700:3033::6812:2159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipground.com/images/clipart-connecting-the-dots-19.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:2159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d515ed2f964c9ed47814c93edcd7a1cec301ad1896d4ac49e4c184e6ad9ef214

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Dec 2019 15:07:38 GMT
server: cloudflare
age: 78686
etag: "3e42e-598ce0e954342;59bb0d1e8ff97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58cce9d06ca90621-FRA
content-length: 255022
cf-request-id: 0273f0764400000621493eb200000001

Redirect headers

Date: Fri, 01 May 2020 22:24:33 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://clipground.com/images/clipart-connecting-the-dots-19.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58cce9cfef3a16ee-FRA
cf-request-id: 0273f075f5000016ee2c28e200000001
Expires: Fri, 01 May 2020 23:24:33 GMT

GET
H2 200 1024px-JAPAN_EARTHQUAKE_20110311.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/3/3d/JAPAN_EARTHQUAKE_20110311.svg/ 289 KB
290 KB 48ms
15ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/3/3d/JAPAN_EARTHQUAKE_20110311.svg/1024px-JAPAN_EARTHQUAKE_20110311.svg.png

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.7 /

Resource Hash

e441398ba7475ff7582717ac41cbdecf7c604b575d3fec23505bf1fb7c245756

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 16:22:56 GMT
age: 0
x-cache-status: hit-local
x-cache: cp3065 hit, cp3063 pass
status: 200
server-timing: cache;desc="hit-local"
content-length: 296070
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: ki7qseqiq32grd88bftrzvf7vkf09bo
last-modified: Wed, 23 Oct 2013 07:46:55 GMT
server: ATS/8.0.7
etag: f0c9de83a6bbbd74cb32c547be884553
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1382514414.48437
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/RjePVhDfaMk/ 12 KB
13 KB 29ms
6ms Image
image/webp 2a00:1450:4001:81a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RjePVhDfaMk/hqdefault.jpg?sqp=-oaymwEZCPYBEIoBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLAllWEZUD_q1NvGdfcP-AQA_h45dg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc992be2d573cd1ebfe75a7550675ccee88a5d15e02f5346113606764876d315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:15:19 GMT
x-content-type-options: nosniff
server: sffe
age: 4154
etag: "1587675975"
content-type: image/webp
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12744
x-xss-protection: 0
expires: Fri, 01 May 2020 23:15:19 GMT

GET
H/1.1 200
OK 4-5.jpg
64.62.227.29/contributor/upload/106013/images/ 21 KB
21 KB 166ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/4-5.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2e790e4328cad85c99450f90ee1316cafc446e57efa611b8fde93d344c6a5d23

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Fri, 18 Oct 2019 22:49:18 GMT
Server: nginx/1.12.2
ETag: "5daa416e-5408"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21512
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H2 200 screen-shot-2020-05-01-at-4.51.29-am.png
justusaknight.files.wordpress.com/2020/05/ 343 KB
344 KB 142ms
48ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://justusaknight.files.wordpress.com/2020/05/screen-shot-2020-05-01-at-4.51.29-am.png?w=998&h=558
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1bd038827b45687b5b3905333bd9eb470023d5b62e27c25d0d70aa818060ce61

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT fra 23 np
date: Fri, 01 May 2020 22:24:33 GMT
last-modified: Fri, 01 May 2020 12:01:01 GMT
server: nginx
vary: Accept
content-type: image/png
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 351415
expires: Tue, 26 May 2020 08:19:31 GMT

GET
H/1.1 200
OK Trojan_Horse%20(1).png
64.62.227.29/contributor/upload/713008/images/ 46 KB
46 KB 159ms
158ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/713008/images/Trojan_Horse%20(1).png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5844ddc6cc8f7570f76a5d02103c0547a11bd401e9a52e176de229847079a412

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Tue, 28 Apr 2020 23:26:18 GMT
Server: nginx/1.12.2
ETag: "5ea8bb9a-b853"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47187
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK the-matrix-red-or-blue-pill2.jpg
64.62.227.29/contributor/upload/352132/images/ 40 KB
41 KB 162ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/352132/images/the-matrix-red-or-blue-pill2.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ee21d95ded7d3979310536a68f2997280d65748dae9a4f6bcfa81fa0af48e563

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Wed, 29 Apr 2020 08:25:22 GMT
Server: nginx/1.12.2
ETag: "5ea939f2-a11a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41242
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK 230576_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 20 KB
20 KB 539ms
108ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/230576_web.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2e106f90c7033964a9cf39d12349c27b85d5bcbff5448c0fd25a3f02e9f7761d

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Last-Modified: Wed, 29 Apr 2020 17:07:46 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1423ec0-50ce-5a470fcb0db44"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 20686

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/kUBQYk3qA1Q/ 17 KB
17 KB 29ms
24ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/kUBQYk3qA1Q/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54bcddcecad627e0b7dafccf904067b248d30bfaae3e1ad5b602cba462562b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:21:43 GMT
x-content-type-options: nosniff
server: sffe
age: 170
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17102
x-xss-protection: 0
expires: Fri, 01 May 2020 22:26:43 GMT

GET
H/1.1 200
OK 229925_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 197 KB
197 KB 543ms
113ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/229925_web.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e5d1b57d9611ca49002158169cfaa3e395f3df4e73ea6c73f7db769db1cbc3c6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Last-Modified: Wed, 22 Apr 2020 19:18:51 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "14234a7-313f7-5a3e6009a6426"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 201719

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/iOn46gAo9XY/ 28 KB
28 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/iOn46gAo9XY/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c3761dfed3ab65d7ebee8496ae8f002ffa00f3269836383df81fb4a72996c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:21:43 GMT
x-content-type-options: nosniff
server: sffe
age: 170
etag: "1588363526"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28488
x-xss-protection: 0
expires: Fri, 01 May 2020 22:26:43 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/hcYkv9wZ-fE/ 28 KB
28 KB 26ms
22ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hcYkv9wZ-fE/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52081b82a23acfc93e303ccbbb1ae906718325321f055518eaa48302d6331877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:15:37 GMT
x-content-type-options: nosniff
server: sffe
age: 536
etag: "1587670816"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28269
x-xss-protection: 0
expires: Sat, 02 May 2020 00:15:37 GMT

GET
H/1.1 200
OK 230541_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 130 KB
130 KB 562ms
117ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/230541_web.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 39873b664a0805fb5cc7134fdd757cd81f8ebdb1a06b4a241f1490c0d9e6cb0f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Last-Modified: Wed, 29 Apr 2020 14:21:57 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1423e33-208a8-5a46eabacfaf3"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 133288

GET
H/1.1 200
OK original4.jpg
64.62.227.29/contributor/upload/2823/images/ 22 KB
22 KB 163ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/2823/images/original4.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 927ca43432f4a9d6aebf28a60a6356ccf1f784a7028a8e164ac3815a440fd848

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Fri, 01 May 2020 05:36:17 GMT
Server: nginx/1.12.2
ETag: "5eabb551-5836"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22582
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK david-wilcock-2018-alien-tech-at-the-vatican-november-20182(1).jpg
64.62.227.29/contributor/upload/106013/images/ 12 KB
13 KB 159ms
159ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/david-wilcock-2018-alien-tech-at-the-vatican-november-20182(1).jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fb0311b01be6953a708740abe61c6b3e2da274166de9d626e66a8a2241602f63

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Mon, 27 Apr 2020 11:15:50 GMT
Server: nginx/1.12.2
ETag: "5ea6bee6-30c3"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12483
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK loading.gif
64.62.227.29/img/v3/ 37 KB
38 KB 310ms
160ms Image
image/gif 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/loading.gif
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Wed, 13 Jun 2018 18:37:21 GMT
Server: nginx/1.12.2
ETag: "5b216461-95e7"
Content-Type: image/gif
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38375
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/QTz_ztlLbFg/ 45 KB
45 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QTz_ztlLbFg/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf5c344aa2aeadbc7e38926b401852a338ebbcef2e5ac668c8dc8aa430cc353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:21:20 GMT
x-content-type-options: nosniff
server: sffe
age: 193
etag: "1588201001"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46198
x-xss-protection: 0
expires: Fri, 01 May 2020 22:26:20 GMT

GET
H/1.1 200
OK pleides.jpg
64.62.227.29/contributor/upload/106013/images/ 47 KB
48 KB 169ms
169ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/pleides.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5f08c1676cdc0205910cfb8cb24b7a1817363481cabaf63babd1c1f8006c359f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Last-Modified: Fri, 01 May 2020 21:29:39 GMT
Server: nginx/1.12.2
ETag: "5eac94c3-bcde"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48350
Expires: Sat, 01 May 2021 22:24:34 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ik76ll0pKn4/ 43 KB
43 KB 49ms
46ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ik76ll0pKn4/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de56c9345854e798d520e48060fed481216d2aceafb683bd904abcc8a1807f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1588200931"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44122
x-xss-protection: 0
expires: Fri, 01 May 2020 22:29:33 GMT

GET
H/1.1 200
OK fauci.jpg
www.dodgingdeception.com/wp-content/uploads/2020/04/ 45 KB
45 KB 279ms
232ms Image
image/jpeg 132.148.46.86
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.dodgingdeception.com/wp-content/uploads/2020/04/fauci.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 132.148.46.86 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-46-86.ip.secureserver.net
Software: Apache /
Resource Hash: 5db54b61eedc1eb80e8c9e879774553707e1596e38b3ef22b37c7c4d0ee360d7

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Tue, 21 Apr 2020 03:54:27 GMT
Server: Apache
ETag: "1e2869-b38b-5a3c4f8d36f9a"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5
Content-Length: 45963

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/CyiocCH1w3o/ 25 KB
25 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/CyiocCH1w3o/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9986a11e04cd5c111dc5b9139440f423cda4bf4c186062a0857d1a55b63c0fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:36:01 GMT
x-content-type-options: nosniff
server: sffe
age: 2912
etag: "1587570635"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25131
x-xss-protection: 0
expires: Fri, 01 May 2020 23:36:01 GMT

GET
H2 200 avalantinas_G47202_v1-2-2_0.jpg
www.brown.edu/sites/g/files/dprerj316/files/2020-04/ 151 KB
152 KB 586ms
541ms Image
image/jpeg 2606:4700::6812:3ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.brown.edu/sites/g/files/dprerj316/files/2020-04/avalantinas_G47202_v1-2-2_0.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40355da0a1cf2395421e8a8792a6b62d5e468548985e89e5df4d01d0b09231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97095
x-cache: HIT
status: 200
x-ah-environment: 01live
content-length: 154558
cf-request-id: 0273f07650000063f55bbac200000001
x-request-id: v-94dc14c8-8b17-11ea-be36-735d697a8621
x-tracker: 1a457a5f-942c-44ca-9089-0c0595b5117d
last-modified: Thu, 30 Apr 2020 19:19:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 15 May 2020 22:24:33 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 58cce9d0881b63f5-FRA
x-cache-hits: 1

