urlscan.io logo urlscan.io
SecurityTrails logo

research.thehalkiremedy.com Open in urlscan Pro
2606:4700:30::681b:b46a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2OOJXWX#X1Sx099gTLHeQt82DW6nJpfZ
Effective URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Submission: On October 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 32 HTTP transactions. The main IP is 2606:4700:30::681b:b46a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is research.thehalkiremedy.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 24th 2019. Valid for: a year.
This is the only time research.thehalkiremedy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 67.228.182.155 36351 (SOFTLAYER)
18 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.192.49.240 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 174.36.107.248 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.228.248.72 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
32 13
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
1    67.228.182.155 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 9b.b6.e443.ip4.static.sl-reverse.com
www.m818w.com
18    2606:4700:30::681b:b46a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
research.thehalkiremedy.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    173.192.49.240 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: f0.31.c0ad.ip4.static.sl-reverse.com
display.spapi.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    174.36.107.248 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: f8.6b.24ae.ip4.static.sl-reverse.com
tracking.buygoods.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    67.228.248.72 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 48.f8.e443.ip4.static.sl-reverse.com
www.buygoods.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
18 research.thehalkiremedy.com research.thehalkiremedy.com
ajax.googleapis.com
2 www.youtube.com research.thehalkiremedy.com
s.ytimg.com
2 www.google-analytics.com www.googletagmanager.com
research.thehalkiremedy.com
1 s.ytimg.com www.youtube.com
1 www.buygoods.com research.thehalkiremedy.com
1 fonts.gstatic.com research.thehalkiremedy.com
1 tracking.buygoods.com research.thehalkiremedy.com
1 ajax.googleapis.com research.thehalkiremedy.com
1 display.spapi.com research.thehalkiremedy.com
1 fonts.googleapis.com research.thehalkiremedy.com
1 use.fontawesome.com research.thehalkiremedy.com
1 cdnjs.cloudflare.com research.thehalkiremedy.com
1 www.googletagmanager.com research.thehalkiremedy.com
1 www.m818w.com 1 redirects
1 bit.ly 1 redirects
32 15

This site contains links to these domains. Also see Links.

Domain
www.buygoods.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-24 -
2020-09-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.spapi.com
Go Daddy Secure Certificate Authority - G2		 2019-07-15 -
2021-07-15		 2 years crt.sh
*.buygoods.com
Go Daddy Secure Certificate Authority - G2		 2017-09-20 -
2020-09-20		 3 years crt.sh
*.google.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Frame ID: 92AED3DB139864BF0FCEAAC630C56249
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rg9JTodAdGQ?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fresearch.thehalkiremedy.com&widgetid=1
Frame ID: 0D2A959962A4C1398C906F2780D60170
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/2OOJXWX HTTP 301
    http://www.m818w.com/5856/450/2/ HTTP 302
    https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450 Page URL

Page Statistics

32
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

15
Subdomains

13
IPs

2
Countries

1079 kB
Transfer

1899 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2OOJXWX HTTP 301
    http://www.m818w.com/5856/450/2/ HTTP 302
    https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
research.thehalkiremedy.com/
Redirect Chain
  • http://bit.ly/2OOJXWX
  • http://www.m818w.com/5856/450/2/
  • https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ae7d88f141cccc87eee9cdfca7744e380d5e5474f395ade4cfd3e7aef8ef7f

Request headers

:method
GET
:authority
research.thehalkiremedy.com
:scheme
https
:path
/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 18 Oct 2019 12:12:05 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da3e6b23658d8686fd5af754bbb42fe401571400724; expires=Sat, 17-Oct-20 12:12:04 GMT; path=/; domain=.thehalkiremedy.com; HttpOnly; Secure
x-robots-tag
noindex, nofollow, nosnippet
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
527a6b22ae115a0c-VIE
content-encoding
br