GET
H2 200 jack-madden-kozakis-1b-a.jpg
news.cornell.edu/sites/default/files/styles/story_thumbnail_xlarge/public/2020-04/ 74 KB
74 KB 142ms
19ms Image
image/jpeg 2620:12a:8000::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.cornell.edu/sites/default/files/styles/story_thumbnail_xlarge/public/2020-04/jack-madden-kozakis-1b-a.jpg?itok=cPqk6CPz
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:12a:8000::1 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a0517892013111163286450708b26c4b74583570f73e2b176604dd4427ff8c4

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
via: 1.1 varnish
age: 115729
x-pantheon-styx-hostname: styx-fe1-a-789d66bff9-57rpt
x-cache: HIT, HIT
status: 200
content-length: 75665
x-served-by: cache-mdw17360-MDW, cache-fra19148-FRA
last-modified: Thu, 30 Apr 2020 14:12:37 GMT
server: nginx
x-timer: S1588371873.478187,VS0,VE12
etag: "5eaadcd5-12791"
content-type: image/jpeg
x-styx-req-id: 149ef813-8aed-11ea-adc9-32a9102b2f0a
expires: Sat, 01 May 2021 14:15:44 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK steve-quayle(4).jpg
64.62.227.29/contributor/upload/106013/images/ 43 KB
43 KB 159ms
159ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/steve-quayle(4).jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2902c546786110f067783a6f7d429fb4edcb36142560c83d0c51fae22c4b5446

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Last-Modified: Sat, 28 Mar 2020 11:30:38 GMT
Server: nginx/1.12.2
ETag: "5e7f355e-ab00"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43776
Expires: Sat, 01 May 2021 22:24:34 GMT

GET
H/1.1 200
OK 230594_web.jpg
media.eurekalert.org/multimedia_prod/pub/web/ 51 KB
51 KB 517ms
122ms Image
image/jpeg 198.151.217.193
AAAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eurekalert.org/multimedia_prod/pub/web/230594_web.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.151.217.193 Washington, United States, ASN22671 (AAAS, US),
Reverse DNS: ekamedia03.eurekalert.org
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62cfa9e4acd15a3fa256ed4ca383b2ae5f04daff3e850ae16076c3b5fbb97f80

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Last-Modified: Wed, 29 Apr 2020 20:02:58 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1423f08-ca59-5a4736f3d8d73"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 51801

GET
H2 200 Screen-Shot-2020-04-30-at-9.42.57-AM.png
lisahaven.news/wp-content/uploads/2020/04/ 331 KB
332 KB 158ms
45ms Image
image/png 2606:4700:3035::681f:5baa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2020/04/Screen-Shot-2020-04-30-at-9.42.57-AM.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681f:5baa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6819dfed7eb501db0fcbc32ee6d326137a89123cea1564e1695a33151145a291

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Apr 2020 16:47:31 GMT
server: cloudflare
age: 4847
etag: "52c64-5a484d2207970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58cce9d18c67d725-FRA
content-length: 339044
cf-request-id: 0273f076f90000d725db8e4200000001

GET
H2 200 Screen-Shot-2020-05-01-at-10.02.11-AM.png
lisahaven.news/wp-content/uploads/2020/05/ 785 KB
786 KB 73ms
51ms Image
image/png 2606:4700:3035::681f:5baa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lisahaven.news/wp-content/uploads/2020/05/Screen-Shot-2020-05-01-at-10.02.11-AM.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681f:5baa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ab59d68e1b11fd20e259dba9ba56064f0b4e237ce2a94a3cdd90d632900a74

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 17:14:14 GMT
server: cloudflare
age: 4039
etag: "c4441-5a4994f7ed9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 58cce9d18c6bd725-FRA
content-length: 803905
cf-request-id: 0273f076f90000d725db8e5200000001

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/kgnBldI7KPY/ 27 KB
27 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/kgnBldI7KPY/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86f81e43a18aeef7f42e4e0c0ea008c2589e50ce35ba48f1df48bc9c3008978d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: sffe
age: 16
etag: "1588160937"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Fri, 01 May 2020 22:29:17 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/V-rlEQb2gPc/ 42 KB
42 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/V-rlEQb2gPc/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a953b68956d6fbce0f945b5054517181c5494c7ab8bea2eabdfa0148b444b55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:20:12 GMT
x-content-type-options: nosniff
server: sffe
age: 261
etag: "1588292521"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42865
x-xss-protection: 0
expires: Fri, 01 May 2020 22:25:12 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/oEqeMawTviI/ 34 KB
34 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/oEqeMawTviI/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acfcc19a9f6a66c291c2cb15d43fc17776290084d60b3f3cc8185a2e62357a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:23:20 GMT
x-content-type-options: nosniff
server: sffe
age: 73
etag: "1588364711"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35188
x-xss-protection: 0
expires: Fri, 01 May 2020 22:28:20 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/KkzDQAeKcIU/ 10 KB
10 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/KkzDQAeKcIU/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081a6a33854977a72d3c8ec7f5f72b6d637c9fef8100adc119235fe1f4cdb257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 20:37:34 GMT
x-content-type-options: nosniff
server: sffe
age: 6419
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10417
x-xss-protection: 0
expires: Fri, 01 May 2020 22:37:34 GMT

GET
H2 200 800px-Floor_cleaner_inside_Sullivan_Hall.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/45/Floor_cleaner_inside_Sullivan_Hall.jpg/ 115 KB
116 KB 15ms
14ms Image
image/webp 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/45/Floor_cleaner_inside_Sullivan_Hall.jpg/800px-Floor_cleaner_inside_Sullivan_Hall.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.7 /

Resource Hash

1a9189400cb45a38f1f81e1dc5d66b6a380a87ad4d0d82321294fa1c11acecfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 19:00:18 GMT
age: 12255
x-cache-status: hit-front
x-cache: cp3059 hit, cp3063 hit/134
status: 200
server-timing: cache;desc="hit-front"
content-length: 118226
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Thu, 30 Apr 2020 15:58:56 GMT
server: ATS/8.0.7
etag: bdb383fe5c7cc683d9cf4f9224c512ef
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1588262335.35891
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 screen-shot-2020-04-30-at-4.45.54-am.png
justusaknight.files.wordpress.com/2020/04/ 267 KB
268 KB 39ms
38ms Image
image/png 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://justusaknight.files.wordpress.com/2020/04/screen-shot-2020-04-30-at-4.45.54-am.png?w=501&h=282
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b9f5a4629b763f54306a52e87966116e6ef92659a74702d5cae896385d7357f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT fra 23 np
date: Fri, 01 May 2020 22:24:33 GMT
last-modified: Thu, 30 Apr 2020 11:47:06 GMT
server: nginx
vary: Accept
content-type: image/png
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 273854
expires: Fri, 29 May 2020 03:01:12 GMT

GET
H2 200 Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg
i0.wp.com/amg-news.com/wp-content/uploads/2020/04/ 43 KB
43 KB 66ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/amg-news.com/wp-content/uploads/2020/04/Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg?resize=696%2C391&ssl=1

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

64033276ca5e3af1767145de791323f03fa20f6ff0fdb64985d318e88a1bea58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
x-bytes-saved: 10545
last-modified: Tue, 28 Apr 2020 14:59:29 GMT
server: nginx
etag: "31ef422592e30845"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://amg-news.com/wp-content/uploads/2020/04/Researcher-Claims_-Deep-Underground-Military-Bases-Recently-Destroyed%E2%80%94And-Seems-to-Have-Evidence-to-Prove-it.jpg>; rel="canonical"
content-length: 43642
expires: Fri, 29 Apr 2022 02:59:29 GMT

GET
H2 200 rainbowcloudships.jpg
officeoftheworldteacher.files.wordpress.com/2020/04/ 119 KB
119 KB 114ms
39ms Image
image/webp 192.0.72.26
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://officeoftheworldteacher.files.wordpress.com/2020/04/rainbowcloudships.jpg?w=560
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f4395b277193be1a26383aaf7283f4ae264bff22c81fad326ee5c2bc963cfa

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT fra 26 np
date: Fri, 01 May 2020 22:24:33 GMT
last-modified: Tue, 28 Apr 2020 14:21:53 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 122036
expires: Tue, 02 Jun 2020 04:39:14 GMT

GET
H/1.1 200
OK 120331_AustraliaAyersRock_planetorDione_daylight_0m23s.jpg
64.62.227.29/contributor/upload/418130/images/ 62 KB
63 KB 162ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/418130/images/120331_AustraliaAyersRock_planetorDione_daylight_0m23s.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: cdd69dac816b02f3bd78549515e1dc42838460c3d60f05145da8c390a0c096a5

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Last-Modified: Sun, 04 Aug 2019 01:25:57 GMT
Server: nginx/1.12.2
ETag: "5d463425-f9e5"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63973
Expires: Sat, 01 May 2021 22:24:34 GMT

GET
H/1.1 200
OK ximage.php,qimage=,_images,_uploads,_2020,_04,_27,_COVIDScholar-teamphoto.jpg,awidth=502,aheight=334.pagespeed.ic.14OqlAxzxJ.webp
www.newswise.com/legacy/ 28 KB
29 KB 462ms
112ms Image
image/webp 54.164.167.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newswise.com/legacy/ximage.php,qimage=,_images,_uploads,_2020,_04,_27,_COVIDScholar-teamphoto.jpg,awidth=502,aheight=334.pagespeed.ic.14OqlAxzxJ.webp
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.167.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: www.newswise.com
Software: Apache/2.4.7 (Ubuntu) mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f / PHP/5.5.9-1ubuntu4.29
Resource Hash: 99438ffbcf0f6c52c1d585c6d66b58c84ea5d8b122ed82628c784772ee30a1b7

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:22 GMT
Etag: W/"0"
X-Original-Content-Length: 55628
Server: Apache/2.4.7 (Ubuntu) mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Content-Type: image/webp
Cache-Control: max-age=31536000
Last-Modified: Fri, 01 May 2020 21:59:06 GMT
Connection: Keep-Alive
Link: <https://www.newswise.com/legacy/image.php?image=/images/uploads/2020/04/27/COVIDScholar-teamphoto.jpg&width=502&height=334>; rel="canonical"
Content-Length: 28828
Keep-Alive: timeout=5, max=500
Expires: Sat, 01 May 2021 21:59:06 GMT

GET
H/1.1 200
OK Udklip.JPG
64.62.227.29/contributor/upload/106013/images/ 44 KB
45 KB 162ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/contributor/upload/106013/images/Udklip.JPG
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f5ff5c69bcf521d98360ab43448284ecdb005dbb53f7af91d3518374e4853302