Redirect headers

Server
nginx/1.10.2
Date
Fri, 18 Oct 2019 12:12:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=2
X-Powered-By
PHP/7.1.3
Cache-Control
max-age=3600 private
Pragma
no-cache
Location
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Expires
Fri, 18 Oct 2019 13:12:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129095905-3
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cce0ac62ff912364bcd1c5f536ac9214e5971f49f0ab780c87f1923971ee7f3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28469
x-xss-protection
0
expires
Fri, 18 Oct 2019 12:12:05 GMT
bulma.min.css
cdnjs.cloudflare.com/ajax/libs/bulma/0.7.1/css/ 		155 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bulma/0.7.1/css/bulma.min.css
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc81b8d7a575ca78f75a08eefec714f342801163ac3b9ad12df572443b8ebfb4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16034595
status
200
served-in-seconds
0.015
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:17 GMT
server
cloudflare
etag
W/"5afd48d9-26c3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
527a6b276a10cbbc-VIE
expires
Wed, 07 Oct 2020 12:12:05 GMT
all.js
use.fontawesome.com/releases/v5.1.0/js/ 		893 KB
370 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/js/all.js
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
gzip
last-modified
Wed, 20 Jun 2018 20:19:20 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"004993df80280fa6c4af6ca17c4e5433"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
extra.css
research.thehalkiremedy.com/c/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://research.thehalkiremedy.com/c/extra.css
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a1d8e450692755c61f67faf3152042079e356b5cc322b1b6e219ced8550b6b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:41:28 GMT
server
cloudflare
etag
W/"61aa058-18a4-593d8abccdf7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
527a6b2768665a0c-VIE
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:05 GMT
css
fonts.googleapis.com/ 		799 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:900
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e6b78a3b2b84bd50ec0bd967d247c6884862fe40765bf6160e383c4fe49951df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 18 Oct 2019 12:12:05 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 18 Oct 2019 12:12:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 18 Oct 2019 12:12:05 GMT
headblock_fb.png
research.thehalkiremedy.com/i/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/headblock_fb.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c43360ecb439736afc6ed58d30d942d0b8c127bb57e11fd6a0c063d2e46febf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:47:30 GMT
server
cloudflare
etag
"61aa1d4-1294-593d8c1626583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b28f9045a0c-VIE
content-length
4756
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
cards.jpg
research.thehalkiremedy.com/i/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/cards.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eec8d12d86b16c01e84efb9a13ea9eebc4421adcfe7007ada57e1c9201d900d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 01 Oct 2019 12:46:35 GMT
server
cloudflare
etag
"61aa117-3f94-593d8be1f8f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b28f9055a0c-VIE
content-length
16276
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
email-decode.min.js
research.thehalkiremedy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://research.thehalkiremedy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2019 16:08:50 GMT
server
cloudflare
etag
W/"5da89212-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
527a6b27886d5a0c-VIE
expires
Sun, 20 Oct 2019 12:12:05 GMT
disclaimer
display.spapi.com/v1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.spapi.com/v1/disclaimer?id=disclaimer&account_id=5852&background=white
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, 3DES_EDE_CBC
Server
173.192.49.240 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f0.31.c0ad.ip4.static.sl-reverse.com
Software
/ Express
Resource Hash
64f7e898e72e091a8b29207209f7ec824c2905f26a9e9b9760ffeb8cda002d9b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Oct 2019 12:12:06 GMT
Cache-control
private
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
1133
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, PATCH, DELETE
ticket.png
research.thehalkiremedy.com/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/ticket.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77266cd1df79a3e8c9067612fcd189d17781f60e5ebe8838c77ddfc8b039569c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 13:07:31 GMT
server
cloudflare
etag
"61aa1ca-4f6c-593d908f7ccd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b28f9065a0c-VIE
content-length
20332
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
ba2.jpg
research.thehalkiremedy.com/i/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/ba2.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc53625941564c757e054d5e1126224664bea60cd0a908e8277cf58448e228d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 01 Oct 2019 12:46:21 GMT
server
cloudflare
etag
"61aa0e4-369e-593d8bd508c25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b28f9075a0c-VIE
content-length
13982
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
ba1.jpg
research.thehalkiremedy.com/i/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/ba1.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9b12ae41d0846ff9eb42fb1262c6f03f545fa1ac57aed450bc116aa909d7cf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:46:21 GMT
server
cloudflare
etag
"61aa0e3-3854-593d8bd4adf0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b28f9085a0c-VIE
content-length
14420
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 09 Oct 2019 21:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742520
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Oct 2020 21:56:45 GMT
bounceback.js
research.thehalkiremedy.com/j/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.thehalkiremedy.com/j/bounceback.js
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c365f123ae4ee083b769600b27b6c9db53c2df89e3443c729c2ebf49ecba5947

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:48:10 GMT
server
cloudflare
etag
W/"61aa274-238c-593d8c3c963b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
527a6b2808a15a0c-VIE
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:05 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129095905-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1075
date
Fri, 18 Oct 2019 11:54:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 18 Oct 2019 13:54:10 GMT
external-index-final.js
research.thehalkiremedy.com/j/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://research.thehalkiremedy.com/j/external-index-final.js
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a796d6ea704979807bcfd40b9ad4b894366a42d98ce48b30da9439601ceeee

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Oct 2019 03:41:38 GMT
server
cloudflare
etag
W/"61ad154-1a1f-595271c886a2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
527a6b28f9025a0c-VIE
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
/
tracking.buygoods.com/track/ 		4 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.buygoods.com/track/?a=5852&firstcookie=0&referrer=&product=halki_remedy&sessid2=
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, 3DES_EDE_CBC
Server
174.36.107.248 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
f8.6b.24ae.ip4.static.sl-reverse.com
Software
nginx/1.10.0 /
Resource Hash
6e3ad62f99700301fe1c308c9fc6a14a5b21e3c9f1ab3fc6f16572f50d50c78b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 12:12:06 GMT
Server
nginx/1.10.0
Transfer-Encoding
chunked
P3P
CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
Cache-Control
no-cache, must-revalidate
Connection
close
Content-Type
application/javascript
Expires
Tue, Jan 12 1999 01:01:01 GMT
loading-video.gif
research.thehalkiremedy.com/i/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/loading-video.gif
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da04055d4da4a70d7740344a6bd08156a9fdb5cd9cbcc3e181caf8cdc2627809

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/c/extra.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:46:59 GMT
server
cloudflare
etag
"61aa14e-234dc-593d8bf8946df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b29090a5a0c-VIE
content-length
144604
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
video-sound.png
research.thehalkiremedy.com/i/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/video-sound.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8d400c2d2c4887b60950795d7a066333957febede24991378c3ecbd6ea2181

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/c/extra.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 01 Oct 2019 12:47:27 GMT
server
cloudflare
etag
"61aa1c6-5a0d-593d8c137eabb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b29090b5a0c-VIE
content-length
23053
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
video-cover.jpg
research.thehalkiremedy.com/i/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/video-cover.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
028e9d1ee77c9f501b8badeade9dd090a31a1cf07dff2fa2896865e86b2ec184

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/c/extra.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 01 Oct 2019 12:47:24 GMT
server
cloudflare
etag
"61aa1b7-181ff-593d8c103a049"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b29090c5a0c-VIE
content-length
98815
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway:900
Origin
https://research.thehalkiremedy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 18:24:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:41 GMT
server
sffe
age
582449
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13564
x-xss-protection
0
expires
Sat, 10 Oct 2020 18:24:36 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2130173592&t=pageview&_s=1&dl=https%3A%2F%2Fresearch.thehalkiremedy.com%2F%3Faff_id%3D26%26subid2%3D5856_sessid20191018121214242%26subid%3D450&ul=en-us&de=UTF-8&dt=(1)%2048%20Year%20Old%20Mom%20Fixed%20High%20Blood%20Sugar%20With%20Simple%2060-Second%20Habit!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=36588100&gjid=1685913905&cid=1630075840.1571400726&tid=UA-129095905-3&_gid=1398936077.1571400726&_r=1&gtm=2ouaa0&z=939698997
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Oct 2019 12:12:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
buygoods_black.png
www.buygoods.com/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.buygoods.com/images/buygoods_black.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, 3DES_EDE_CBC
Server
67.228.248.72 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
48.f8.e443.ip4.static.sl-reverse.com
Software
nginx/1.10.2 /
Resource Hash
ff275d0907ee3185c117355cad64b0ded33ff9b98422ba6877fc50e7c1f7bb52