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Last-Modified: Sat, 25 Apr 2020 19:56:29 GMT
Server: nginx/1.12.2
ETag: "5ea495ed-b0fc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45308
Expires: Sat, 01 May 2021 22:24:34 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/g5f_6ltv7oI/ 34 KB
34 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/g5f_6ltv7oI/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938dd15a3391424101fc6cd9aa7e75e2c10abea391f225a6e904afede729989d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:21:14 GMT
x-content-type-options: nosniff
server: sffe
age: 199
etag: "1588289760"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35067
x-xss-protection: 0
expires: Fri, 01 May 2020 22:26:14 GMT

GET
H/1.1 200
OK ads.png
64.62.227.29/img/v3/ 95 B
436 B 184ms
158ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/ads.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Thu, 30 May 2019 00:55:31 GMT
Server: nginx/1.12.2
ETag: "5cef2a03-5f"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK the_origin_of_ccp_virus.jpg
64.62.227.29/img/banner2020/ 36 KB
36 KB 247ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/banner2020/the_origin_of_ccp_virus.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c9c8286937b76dfd180d642df44491945e7f0a795841b53686182320e122678e

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Sat, 11 Apr 2020 21:43:08 GMT
Server: nginx/1.12.2
ETag: "5e9239ec-8f36"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36662
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK tabs-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 189 B
572 B 169ms
169ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/tabs-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 335fa63197718a5840adef5761fc5c67b9fb4274798aa53b60cfdc4d4b2043a7

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:20 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba22c-bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ff741e29e6d898614d829c3f3fd6ea1f51d664be8243e41ef2a455d81adb955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30217
x-xss-protection: 0
last-modified: Fri, 01 May 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 May 2020 22:24:33 GMT

GET
H/1.1 200
OK top-bg.png
64.62.227.29/img/v3/ 164 B
506 B 161ms
161ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/top-bg.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3

Request headers

Referer: http://64.62.227.29/static/css-v3/global-bin-rev-493.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Mon, 18 Jun 2018 21:28:42 GMT
Server: nginx/1.12.2
ETag: "5b28240a-a4"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK search.png
64.62.227.29/img/b4in/ 805 B
1 KB 169ms
169ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/b4in/search.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a

Request headers

Referer: http://64.62.227.29/static/css-v3/global-bin-rev-493.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Thu, 13 Apr 2017 09:52:51 GMT
Server: nginx/1.12.2
ETag: "58ef4a73-325"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 805
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H/1.1 200
OK TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: http://64.62.227.29

Response headers

Date: Fri, 01 May 2020 15:47:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 00:19:33 GMT
Server: sffe
Age: 23820
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 16468
X-XSS-Protection: 0
Expires: Sat, 01 May 2021 15:47:33 GMT

GET
H/1.1 200
OK RLp8K5Pv5qumeVrU6CEnT1Y.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/scada/v8/RLp8K5Pv5qumeVrU6CEnT1Y.woff2

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Oswald:700|Scada:700
Origin: http://64.62.227.29

Response headers

Date: Tue, 14 Apr 2020 21:23:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Jul 2019 03:28:05 GMT
Server: sffe
Age: 1472492
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15124
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 21:23:01 GMT

GET
H2

200

beforeitsnews.com.351459.js Show response
jsc.mgid.com/b/e/ Frame F03A
Redirect Chain

http://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122

133 KB
37 KB

48ms
21ms

Script
text/javascript

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 5144
cf-polished: origSize=136281
status: 200
last-modified: Tue, 14 Apr 2020 10:32:10 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: DCEE7E5A1859EF3B
x-amz-id-2: 7XOP/ROfDPRfM+5xuaf4k+Mci3U1PFZ+ph/M7hq+hnif5ObYQC2xkK4/nVkaxPQRFyA62z3Ma8I=
cf-bgj: minify
server: cloudflare
etag: W/"47916287a0415d9f45a9eced327c836c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 0273f078100000cc3617bc7200000001
cf-ray: 58cce9d34f9ecc36-ZRH
expires: Fri, 01 May 2020 23:24:33 GMT

Redirect headers

Date: Fri, 01 May 2020 22:24:33 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58cce9d2f9b5cc4e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0273f077d80000cc4ebdb0c200000001
Expires: Fri, 01 May 2020 23:24:33 GMT

GET
H/1.1 200
OK culturebg.jpg
64.62.227.29/img/v3/ 15 KB
15 KB 241ms
169ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/culturebg.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017

Request headers

Referer: http://64.62.227.29/static/css-v3/global-bin-rev-493.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Last-Modified: Sat, 09 Feb 2019 15:29:21 GMT
Server: nginx/1.12.2
ETag: "5c5ef1d1-3be6"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15334
Expires: Sat, 01 May 2021 22:24:33 GMT

GET
H2

200

beforeitsnews.com.720412.js Show response
jsc.mgid.com/b/e/ Frame EACC
Redirect Chain

http://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122
https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122

134 KB
37 KB

64ms
38ms

Script
text/javascript

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 2143
cf-polished: origSize=136922
status: 200
last-modified: Tue, 14 Apr 2020 10:35:13 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: FAEAA64815C5B0B3
x-amz-id-2: hS2UZJf/BIgwBOJ6EKYZau1Q94I71VP2R2R9+Sko4ttKQvqicFZeX3Ay9c9DCXlarqvFo2+eUy4=
cf-bgj: minify
server: cloudflare
etag: W/"19656a38703420602a45aa4d31c93b32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 0273f078110000cc3617bc8200000001
cf-ray: 58cce9d34fa2cc36-ZRH
expires: Fri, 01 May 2020 23:24:33 GMT

Redirect headers

Date: Fri, 01 May 2020 22:24:33 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 58cce9d30ae9cc42-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0273f077e60000cc42ceaef200000001
Expires: Fri, 01 May 2020 23:24:33 GMT

GET
H/1.1 200
OK logo-bottom.jpg
64.62.227.29/img/v3/ 3 KB
3 KB 162ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/logo-bottom.jpg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4

Request headers

Referer: http://64.62.227.29/static/css-v3/global-bin-rev-493.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Last-Modified: Wed, 06 Jun 2018 18:26:21 GMT
Server: nginx/1.12.2
ETag: "5b18274d-a0e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2574
Expires: Sat, 01 May 2021 22:24:34 GMT

POST
H/1.1 200
OK count.php Show response
64.62.227.29/core/ajax/counter/ 15 B
292 B 431ms
162ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/counter/count.php

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

a538c9321748f0fa08033a6272d768efc2431c0dfefb454955d96379bab64bca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK carousel.php Show response
64.62.227.29/core/ajax/contributor/god_word/ 2 KB
1 KB 518ms
171ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/god_word/carousel.php?_=1588371873462

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

dce9dcf942103523ff5567ccfaacc2fe1ff416b00cf86be8daa3118721c1dd6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16055024-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5293
date: Fri, 01 May 2020 20:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Fri, 01 May 2020 22:56:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554316536&t=pageview&_s=1&dl=http%3A%2F%2F64.62.227.29%2F&ul=en-us&de=UTF-8&dt=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Po...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_gid=889929641.1588371874&gjid=282170733&_v=j81&z=110277052
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052&slf_rd=1&random=2383611565

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052&slf_rd=1&random=2383611565

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-16055024-1&cid=1750972945.1588371874&jid=129993519&_v=j81&z=110277052&slf_rd=1&random=2383611565
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.29/
Origin: http://64.62.227.29

Response headers

date: Thu, 23 Apr 2020 17:38:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 708370
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:38:23 GMT

GET
H2 200 1 Show response
servicer.mgid.com/351459/ 4 KB
2 KB 71ms
70ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/351459/1?w=0&h=0&cols=4&pv=5&cbuster=1588371873931566148213&niet=4g&nisd=false&ref=&lu=http%3A%2F%2F64.62.227.29%2F&pageView=1&pvid=171d257608b8f02eaa8&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b673573c69c120f481fb9b4d990fcef817153e66e350cfd3b538d8a52d16d095

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58cce9d4291bcc36-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0273f078940000cc3617bce200000001

GET
H2 200 1 Show response
servicer.mgid.com/720412/ 2 KB
1 KB 71ms
70ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/720412/1?w=370&h=304&cols=1&pv=5&cbuster=158837187394410753796&uniqId=06ff3&niet=4g&nisd=false&ref=&lu=http%3A%2F%2F64.62.227.29%2F&pageView=0&pvid=171d25760989b948499&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcda89adbcfbe479200d46f7ca6d10c5fa88c5c0ace94bb4b2d96f8a685e8cd

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58cce9d4393fcc36-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0273f078a00000cc3617bcf200000001

GET
H/1.1 200
OK incr_views.php Show response
64.62.227.29/core/ajax/contributor/god_word/ 5 B
282 B 203ms
158ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/god_word/incr_views.php?id=592&_=1588371873982

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6b6ae99f99067ed89e884e3fc94f38c694ab4f68a52d87ad5e1084ac4d8e86c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/SesiB1juHe0/ 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:81a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SesiB1juHe0/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db797398e1b15ed4daf9dffb0d4987c91935f0a8023fb4276c6d80698e33a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 20:56:46 GMT
x-content-type-options: nosniff
server: sffe
age: 5267
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17280
x-xss-protection: 0
expires: Fri, 01 May 2020 22:56:46 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
613 B 121ms
120ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1588371874007190829024
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9110f693506e8a77f8a75ff4ba02adfa0175e22fc246799354dfcbca287ce1d

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 58cce9d49a30cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0273f078df0000cc3617bd2200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0013 186 B
336 B 148ms
148ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=158837187401138511095
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 58cce9d4aa60cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0273f078eb0000cc3617bd4200000001

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 54ms
42ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 02 May 2020 22:24:34 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 97 KB
30 KB 61ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:34 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:28 GMT
server: nginx
etag: W/"5ea153c8-18582"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 02 May 2020 22:24:34 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 42ms
41ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 5083
status: 200
last-modified: Wed, 29 Apr 2020 06:59:41 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 43E8A76C70DE9CA3
x-amz-id-2: DS0ZaIbktyeNfd+5h2ft5SqOjIQKennfkXuAQqsm1Syg6FEVDVlE3Phf4Vzlyoyk9cAqamLsEiI=
cf-bgj: h2pri
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 0273f079c30000cc3617bdf200000001
cf-ray: 58cce9d60c9ccc36-ZRH
expires: Sat, 02 May 2020 02:24:34 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=92cf3d09-74b8-4d32-83eb-66cac92dec0f&ttl=1590963874

43 B
198 B

114ms
114ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=92cf3d09-74b8-4d32-83eb-66cac92dec0f&ttl=1590963874
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58cce9d75ec4cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07a960000cc3617bfc200000001

Redirect headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=92cf3d09-74b8-4d32-83eb-66cac92dec0f&ttl=1590963874
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
https://cm.mgid.com/m?cdsp=433145&c=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7