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 12:12:06 GMT
Last-Modified
Tue, 12 Sep 2017 06:30:00 GMT
Server
nginx/1.10.2
ETag
"59b77ee8-257c"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
close
Accept-Ranges
bytes
Content-Length
9596
Expires
Thu, 31 Dec 2037 23:55:55 GMT
iframe_api
www.youtube.com/ 		859 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/j/external-index-final.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
video-start.png
research.thehalkiremedy.com/i/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/video-start.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41bdc4d5173898e0a7c218f4c2951a4d6c9a11573f0d1310d37e26fa9d2a85be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:47:27 GMT
server
cloudflare
etag
"61aa1c7-92bc-593d8c13c28a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b2b1a525a0c-VIE
content-length
37564
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
video-finished.jpg
research.thehalkiremedy.com/i/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/video-finished.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83facf10c0c4ca77f6983283e246c1be9e983cc28f80cb535f6908d63655db51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:47:23 GMT
server
cloudflare
etag
"61aa1b8-7cf7-593d8c1023503"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b2b1a545a0c-VIE
content-length
31991
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
discount-popup.png
research.thehalkiremedy.com/i/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/discount-popup.png
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f060e3e37cd63fb99fe919536c6c9e8cbc5ffc0b728b16a7f9c247a73ec20791

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:47:28 GMT
server
cloudflare
etag
"61aa1cb-9b2f-593d8c1461b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b2b1a565a0c-VIE
content-length
39727
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
dim-popup.jpg
research.thehalkiremedy.com/i/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/dim-popup.jpg
Requested by
Host: research.thehalkiremedy.com
URL: https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8415837c8ffb10a1f6e49fb6cd25675f99d5db0f454d84e2f4dbdc64199b5fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Oct 2019 12:46:38 GMT
server
cloudflare
etag
"61aa122-15f00-593d8be4752a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
527a6b2b1a585a0c-VIE
content-length
89856
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 11:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88571
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Wed, 16 Oct 2019 09:47:41 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 25 Oct 2019 11:35:55 GMT
rg9JTodAdGQ
www.youtube.com/embed/ Frame 0D2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/rg9JTodAdGQ?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fresearch.thehalkiremedy.com&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/rg9JTodAdGQ?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fresearch.thehalkiremedy.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450

Response headers

status
200
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Fri, 18 Oct 2019 12:12:06 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=FzZkp_MXj-M; path=/; domain=.youtube.com; expires=Wed, 15-Apr-2020 12:12:06 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 18-Oct-2019 12:42:06 GMT YSC=-RP3hDT3nTI; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=FzZkp_MXj-M; path=/; domain=.youtube.com; expires=Wed, 15-Apr-2020 12:12:06 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 18-Jun-2020 00:05:06 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video-start.png
research.thehalkiremedy.com/i/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://research.thehalkiremedy.com/i/video-start.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b46a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41bdc4d5173898e0a7c218f4c2951a4d6c9a11573f0d1310d37e26fa9d2a85be

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://research.thehalkiremedy.com/?aff_id=26&subid2=5856_sessid20191018121214242&subid=450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 12:12:06 GMT
cf-cache-status
HIT
age
0
cf-ray
527a6b2fad1f5a0c-VIE
status
200
content-length
37564
last-modified
Tue, 01 Oct 2019 12:47:27 GMT
server
cloudflare
etag
"61aa1c7-92bc-593d8c13c28a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 18 Oct 2019 16:12:06 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| mysrc object| newScript object| s function| ReadCookie object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| Bounceback number| na number| np number| sc number| muteStatus number| c object| tag object| firstScriptTag object| player function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| preload function| setCookie function| getCookie function| displayLink string| message function| clickIE function| clickNS function| updateTimerDisplay function| formatTime function| updateProgressBar object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| spitoday object| spiexpire function| SPIGetDomainName string| hostname object| spi_myNodelist number| spi_i string| spi_pattern_enc_bg string| spi_pattern_base_bg string| spi_replace_str_bg string| spi_pattern_enc_spi string| spi_pattern_base_spi string| spi_replace_str_spi string| spi_pattern_enc_cbd string| spi_pattern_base_cbd string| spi_replace_str_cbd string| spi_replace_enc_cbd string| spi_replace_enc_bg string| spi_replace_enc_spi string| spi_track_link