43 B
198 B

115ms
115ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58cce9d858b1cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07b330000cc361784f200000001

Redirect headers

status: 302
date: Fri, 01 May 2020 22:24:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
547 B 102ms
73ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k41x6rywWZof
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 58cce9d6e816cc4e-ZRH
content-type: image/gif
cf-request-id: 0273f07a520000cc4eb38d5200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=4c423569-f9ea-527b-b4ba-f88aea165928

43 B
344 B

114ms
114ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=4c423569-f9ea-527b-b4ba-f88aea165928
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58cce9d78f12cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07ab00000cc361780f200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=4c423569-f9ea-527b-b4ba-f88aea165928

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=6f6a5fdc-1f31-456f-aecc-413f8e4501ac

43 B
182 B

113ms
112ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=6f6a5fdc-1f31-456f-aecc-413f8e4501ac
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58cce9d79f54cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07abe0000cc361782d200000001

Redirect headers

status: 307
date: Fri, 01 May 2020 22:24:34 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=6f6a5fdc-1f31-456f-aecc-413f8e4501ac

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQxeDZyeXdXWm9m&muidn=k41x6rywWZof
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azQxeDZyeXdXWm9m&muidn=k41x6rywWZof&google_tc=
https://cm.mgid.com/google?muidn=k41x6rywWZof&google_ula={guid},5&google_gid=CAESEAFHrII4BovAIYfgQIrFQw0&google_cver=1

0
72 B

120ms
120ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k41x6rywWZof&google_ula={guid},5&google_gid=CAESEAFHrII4BovAIYfgQIrFQw0&google_cver=1
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
status: 200
accept-ranges: bytes
cf-ray: 58cce9d7e80bcc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0
cf-request-id: 0273f07af50000cc361784d200000001

Redirect headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k41x6rywWZof&google_ula={guid},5&google_gid=CAESEAFHrII4BovAIYfgQIrFQw0&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 165ms
54ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k41x6rywWZof
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=862d68fa-795e-476e-b22a-71afc413ef83

43 B
369 B

219ms
219ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=862d68fa-795e-476e-b22a-71afc413ef83
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 58cce9dc0f30cc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07d840000cc3617890200000001

Redirect headers

date: Fri, 01 May 2020 22:24:35 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=862d68fa-795e-476e-b22a-71afc413ef83
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

52164
i6.liadm.com/s/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k41x6rywWZof
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7&_li_chk=true&previous_uuid=f2ca42979e284e2c841d86af39e37e70
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7

43 B
419 B

274ms
96ms

Image
image/gif

2600:1f18:444a:4680:6b97:77eb:242a:52b4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4680:6b97:77eb:242a:52b4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=5852c3fe-5f96-4e09-8402-d7ab9e9c8cc7
Date: Fri, 01 May 2020 22:24:35 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2

200

m
cm.mgid.com/ Frame 0013
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
214 B

114ms
113ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 May 2020 22:24:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 58cce9d9eb3ecc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43
cf-request-id: 0273f07c310000cc3617870200000001

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Fri, 01 May 2020 22:24:34 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62....
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62...

0
528 B

20ms
20ms

Image
text/plain

2.16.31.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.29%2F&c9=&cs_ak_ss=1
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-31-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 May 2020 22:24:34 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1588371874220&ns_c=UTF-8&cv=3.5&c8=Before%20It%27s%20News%20%7C%20True%20News%20%7C%20People%20Powered%20News&c7=http%3A%2F%2F64.62.227.29%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 01 May 2020 22:24:34 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 90ms
29ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=92161447189
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 01 May 2020 22:24:34 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://64.62.227.29
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 145ms
84ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=87498434123
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 01 May 2020 22:24:34 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://64.62.227.29
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
14ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Apr 2021 22:24:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 26 Apr 2021 22:24:34 GMT

GET
H/1.1 200
OK jsDynamic-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 7 KB
2 KB 162ms
161ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/jsDynamic-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 339b8aff949d7bb2e5768021fc4c3d38fe4a0b6516160baf108a2cc1686e595c

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:19 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba22b-1c43"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:35 GMT

GET
H/1.1 200
OK responsive-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 2 KB
1 KB 169ms
168ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/responsive-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:19 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba22b-6c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:35 GMT

GET
H/1.1 200
OK validate-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 6 KB
2 KB 163ms
162ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/validate-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:21 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba22d-1849"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:35 GMT

GET
H/1.1 200
OK loadmore-bin-rev-493.js Show response
64.62.227.29/static/js-v3/ 14 KB
3 KB 162ms
162ms Script
application/javascript 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: http://64.62.227.29/static/js-v3/loadmore-bin-rev-493.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5e71d120c20a36ead1b0de125080941558bf3f653c529c26764dd61a8baa5d24

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 00:58:19 GMT
Server: nginx/1.12.2
ETag: W/"5e9ba22b-3928"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 08 May 2020 22:24:35 GMT

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
2 KB 4913ms
4822ms Script
text/html 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_236&c=1588371875581&width=1600&referer=http%3A%2F%2F64.62.227.29%2F

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jsDynamic-bin-rev-493.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

dabbe28cb09273c289c625e07e48c55347cd04ad3efa9c55be16cef2a4f753f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:40 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.29
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK serve.js.php Show response
trends.revcontent.com/ 4 KB
2 KB 228ms
206ms Script
text/html 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://trends.revcontent.com/serve.js.php?w=100246&t=rc_459&c=1588371875581&width=1600&referer=http%3A%2F%2F64.62.227.29%2F
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jsDynamic-bin-rev-493.js
Protocol: HTTP/1.1
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 6882be340b85192de81ab31dcf0729dad0491e4615893cc2860a2fa1da4d027e

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
Access-Control-Allow-Origin: http://64.62.227.29
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 53ms
30ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jsDynamic-bin-rev-493.js
Protocol: HTTP/1.1
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 02:31:42 GMT
Server: NetDNA-cache/2.2
ETag: W/"5443-1587695502000"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: https://lockerdome.com

POST
H/1.1 200
OK carousel.php Show response
64.62.227.29/core/ajax/contributor/v3_banners/ 528 B
619 B 169ms
169ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e2352f3e0fe9fdcd258284116ef872ba3ab2f5232e7e757e8c9c02bb096ab4d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK carousel.php Show response
64.62.227.29/core/ajax/contributor/v3_banners/ 540 B
627 B 162ms
162ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/v3_banners/carousel.php

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

989a8f8a37072aec3378eeda58b4266823a6a7614b0dc25cf03dc655c1b19f86

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK showing.php Show response
64.62.227.29/core/ajax/contributor/v3_live_stream/ 747 B
622 B 174ms
174ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/v3_live_stream/showing.php?_=1588371875594

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

a70ebcbc1578341447aee353287ad494bceaf68367e214ec96a9aad02b56b208

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 234ms
12ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 744
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 58cce9dfd928d6ed-FRA
cf-request-id: 0273f07fea0000d6ed6f27c200000001
expires: Sat, 02 May 2020 10:24:35 GMT

GET
H/1.1 200
OK get_items_to_show.php Show response
64.62.227.29/core/ajax/contributor/v3_rotating_text_links/ 24 KB
3 KB 162ms
161ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/v3_rotating_text_links/get_items_to_show.php?_=1588371875594

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

65557591f6c137419155bb4972c6d8609b864624698c15fd2098adb6181a4016

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK get-most-recent-stories-list.php Show response
64.62.227.29/v3/recent/ 13 KB
4 KB 160ms
160ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/v3/recent/get-most-recent-stories-list.php?_=1588371875595

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

9f853a745d2b36030c98bfd64fc1d4d94c857b348fb4c6c3271312b35e41d27c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 10864438442185062
lockerdome.com/lad/ Frame 9D06 0
0 510ms
130ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864438442185062?pubid=ld-7911-1672&pubo=http%3A%2F%2F64.62.227.29&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://64.62.227.29/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.29/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 01 May 2020 22:24:36 GMT

GET
H/1.1 200
OK 10864440455450982
lockerdome.com/lad/ Frame 7E84 0
0 513ms
133ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/10864440455450982?pubid=ld-4166-9392&pubo=http%3A%2F%2F64.62.227.29&rid=&width=370
Requested by: Host: cdn2.lockerdomecdn.com
URL: http://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://64.62.227.29/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.29/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 01 May 2020 22:24:36 GMT

GET
H/1.1 200
OK no-img.png
64.62.227.29/img/v3/ 2 KB
2 KB 163ms
161ms Image
image/png 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/v3/no-img.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0acb257899ff2d4a9e60070bf9ecc351d2b849a1a0ce9a4bbd3e9a2a96fc1c5f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Last-Modified: Wed, 06 Jun 2018 18:26:21 GMT
Server: nginx/1.12.2
ETag: "5b18274d-644"
Content-Type: image/png
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1604
Expires: Sat, 01 May 2021 22:24:35 GMT

GET
H/1.1 200
OK twitter.png
tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/ 3 KB
3 KB 169ms
167ms Image
image/png 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Last-Modified: Fri, 23 Aug 2019 03:39:16 GMT
Server: nginx
ETag: "27e00bc-ad4-590c08cee5349"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2772

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/oEqeMawTviI/ 34 KB
34 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/oEqeMawTviI/hqdefault.jpg

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acfcc19a9f6a66c291c2cb15d43fc17776290084d60b3f3cc8185a2e62357a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:23:20 GMT
x-content-type-options: nosniff
server: sffe
age: 75
etag: "1588364711"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35188
x-xss-protection: 0
expires: Fri, 01 May 2020 22:28:20 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Me86R0AZ4bw/ 9 KB
9 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Me86R0AZ4bw/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57e5e0a27a014c8a03592677dd4d1df44c020964bd16a79c5ef551550995bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:21:51 GMT
x-content-type-options: nosniff
server: sffe
age: 164
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8932
x-xss-protection: 0
expires: Fri, 01 May 2020 22:26:51 GMT

GET
H2 200 46627-origin_1.jpg
moremonmouthmusings.net/wp-content/uploads/2020/05/ 25 KB
26 KB 55ms
17ms Image
image/jpeg 2606:4700:3031::681b:b406
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moremonmouthmusings.net/wp-content/uploads/2020/05/46627-origin_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:b406 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7d7f98704f3cd63a88274379e92c0a9cc48798d522f39fc2eba82a822d8c2

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 22:07:52 GMT
server: cloudflare
age: 372
etag: "648e-5a49d69a6b781"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cce9dfb9a364f1-FRA
content-length: 25742
cf-request-id: 0273f07fd3000064f1001af200000001

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/88RWonImlmE/ 35 KB
35 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/88RWonImlmE/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf058b4741b5dd7b7191420af413a7707d9f45fcc670f2ff8dd9a30b6262ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:20:13 GMT
x-content-type-options: nosniff
server: sffe
age: 262
etag: "1588284350"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35789
x-xss-protection: 0
expires: Fri, 01 May 2020 22:25:13 GMT

GET
H/1.1 200
OK nintchdbpict000000271660-1-scaled.jpg
tapnewswire.com/wp-content/uploads/2020/05/ 421 KB
422 KB 166ms
164ms Image
image/jpeg 2401:c900:1101:143:9::e
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tapnewswire.com/wp-content/uploads/2020/05/nintchdbpict000000271660-1-scaled.jpg
Protocol: HTTP/1.1
Server: 2401:c900:1101:143:9::e , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: nginx /
Resource Hash: 03f861ae689bba1e197cbfeb7bd2ea064a05fa75cc782ab304f01ba4e8623146

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Last-Modified: Fri, 01 May 2020 22:05:28 GMT
Server: nginx
ETag: "5eac9d28-695e6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 431590

GET
H2 200 Bishop_Edward_Scharfenberger_of_Albany_Photo_courtesy_of_the_Diocese_of_Albany_CNA_1.jpg
www.catholicnewsagency.com/images/ 19 KB
19 KB 46ms
20ms Image
image/jpg 2606:4700:3035::681b:8a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Bishop_Edward_Scharfenberger_of_Albany_Photo_courtesy_of_the_Diocese_of_Albany_CNA_1.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 28efc7bb58c87f3f2cd9558977f4fa0b0e79913485b97dbc6e05d3b1eff8b318

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1153
x-powered-by: PHP/7.3.17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpg
status: 200
cache-control: max-age=16070400
cf-ray: 58cce9dfb82ac2e5-FRA
cf-request-id: 0273f07fd30000c2e525998200000001
expires: Sun, 31 May 2020 22:05:22 GMT

GET
H2 200 200424-N-HP061-1093.JPG
media.defense.gov/2020/Apr/28/2002290227/825/780/0/ 193 KB
194 KB 59ms
10ms Image
image/jpg 2a02:26f0:6c00:192::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/Apr/28/2002290227/825/780/0/200424-N-HP061-1093.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:192::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

46b4424e956ca63b42c8b05e0fa700300a56a55ee1d1119c1ddd5c9ff00258aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 197903

GET
H2 200 Marijuana_Plant-300x225.jpg
www.wklaw.com/wp-content/uploads/2019/03/ 42 KB
42 KB 79ms
26ms Image
image/jpeg 2606:4700:3030::681c:e9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wklaw.com/wp-content/uploads/2019/03/Marijuana_Plant-300x225.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:e9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba750d5f75bf8f9d7a6e26816c45d61715435fee5cdd677ba7ab5ccdd8f4ac2

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
cf-cache-status: HIT
age: 1465
status: 200
content-length: 42759
cf-request-id: 0273f07fed0000d7057eaab200000001
last-modified: Wed, 13 Mar 2019 19:18:17 GMT
server: cloudflare
etag: "5c895779-a707"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 58cce9dfeef6d705-FRA

GET
H2 200 EWk0D0LXsAA8O9J.jpeg
i1.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/04/ 102 KB
103 KB 31ms
29ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.occidentaldissent.com/wp-content/uploads/2020/04/EWk0D0LXsAA8O9J.jpeg?resize=744%2C1024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0efd56bd10516af3cf272177e0b939609675a5047c2d8e1ac17441a915c855a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-nc: HIT fra 1
date: Fri, 01 May 2020 22:24:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 3820
last-modified: Wed, 29 Apr 2020 22:12:10 GMT
server: nginx
etag: "f664d041150c5ec9"
vary: Accept
content-type: image/jpeg
status: 200
cache-control: public, max-age=63115200
link: <http://www.occidentaldissent.com/wp-content/uploads/2020/04/EWk0D0LXsAA8O9J.jpeg>; rel="canonical"
content-length: 104847
expires: Sat, 30 Apr 2022 10:12:10 GMT

GET
H2 200 alarm%2Bclock.jpg
1.bp.blogspot.com/-ZAjjo92vb5A/XqyXxk9AnPI/AAAAAAAApSk/XctnE1i-1l4zhaQGFaBV_zMZBKtazg_FQCLcBGAsYHQ/s1600/ 16 KB
16 KB 29ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZAjjo92vb5A/XqyXxk9AnPI/AAAAAAAApSk/XctnE1i-1l4zhaQGFaBV_zMZBKtazg_FQCLcBGAsYHQ/s1600/alarm%2Bclock.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

025d55f38e89b7d694cdaab35e7df6c3a213d455e0ba9adbbca821c98841e968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:58:10 GMT
x-content-type-options: nosniff
age: 1585
status: 200
content-disposition: inline;filename="alarm clock.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16468
x-xss-protection: 0
server: fife
etag: "va52a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 May 2020 21:58:10 GMT

GET
H2 200 russia-robot-army-marker-ugv-uncrewed-ground-vehicle-platform-magog-ezekiel-39.jpg
www.nowtheendbegins.com/wp-content/uploads/2020/05/ 127 KB
127 KB 55ms
17ms Image
image/jpeg 192.124.249.6
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nowtheendbegins.com/wp-content/uploads/2020/05/russia-robot-army-marker-ugv-uncrewed-ground-vehicle-platform-magog-ezekiel-39.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.6 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10006.sucuri.net

Software

nginx /

Resource Hash

a90a06e1bd4baac32360efdd0f0bd4bc7c7e0d4102cc0fde1a9bca7048d9292a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
host-header: e172abecbd394f56a1a2479517f27fbfe05ff815
content-length: 129841
x-xss-protection: 1; mode=block
last-modified: Fri, 01 May 2020 21:46:37 GMT
server: nginx
etag: "5eac98bd-1fb31"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15006
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
x-proxy-cache: STATIC/PATH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Genetic-memory.jpg
www.ancient-origins.net/sites/default/files/styles/large/public/field/image/ 72 KB
73 KB 35ms
17ms Image
image/jpeg 2606:4700:10::6816:45b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ancient-origins.net/sites/default/files/styles/large/public/field/image/Genetic-memory.jpg?itok=w1sm7yt3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:45b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8431e5b92f85f4b5d4ea1b319849258904f94887c8ac4a4d6bdfccbeeeab51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1591
cf-polished: origSize=77701
status: 200
content-length: 74034
cf-request-id: 0273f08008000097fc22115200000001
last-modified: Fri, 01 May 2020 21:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Sun, 31 May 2020 21:58:03 GMT
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 58cce9e00ec197fc-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 95589272_2732767196850290_5543596181088632832_n.jpg
moremonmouthmusings.net/wp-content/uploads/2020/05/ 117 KB
117 KB 15ms
15ms Image
image/jpeg 2606:4700:3031::681b:b406
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moremonmouthmusings.net/wp-content/uploads/2020/05/95589272_2732767196850290_5543596181088632832_n.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:b406 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c0f5329c7b3a90e8dc73862ef131ba0aa10a1ce8633bda104a1bc8dbd7e660

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 21:42:26 GMT
server: cloudflare
age: 2071
etag: "1d2fa-5a49d0eae3977"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 58cce9dff9bb64f1-FRA
content-length: 119546
cf-request-id: 0273f07ff7000064f1001b2200000001

GET
H2 200 200319-F-PJ020-1045M.JPG
media.defense.gov/2020/Apr/29/2002290889/1280/1280/0/ 210 KB
211 KB 16ms
16ms Image
image/jpg 2a02:26f0:6c00:192::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/Apr/29/2002290889/1280/1280/0/200319-F-PJ020-1045M.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:192::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

0f1f99717d3a182e71cdf05bc4fc6fafe40e60d5659dc2a2130518b853af43d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 215013

GET
H2 200 c5025f_e816d0440913b074fe0cc3cda8c4ae3b.jpg
4.bp.blogspot.com/-oa6_orIu9-4/W6BwhcMIjKI/AAAAAAACEp8/3yw3YlN9bV4szyIcS3CBWwVf1OMxsZFRwCLcBGAs/s320/ 21 KB
21 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-oa6_orIu9-4/W6BwhcMIjKI/AAAAAAACEp8/3yw3YlN9bV4szyIcS3CBWwVf1OMxsZFRwCLcBGAs/s320/c5025f_e816d0440913b074fe0cc3cda8c4ae3b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ddf731724ebdee744b587f530deecb295fb8444de8aaaff5fafa6cd5e156603d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:49:29 GMT
x-content-type-options: nosniff
age: 2106
status: 200
content-disposition: inline;filename="c5025f_e816d0440913b074fe0cc3cda8c4ae3b.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21481
x-xss-protection: 0
server: fife
etag: "v212a0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 May 2020 21:49:29 GMT

GET
H2 200 TP160603202642_A1.png
1.bp.blogspot.com/-vMWARbPejFo/WQDBI8M0JWI/AAAAAAABzLo/pb0zmsQTwWMfqMBGAIl1K6Io7vtS3gFdQCLcB/s320/ 79 KB
79 KB 7ms
7ms Image
image/png 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vMWARbPejFo/WQDBI8M0JWI/AAAAAAABzLo/pb0zmsQTwWMfqMBGAIl1K6Io7vtS3gFdQCLcB/s320/TP160603202642_A1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5cdb8a1cbf101b33d11386fdba5650b37de5636c43341fe1ce89ee4885566a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:49:29 GMT
x-content-type-options: nosniff
age: 2106
status: 200
content-disposition: inline;filename="TP160603202642_A1.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80622
x-xss-protection: 0
server: fife
etag: "v1ccbb"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 02 May 2020 21:49:29 GMT

GET
H/1.1 200
OK Corey-Davis-1024x681.jpg
www.titansgab.com/wp-content/uploads/2020/05/ 93 KB
93 KB 508ms
240ms Image
image/jpeg 207.55.249.212
AS17054

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.titansgab.com/wp-content/uploads/2020/05/Corey-Davis-1024x681.jpg
Protocol: HTTP/1.1
Server: 207.55.249.212 St. Petersburg, United States, ASN17054 (AS17054, US),
Reverse DNS: s212.s249.n55.n207.deluxehosting.com
Software: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4 /
Resource Hash: 3da7602419d84d5f18bc8b20beb788e0616e8407c91af1ff8d0619e004cdc7e5

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:41 GMT
Last-Modified: Fri, 01 May 2020 17:52:16 GMT
Server: Apache/2.4.43 (cPanel) OpenSSL/1.1.1g mod_bwlimited/1.4
ETag: "57a099b-17220-5a499d786821c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=100
Content-Length: 94752

GET
H2 200 200423-Z-MG741-1003.JPG
media.defense.gov/2020/May/01/2002292590/825/780/0/ 212 KB
213 KB 10ms
9ms Image
image/jpg 2a02:26f0:6c00:192::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/May/01/2002292590/825/780/0/200423-Z-MG741-1003.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:192::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