15 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.thehalkiremedy.com/ Name: referrer
Value: 89.38.96.188::research.thehalkiremedy.com
.thehalkiremedy.com/ Name: aff_id
Value: 26
.thehalkiremedy.com/ Name: sid
Value: 450%7C5856_sessid20191018121214242
.thehalkiremedy.com/ Name: spi_funnel_codename
Value:
.youtube.com/ Name: GPS
Value: 1
.thehalkiremedy.com/ Name: sessid2
Value: sessid20191018121214555
research.thehalkiremedy.com/ Name: bounceback-visited-textpage
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: FzZkp_MXj-M
.thehalkiremedy.com/ Name: _ga
Value: GA1.2.1630075840.1571400726
.thehalkiremedy.com/ Name: campaign_id
Value:
.thehalkiremedy.com/ Name: __cfduid
Value: da3e6b23658d8686fd5af754bbb42fe401571400724
.youtube.com/ Name: YSC
Value: -RP3hDT3nTI
.thehalkiremedy.com/ Name: _gat_gtag_UA_129095905_3
Value: 1
.thehalkiremedy.com/ Name: _gid
Value: GA1.2.1398936077.1571400726

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
cdnjs.cloudflare.com
display.spapi.com
fonts.googleapis.com
fonts.gstatic.com
research.thehalkiremedy.com
s.ytimg.com
tracking.buygoods.com
use.fontawesome.com
www.buygoods.com
www.google-analytics.com
www.googletagmanager.com
www.m818w.com
www.youtube.com
173.192.49.240
174.36.107.248
23.111.9.35
2606:4700:30::681b:b46a
2606:4700::6813:c697
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:815::200a
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200a
2a00:1450:4001:824::200e
67.199.248.11
67.228.182.155
67.228.248.72
028e9d1ee77c9f501b8badeade9dd090a31a1cf07dff2fa2896865e86b2ec184
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
1eec8d12d86b16c01e84efb9a13ea9eebc4421adcfe7007ada57e1c9201d900d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dc53625941564c757e054d5e1126224664bea60cd0a908e8277cf58448e228d
41bdc4d5173898e0a7c218f4c2951a4d6c9a11573f0d1310d37e26fa9d2a85be
45a796d6ea704979807bcfd40b9ad4b894366a42d98ce48b30da9439601ceeee
4c43360ecb439736afc6ed58d30d942d0b8c127bb57e11fd6a0c063d2e46febf
4d9b12ae41d0846ff9eb42fb1262c6f03f545fa1ac57aed450bc116aa909d7cf
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae
5a8d400c2d2c4887b60950795d7a066333957febede24991378c3ecbd6ea2181
64f7e898e72e091a8b29207209f7ec824c2905f26a9e9b9760ffeb8cda002d9b
6e3ad62f99700301fe1c308c9fc6a14a5b21e3c9f1ab3fc6f16572f50d50c78b
77266cd1df79a3e8c9067612fcd189d17781f60e5ebe8838c77ddfc8b039569c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83facf10c0c4ca77f6983283e246c1be9e983cc28f80cb535f6908d63655db51
97a1d8e450692755c61f67faf3152042079e356b5cc322b1b6e219ced8550b6b
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
b0ae7d88f141cccc87eee9cdfca7744e380d5e5474f395ade4cfd3e7aef8ef7f
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
c365f123ae4ee083b769600b27b6c9db53c2df89e3443c729c2ebf49ecba5947
cc81b8d7a575ca78f75a08eefec714f342801163ac3b9ad12df572443b8ebfb4
cce0ac62ff912364bcd1c5f536ac9214e5971f49f0ab780c87f1923971ee7f3d
d8415837c8ffb10a1f6e49fb6cd25675f99d5db0f454d84e2f4dbdc64199b5fd
da04055d4da4a70d7740344a6bd08156a9fdb5cd9cbcc3e181caf8cdc2627809
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e6b78a3b2b84bd50ec0bd967d247c6884862fe40765bf6160e383c4fe49951df
f060e3e37cd63fb99fe919536c6c9e8cbc5ffc0b728b16a7f9c247a73ec20791
ff275d0907ee3185c117355cad64b0ded33ff9b98422ba6877fc50e7c1f7bb52