0380510d61cab6aa42336d8b81890f3950cb4a48688ca48f4ee26bb3d326db17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 216995

GET
H2 200 200427-F-ZZ999-1003.JPG
media.defense.gov/2020/Apr/30/2002292041/825/780/0/ 216 KB
216 KB 15ms
15ms Image
image/jpg 2a02:26f0:6c00:192::221c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.defense.gov/2020/Apr/30/2002292041/825/780/0/200427-F-ZZ999-1003.JPG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:192::221c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

/ ,

Resource Hash

f7a5d630531fb222e0b2616e657314ae2a90ab9db47a9613a0c9b081e66d2809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
x-aspnetmvc-version
server
pw_value: 3ce3af822980b849665e8c5400e1b45b
status: 200
x-powered-by: ,
x-frame-options: SAMEORIGIN
content-type: image/jpg
access-control-allow-origin: *
cache-control: private, no-cache
strict-transport-security: max-age=31536000
x-aspnet-version
content-length: 220880

GET
H2 200 Elderly_patient_in_hospice_Credit_Photographeeeu__Shutterstock.jpg
www.catholicnewsagency.com/images/ 16 KB
15 KB 19ms
19ms Image
image/jpg 2606:4700:3035::681b:8a51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.catholicnewsagency.com/images/Elderly_patient_in_hospice_Credit_Photographeeeu__Shutterstock.jpg?w=600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8a51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: a7c3e5315b347ed06268427fdaa9cd871438b143d8f056d0d32c441653d433e6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2548
x-powered-by: PHP/7.3.17
status: 200
content-length: 15711
cf-request-id: 0273f0800a0000c2e52599f200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 58cce9e018d7c2e5-FRA
expires: Sun, 31 May 2020 21:42:07 GMT

GET
H/1.1 200
OK incr_banner_views.php Show response
64.62.227.29/core/ajax/counter/ 5 B
282 B 171ms
169ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/counter/incr_banner_views.php?id=2061&_=1588371875764

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b286d416b203ea065c4da062dfbfdfb395381f3a4ae8d6b7d59914953b58309c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 86207ec5af26ab091ead71c3e5c93d7372fdc38b.jpeg
64.62.227.29/img/i2020/05/ 13 KB
13 KB 163ms
162ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/i2020/05/86207ec5af26ab091ead71c3e5c93d7372fdc38b.jpeg
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c2dacff667e8b3d488b4e51d11b033bbd7240fb0d6c8e8bb65870ad177436eee

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Last-Modified: Wed, 21 Aug 2019 02:46:36 GMT
Server: nginx/1.12.2
ETag: "5d5cb08c-3270"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12912
Expires: Sat, 01 May 2021 22:24:35 GMT

GET
H/1.1 200
OK increment_views.php Show response
64.62.227.29/core/ajax/contributor/v3_rotating_text_links/ 143 B
353 B 165ms
165ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/contributor/v3_rotating_text_links/increment_views.php?ids=4924%2C4878%2C4839%2C4907%2C4738%2C4918%2C4670%2C4924%2C4687%2C4923%2C4670%2C4826%2C4916%2C4898&_=1588371875766

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

82f7dee003f40c6a2d3a6eef943083c32b22b52dba8cff4b7fdc351f5e0d8495

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK incr_banner_views.php Show response
64.62.227.29/core/ajax/counter/ 6 B
283 B 159ms
159ms XHR
text/html 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL

http://64.62.227.29/core/ajax/counter/incr_banner_views.php?id=2117&_=1588371875767

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

HTTP/1.1

Server

64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

b697b45d6dc49f9961f8f98c59a4e92beb73fc0d413171510795b7f0af7ce0fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://64.62.227.29/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx/1.12.2
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bad918a99155d6d4faf399ef7d6b79e40ce87f38.jpeg
64.62.227.29/img/i2020/05/ 18 KB
18 KB 158ms
158ms Image
image/jpeg 64.62.227.29
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://64.62.227.29/img/i2020/05/bad918a99155d6d4faf399ef7d6b79e40ce87f38.jpeg
Protocol: HTTP/1.1
Server: 64.62.227.29 Fremont, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c99b152759a7f5ab74da139543147917c80a37e4e3405e32aac6196839ccb7c9

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Fri, 01 May 2020 22:24:35 GMT
Last-Modified: Mon, 02 Mar 2020 08:27:02 GMT
Server: nginx/1.12.2
ETag: "5e5cc356-4654"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18004
Expires: Sat, 01 May 2021 22:24:35 GMT

GET
H2 200 HgL9XfqaIoo
www.youtube.com/embed/ Frame 873A 0
0 140ms
120ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HgL9XfqaIoo?rel=0&autoplay=0&mute=0

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/HgL9XfqaIoo?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://64.62.227.29/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.29/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Fri, 01 May 2020 22:24:35 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=MUSHCLhvU6o; path=/; domain=.youtube.com; secure; expires=Wed, 28-Oct-2020 22:24:35 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 01-May-2020 22:54:35 GMT VISITOR_INFO1_LIVE=MUSHCLhvU6o; path=/; domain=.youtube.com; secure; expires=Wed, 28-Oct-2020 22:24:35 GMT; httponly; samesite=None YSC=9mkQcPvu7HM; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cIHgzaaewTk
www.youtube.com/embed/ Frame 69EC 0
0 173ms
154ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cIHgzaaewTk?rel=0&autoplay=0&mute=0

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/static/js-v3/jquery-fancybox-mobiledetect-uuid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/cIHgzaaewTk?rel=0&autoplay=0&mute=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://64.62.227.29/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: http://64.62.227.29/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
cache-control: no-cache
date: Fri, 01 May 2020 22:24:35 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=DjjDjWte8tc; path=/; domain=.youtube.com; secure; expires=Wed, 28-Oct-2020 22:24:35 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 01-May-2020 22:54:35 GMT YSC=JTGmfAQQM74; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=DjjDjWte8tc; path=/; domain=.youtube.com; secure; expires=Wed, 28-Oct-2020 22:24:35 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 67 KB
18 KB 3314ms
3313ms XHR
text/javascript 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=100246&t=rc_459&c=1588371875581&width=1600&site_url=http%3A%2F%2F64.62.227.29%2F&referer=&skip_demand=true

Requested by

Host: trends.revcontent.com
URL: http://trends.revcontent.com/serve.js.php?w=100246&t=rc_459&c=1588371875581&width=1600&referer=http%3A%2F%2F64.62.227.29%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

78faaa422763f56da4afd075440a5dfc8e224472ada8b88112b30fc50fd446b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.29
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWV...
https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D%26bidder%3D3%26bidder_uid%...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y

35 B
213 B

47ms
47ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 01 May 2020 22:24:36 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D&geo=35&rev_d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftrends.revcontent.com%252Fcm%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DMDI3OGNiOTg5M2ZkZGE1ZWVlY...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&geo=35&rev_dt=1588371875

35 B
215 B

48ms
48ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&geo=35&rev_dt=1588371875
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:35 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 01 May 2020 22:24:37 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.169:80
AN-X-Request-Uuid: 332dfb34-be51-47c8-8400-e40fcc6d7078
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&geo=35&rev_dt=1588371875
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588371875
https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1588371875
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=revcontent&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=kWLRv8Iey1TxFpnqOovPUuxg&ssp=revcontent
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02

35 B
215 B

46ms
46ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

status: 302
date: Fri, 01 May 2020 22:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 462ms
117ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%253D&pushdata=109&secure=1&rev_dt=1588371875
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 01 May 2020 22:24:36 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc%3D&rev_dt=1588371875
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83

35 B
215 B

48ms
48ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:36 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=MDI3OGNiOTg5M2ZkZGE1ZWVlY2M2Mjc1YjU4NDhlYjc=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83
Date: Fri, 01 May 2020 22:24:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
25 KB 113ms
31ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 17:42:34 GMT
etag: "1588268554"
status: 200
x-hw: 1588371879.cds025.pa1.hn,1588371879.cds039.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16
accept-ranges: bytes
content-length: 25656

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
98 KB 124ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Requested by: Host: 64.62.227.29
URL: http://64.62.227.29/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 17:42:34 GMT
etag: "1588268554"
status: 200
x-hw: 1588371879.cds025.pa1.hn,1588371879.cds043.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16
accept-ranges: bytes
content-length: 100419

GET
H2 200 /
img.revcontent.com/ 34 KB
34 KB 429ms
355ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e85ace6ac74e5-38925745.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ae8bea6be581fd0813c95f933ce5b9c680810346d2118cbd84aab086853f1e0f

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
last-modified: Thu, 02 Apr 2020 09:14:15 GMT
etag: "1585818855"
x-hw: 1588371879.cds019.pa1.hn,1588371879.cds002.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34873

GET
H2 200 /
img.revcontent.com/ 44 KB
44 KB 110ms
37ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e9ec16337c402-50400175.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 693360c107c9ee99cf5d0742e1e7214beada26f78faa2657694934134421d9a6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
last-modified: Tue, 21 Apr 2020 09:48:20 GMT
etag: "1587462500"
x-hw: 1588371879.cds019.pa1.hn,1588371879.cds036.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44578

GET
H2 200 /
img.revcontent.com/ 40 KB
40 KB 162ms
88ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e85b1c85d0682-04137309.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 60206f62503ddeeb12512617d8ef9b9f2e980509d0724c4a973c3ce5301388da

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
last-modified: Thu, 02 Apr 2020 09:35:05 GMT
etag: "1585820105"
x-hw: 1588371879.cds019.pa1.hn,1588371879.cds028.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 41185

GET
H2 200 /
img.revcontent.com/ 25 KB
25 KB 1852ms
1778ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5eac39b182d954-72664807.png&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f2171efb1d4b5051bb03cdf41f5bdf81698c2054af56643d70008dbed2ec4d22

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:40 GMT
last-modified: Fri, 01 May 2020 15:01:06 GMT
etag: "1588345266"
x-hw: 1588371879.cds019.pa1.hn,1588371879.cds015.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25295

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
201 B 126ms
46ms XHR
text/html 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 May 2020 22:24:39 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://64.62.227.29
access-control-allow-credentials: true
content-length: 0

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 56 KB
11 KB 4900ms
4900ms XHR
text/javascript 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=111268&t=rc_236&c=1588371875581&width=1600&site_url=http%3A%2F%2F64.62.227.29%2F&referer=&skip_demand=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=111268&t=rc_236&c=1588371875581&width=1600&referer=http%3A%2F%2F64.62.227.29%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

d97640bbdf061a42ff30732524a095189325ae31e903f32419bdfd83ff5f81e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 May 2020 22:24:45 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://64.62.227.29
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://b1sync.zemanta.com/usersync/revcontent/?puid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYTkyN2U2M2M1OGRjMzY2N2M...
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y

35 B
213 B

48ms
48ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 01 May 2020 22:24:40 GMT
P3p: CP="We do not support P3P header."
Location: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&bidder=3&bidder_uid=xx3HTZz0EpJQDytrtX7Y
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 175
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DYTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%253D&geo=35&rev_d...
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&geo=35&rev_dt=1588371880

35 B
215 B

52ms
52ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&geo=35&rev_dt=1588371880
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 01 May 2020 22:24:42 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: 89c61009-469c-491c-a000-e84c15b3eb18
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6740450599653325321&exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&geo=35&rev_dt=1588371880
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1588371880
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d5edb9ed-dc9a-49e9-ae00-e1e6ea644942&ssp=revcontent&user_group=1
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02

35 B
215 B

47ms
47ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

status: 302
date: Fri, 01 May 2020 22:24:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=20a95023-e59f-4636-b6ff-6850386ceb02
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ 35 B
380 B 116ms
116ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%253D&pushdata=109&secure=1&rev_dt=1588371880
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 01 May 2020 22:24:40 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

pixel_sync
trends.revcontent.com/cm/
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE%3D&rev_dt=1588371880
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83

35 B
215 B

50ms
49ms

Image
image/gif

54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-76-151.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Fri, 01 May 2020 22:24:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

Redirect headers

Location: //trends.revcontent.com/cm/pixel_sync?exchange_uid=YTkyN2U2M2M1OGRjMzY2N2M1NDliNmZiMTI1YjE4OWE=&bidder=154&bidder_uid=862d68fa-795e-476e-b22a-71afc413ef83
Date: Fri, 01 May 2020 22:24:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 css
fonts.googleapis.com/ 3 KB
717 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Scada

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 May 2020 22:24:45 GMT
server: ESF
date: Fri, 01 May 2020 22:24:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 May 2020 22:24:45 GMT

GET
H2 200 /
img.revcontent.com/ 29 KB
29 KB 35ms
35ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e85aa76b11518-07074707.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d60119d864ef8ceea2be1445bd973abf3c073b3314936678a47503e961f5208a

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:45 GMT
last-modified: Thu, 02 Apr 2020 09:03:51 GMT
etag: "1585818231"
x-hw: 1588371885.cds019.pa1.hn,1588371885.cds041.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29563

GET
H2 200 /
img.revcontent.com/ 22 KB
22 KB 39ms
38ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/74e2fc8812545ab7db01a4e5c78d89d5.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: a6db9606d378df725c813718f7f7b9a2e46fa0d8e6bcf3af44f069e9cc8b14f3

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:45 GMT
last-modified: Thu, 30 Apr 2020 15:13:10 GMT
etag: "1588259590"
x-hw: 1588371885.cds019.pa1.hn,1588371885.cds037.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22296

GET
H2 200 /
img.revcontent.com/ 44 KB
44 KB 41ms
41ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e9ec16337c402-50400175.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by: Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=d7b56a7ea49af5bb6d1ace56c0197178666de1dd&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 693360c107c9ee99cf5d0742e1e7214beada26f78faa2657694934134421d9a6

Request headers

Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Fri, 01 May 2020 22:24:45 GMT
last-modified: Tue, 21 Apr 2020 09:48:20 GMT
etag: "1587462500"
x-hw: 1588371885.cds019.pa1.hn,1588371885.cds036.pa1.c
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44578

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
201 B 45ms
45ms XHR
text/html 54.76.76.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.76.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-76-151.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: http://64.62.227.29/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 May 2020 22:24:45 GMT
server: Apache/2.4.25 (Debian)
status: 200
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://64.62.227.29
access-control-allow-credentials: true
content-length: 0

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v31/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: http://64.62.227.29

Response headers

date: Sat, 28 Mar 2020 04:42:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:31 GMT
server: sffe
age: 3001364
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
expires: Sun, 28 Mar 2021 04:42:01 GMT

GET
H2 200 RLpxK5Pv5qumeVJvzTQ.woff2
fonts.gstatic.com/s/scada/v8/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/scada/v8/RLpxK5Pv5qumeVJvzTQ.woff2

Requested by

Host: 64.62.227.29
URL: http://64.62.227.29/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald|Scada
Origin: http://64.62.227.29

Response headers

date: Sat, 04 Apr 2020 08:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:32:17 GMT
server: sffe
age: 2384333
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15016
x-xss-protection: 0
expires: Sun, 04 Apr 2021 08:05:52 GMT

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: http://64.62.227.29/(Line 547) Message: [Web Cached] Loaded time: 0.00204s
console-api	log	URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js(Line 33) Message: Save the new UUID to a cookie what will expire after 1000 days
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.351459.js?t=20204122(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/b/e/beforeitsnews.com.720412.js?t=20204122(Line 9) Message: [object HTMLImageElement]
console-api	info	URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js(Line 39) Message: GodWord: id592 views: 30.2k
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js(Line 37) Message: AdsDirect: id2117 views: 922.5k
console-api	info	URL: http://64.62.227.29/static/js-v3/global-bin-rev-493.js(Line 37) Message: AdsDirect: id2061 views: 72.2k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
ads.betweendigital.com
b.scorecardresearch.com
b1sync.zemanta.com
bidder.criteo.com
bidswitch-eu.splicky.com
bttrack.com
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn2.lockerdomecdn.com
clipground.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
csync.loopme.me
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
i.liadm.com
i.ytimg.com
i0.wp.com
i1.wp.com
i6.liadm.com
ib.adnxs.com
img.revcontent.com
img.youtube.com
jsc.mgid.com
justusaknight.files.wordpress.com
lisahaven.news
lockerdome.com
match.adsrvr.org
media.defense.gov
media.eurekalert.org
moremonmouthmusings.net
news.cornell.edu
officeoftheworldteacher.files.wordpress.com
prepforshtf.com
prod.perf-serving.com
rtb-usw.mfadsrvr.com
rtb.mfadsrvr.com
sb.scorecardresearch.com
servicer.mgid.com
static.criteo.net
stats.g.doubleclick.net
tapnewswire.com
trends.revcontent.com
udata.mixmarket.biz
upload.wikimedia.org
www.ancient-origins.net
www.brown.edu
www.catholicnewsagency.com
www.dodgingdeception.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newswise.com
www.nowtheendbegins.com
www.titansgab.com
www.wklaw.com
www.youtube.com
x.bidswitch.net
104.154.142.214
104.16.199.73
104.19.136.78
132.148.46.86
148.251.129.84
151.139.128.11
151.139.242.29
162.144.153.251
172.217.22.34
178.250.0.165
18.185.207.113
18.197.178.227
188.42.191.196
192.0.72.23
192.0.72.26
192.0.77.2
192.124.249.6
192.132.33.46
198.151.217.193
2.16.186.80
2.16.31.65
207.55.249.212
23.105.245.5
23.105.254.92
2401:c900:1101:143:9::e
2600:1f18:444a:4680:6b97:77eb:242a:52b4
2606:4700:10::6816:45b5
2606:4700:3030::681c:e9b
2606:4700:3031::681b:b406
2606:4700:3033::6812:2159
2606:4700:3035::681b:8a51
2606:4700:3035::681f:5baa
2606:4700::6812:3ad
2606:4700::6812:e134
2620:0:862:ed1a::2:b
2620:12a:8000::1
2a00:1450:4001:806::2003
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::200e
2a00:1450:4001:815::2001
2a00:1450:4001:815::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2016
2a00:1450:4001:81b::200e
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9b
2a02:2638::3
2a02:26f0:6c00:192::221c
35.212.212.222
37.252.172.38
52.59.135.20
54.164.167.223
54.227.146.141
54.76.76.151
54.77.250.219
64.202.112.31
64.62.227.29
94.130.165.158
94.23.144.220
01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa
025d55f38e89b7d694cdaab35e7df6c3a213d455e0ba9adbbca821c98841e968
0380510d61cab6aa42336d8b81890f3950cb4a48688ca48f4ee26bb3d326db17
03f861ae689bba1e197cbfeb7bd2ea064a05fa75cc782ab304f01ba4e8623146
0403a35aa08e46c07a498d4c6422161f764475b139beaeccf70e462c896c120d
044d653d3ceb3b946b4c68e520b86f374d292597f367112348802146a377ae17
081a6a33854977a72d3c8ec7f5f72b6d637c9fef8100adc119235fe1f4cdb257
0a0517892013111163286450708b26c4b74583570f73e2b176604dd4427ff8c4
0a6fd2260a8310e8d7c7eef4d1d8958148c83b089a2d8fbe4114a39e4c3bd830
0acb257899ff2d4a9e60070bf9ecc351d2b849a1a0ce9a4bbd3e9a2a96fc1c5f
0b21fd04aad89a54b03408155906f1cd1b363cb16cf0753504b18e996d8a6662
0efd56bd10516af3cf272177e0b939609675a5047c2d8e1ac17441a915c855a5
0f1f99717d3a182e71cdf05bc4fc6fafe40e60d5659dc2a2130518b853af43d5
1a9189400cb45a38f1f81e1dc5d66b6a380a87ad4d0d82321294fa1c11acecfa
1bd038827b45687b5b3905333bd9eb470023d5b62e27c25d0d70aa818060ce61
1d66ea0645104ca4aad60e60d8503b4b6ff11f0ac73e0bcdd4eb9f61bca27293
1e8431e5b92f85f4b5d4ea1b319849258904f94887c8ac4a4d6bdfccbeeeab51
23e61f5278ff3d9913f6045b5911c26a8903b742d043a50dcf66f5801d80b713
282ab5b6f36b8ea72f1cd6847968dc52be62ae5d7c97119a335a6d2673c258c5
28efc7bb58c87f3f2cd9558977f4fa0b0e79913485b97dbc6e05d3b1eff8b318
2902c546786110f067783a6f7d429fb4edcb36142560c83d0c51fae22c4b5446
290a97a808d03681d8189c9d6b1c327780f2730b6af5b1faced70c4ceb535666
2e106f90c7033964a9cf39d12349c27b85d5bcbff5448c0fd25a3f02e9f7761d
2e790e4328cad85c99450f90ee1316cafc446e57efa611b8fde93d344c6a5d23
335fa63197718a5840adef5761fc5c67b9fb4274798aa53b60cfdc4d4b2043a7
339b8aff949d7bb2e5768021fc4c3d38fe4a0b6516160baf108a2cc1686e595c
33e89acec5c07a37996a6fda0ab9c029199b2ae3f8913fda8fbee66d0cc58ee3
354d5352d22dea06f2e3cf1add1b456f8a1ca5b4d0a6b36ee859ac606d2c90eb
39873b664a0805fb5cc7134fdd757cd81f8ebdb1a06b4a241f1490c0d9e6cb0f
3da7602419d84d5f18bc8b20beb788e0616e8407c91af1ff8d0619e004cdc7e5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41ab59d68e1b11fd20e259dba9ba56064f0b4e237ce2a94a3cdd90d632900a74
433539c7c956ed132a3ae11f86e1c30364ad74265738100c2c69c44961cb2728
440292eb71e786da59d255d6ff27e9594fb838f1de59004822ab745d50521dc3
46b4424e956ca63b42c8b05e0fa700300a56a55ee1d1119c1ddd5c9ff00258aa
4b9f5a4629b763f54306a52e87966116e6ef92659a74702d5cae896385d7357f
4bf5c344aa2aeadbc7e38926b401852a338ebbcef2e5ac668c8dc8aa430cc353
4d16d170f8f447a1336dbc0abdc743da0cc3e87eb9f376b2ff7443765ff9c7d6
4f61a64f136059a57a37f529607cde5c21ddc712fc78835d18e5e4c960d152e5
52081b82a23acfc93e303ccbbb1ae906718325321f055518eaa48302d6331877
521adc59704ee23346cec5bab1abeb63cf7421a4b46c9f8346f3dcea5c951ba8
54bcddcecad627e0b7dafccf904067b248d30bfaae3e1ad5b602cba462562b7e
5844ddc6cc8f7570f76a5d02103c0547a11bd401e9a52e176de229847079a412
58b9b8913183ccc67373efa22a1d5cd514aa036d1bc3626e6c2e2f168f2590c9
5ba7d7f98704f3cd63a88274379e92c0a9cc48798d522f39fc2eba82a822d8c2
5cdb8a1cbf101b33d11386fdba5650b37de5636c43341fe1ce89ee4885566a30
5db54b61eedc1eb80e8c9e879774553707e1596e38b3ef22b37c7c4d0ee360d7
5e71d120c20a36ead1b0de125080941558bf3f653c529c26764dd61a8baa5d24
5f08c1676cdc0205910cfb8cb24b7a1817363481cabaf63babd1c1f8006c359f
60206f62503ddeeb12512617d8ef9b9f2e980509d0724c4a973c3ce5301388da
62cfa9e4acd15a3fa256ed4ca383b2ae5f04daff3e850ae16076c3b5fbb97f80
64033276ca5e3af1767145de791323f03fa20f6ff0fdb64985d318e88a1bea58
65557591f6c137419155bb4972c6d8609b864624698c15fd2098adb6181a4016
6819dfed7eb501db0fcbc32ee6d326137a89123cea1564e1695a33151145a291
6882be340b85192de81ab31dcf0729dad0491e4615893cc2860a2fa1da4d027e
693360c107c9ee99cf5d0742e1e7214beada26f78faa2657694934134421d9a6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6ae99f99067ed89e884e3fc94f38c694ab4f68a52d87ad5e1084ac4d8e86c6
6db797398e1b15ed4daf9dffb0d4987c91935f0a8023fb4276c6d80698e33a46
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
775fba6b7aea8ecede20dda92897c38651528c7f1cb73924a9dd34a23411d2b4
78faaa422763f56da4afd075440a5dfc8e224472ada8b88112b30fc50fd446b3
7ba750d5f75bf8f9d7a6e26816c45d61715435fee5cdd677ba7ab5ccdd8f4ac2
7c3761dfed3ab65d7ebee8496ae8f002ffa00f3269836383df81fb4a72996c18
7dd216584b4c5dbdf5c16f8a6d4982c6bcb7d9306ea0476e1e4aad0f2935422a
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
7fea23fcfa5c62b0dea00665d0da4a425bd47776483ee77ac8037fe740e7d0e4
82f7dee003f40c6a2d3a6eef943083c32b22b52dba8cff4b7fdc351f5e0d8495
84ba294d86a6a8c4ec2962bb2e461958d5bc4e101e798b145604dca530b30041
86f81e43a18aeef7f42e4e0c0ea008c2589e50ce35ba48f1df48bc9c3008978d
927ca43432f4a9d6aebf28a60a6356ccf1f784a7028a8e164ac3815a440fd848
938dd15a3391424101fc6cd9aa7e75e2c10abea391f225a6e904afede729989d
978207ee1a7b35266b39efb2bb1adb0069f02ca186a73495cf45bfefee9bfe54
989a8f8a37072aec3378eeda58b4266823a6a7614b0dc25cf03dc655c1b19f86
99438ffbcf0f6c52c1d585c6d66b58c84ea5d8b122ed82628c784772ee30a1b7
9986a11e04cd5c111dc5b9139440f423cda4bf4c186062a0857d1a55b63c0fc9
9be76ccc3670f2642ee91049a17a21e248f8388b589f16fbe486c35814f13781
9ca601ccb4b804e78f547d0451200b8cf3f9ac3a88b11ff0fff17b1432226915
9e60a41d7cc3c8c642a61b4707f23017f99d4ed04a5a4c91682d7b3c1cdc76b6
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
9f853a745d2b36030c98bfd64fc1d4d94c857b348fb4c6c3271312b35e41d27c
9ff741e29e6d898614d829c3f3fd6ea1f51d664be8243e41ef2a455d81adb955
a0c0f5329c7b3a90e8dc73862ef131ba0aa10a1ce8633bda104a1bc8dbd7e660
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a538c9321748f0fa08033a6272d768efc2431c0dfefb454955d96379bab64bca
a57e5e0a27a014c8a03592677dd4d1df44c020964bd16a79c5ef551550995bed
a6db9606d378df725c813718f7f7b9a2e46fa0d8e6bcf3af44f069e9cc8b14f3
a6f4395b277193be1a26383aaf7283f4ae264bff22c81fad326ee5c2bc963cfa
a70ebcbc1578341447aee353287ad494bceaf68367e214ec96a9aad02b56b208
a7c3e5315b347ed06268427fdaa9cd871438b143d8f056d0d32c441653d433e6
a90a06e1bd4baac32360efdd0f0bd4bc7c7e0d4102cc0fde1a9bca7048d9292a
a953b68956d6fbce0f945b5054517181c5494c7ab8bea2eabdfa0148b444b55c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
acfcc19a9f6a66c291c2cb15d43fc17776290084d60b3f3cc8185a2e62357a6c
ae8bea6be581fd0813c95f933ce5b9c680810346d2118cbd84aab086853f1e0f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b286d416b203ea065c4da062dfbfdfb395381f3a4ae8d6b7d59914953b58309c
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b446b84b6af05a88997d60472ccb256a81c1478718beeec74590b2f6f4edef1f
b673573c69c120f481fb9b4d990fcef817153e66e350cfd3b538d8a52d16d095
b697b45d6dc49f9961f8f98c59a4e92beb73fc0d413171510795b7f0af7ce0fc
b9fd2687c6de1adc7e749095c7aaa8bd887245c37f4edf38c48b3fd95d26f017
bbcda89adbcfbe479200d46f7ca6d10c5fa88c5c0ace94bb4b2d96f8a685e8cd
bbf2525ddd5098014820bbf3ee619124854e25932002c4c64cb6f8b01be2dfdd
c2dacff667e8b3d488b4e51d11b033bbd7240fb0d6c8e8bb65870ad177436eee
c8528e1c68a0c2bde1022646073b2421704efa4cd0aac88772e38ea492b8c283
c99b152759a7f5ab74da139543147917c80a37e4e3405e32aac6196839ccb7c9
c9c8286937b76dfd180d642df44491945e7f0a795841b53686182320e122678e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdd69dac816b02f3bd78549515e1dc42838460c3d60f05145da8c390a0c096a5
cf11edd56772952b727f64d496f8305b6d5af355592a3f65ca2e6fac50b5a233
d40355da0a1cf2395421e8a8792a6b62d5e468548985e89e5df4d01d0b09231a
d515ed2f964c9ed47814c93edcd7a1cec301ad1896d4ac49e4c184e6ad9ef214
d60119d864ef8ceea2be1445bd973abf3c073b3314936678a47503e961f5208a
d9110f693506e8a77f8a75ff4ba02adfa0175e22fc246799354dfcbca287ce1d
d97640bbdf061a42ff30732524a095189325ae31e903f32419bdfd83ff5f81e4
dabbe28cb09273c289c625e07e48c55347cd04ad3efa9c55be16cef2a4f753f8
db135e93bd989f186cc30e9846c9b9c02e19d1bfd319ed0f1703282ac40d500f
dce9dcf942103523ff5567ccfaacc2fe1ff416b00cf86be8daa3118721c1dd6d
ddf731724ebdee744b587f530deecb295fb8444de8aaaff5fafa6cd5e156603d
de56c9345854e798d520e48060fed481216d2aceafb683bd904abcc8a1807f6a
e2352f3e0fe9fdcd258284116ef872ba3ab2f5232e7e757e8c9c02bb096ab4d5
e35e1a7a1971d15eec9503ff6b16268da7137ece51a3cf4d9430b0cff5b83b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441398ba7475ff7582717ac41cbdecf7c604b575d3fec23505bf1fb7c245756
e5d1b57d9611ca49002158169cfaa3e395f3df4e73ea6c73f7db769db1cbc3c6
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf585c012c07829008431c00fa48cb3bbae3bc1283c530257f7bd24cb023b8b
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
ee21d95ded7d3979310536a68f2997280d65748dae9a4f6bcfa81fa0af48e563
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1da59d9a16a42d1c9baa37a694a63849ce741e4f0beab61a208f19c2c37c6c4
f2171efb1d4b5051bb03cdf41f5bdf81698c2054af56643d70008dbed2ec4d22
f35f2e9629cb78bbd4f678617d0c66a026de966a932596d22ad4306c9b449292
f5ff5c69bcf521d98360ab43448284ecdb005dbb53f7af91d3518374e4853302
f7a5d630531fb222e0b2616e657314ae2a90ab9db47a9613a0c9b081e66d2809
f9ad3f01505f775bd66834222cb32533197fb1991215e2b97674669f6c6a85ba
fb0311b01be6953a708740abe61c6b3e2da274166de9d626e66a8a2241602f63
fc992be2d573cd1ebfe75a7550675ccee88a5d15e02f5346113606764876d315
fcf058b4741b5dd7b7191420af413a7707d9f45fcc670f2ff8dd9a30b6262ec6

64.62.227.29 Open in urlscan Pro 64.62.227.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

170 Requests

66 %HTTPS

43 %IPv6

52 Domains

65 Subdomains

46 IPs

10 Countries

7405 kBTransfer

8322 kBSize

0 Cookies

30 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

64.62.227.29 Open in urlscan Pro
64.62.227.29 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

66 %
HTTPS

43 %
IPv6

52
Domains

65
Subdomains

46
IPs

10
Countries

7405 kB
Transfer

8322 kB
Size

0
Cookies

170 HTTP transactions
1 data transactions