Submitted URL: http://donotbelieveherlies.com/
Effective URL: http://donotbelieveherlies.com/dnbherlhome.php
Submission: On January 14 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 38 HTTP transactions. The main IP is 192.185.225.63, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is donotbelieveherlies.com.
This is the only time donotbelieveherlies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 donotbelieveherlies.com
donotbelieveherlies.com
657 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
225 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
2 amazonaws.com
s3-us-west-2.amazonaws.com
2 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 trustedsite.com
www.trustedsite.com — Cisco Umbrella Rank: 21059
998 B
1 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 12269
6 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3015
975 B
1 moonmodule.com
www.moonmodule.com — Cisco Umbrella Rank: 693938
8 KB
38 10
Domain Requested by
16 donotbelieveherlies.com donotbelieveherlies.com
6 pagead2.googlesyndication.com donotbelieveherlies.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 s3-us-west-2.amazonaws.com cdn.ywxi.net
2 www.paypalobjects.com donotbelieveherlies.com
1 www.google.com tpc.googlesyndication.com
1 www.trustedsite.com cdn.ywxi.net
1 cdn.ywxi.net donotbelieveherlies.com
1 www.paypal.com 1 redirects
1 www.moonmodule.com donotbelieveherlies.com
38 11

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
moonmodule.com
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-10-12 -
2024-10-31
a year crt.sh
*.ywxi.net
Amazon RSA 2048 M02
2023-06-05 -
2024-07-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.trustedsite.com
Amazon RSA 2048 M03
2023-12-27 -
2025-01-24
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 6 frames:

Primary Page: http://donotbelieveherlies.com/dnbherlhome.php
Frame ID: 2E470DDFBE35EEFB9967C9AB2CEC801A
Requests: 29 HTTP requests in this frame

Frame: http://donotbelieveherlies.com/media/silence.mp3
Frame ID: 2F59B75B278381536E07CD0EC549734F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: A2C8FA3545725662A733C95E6286D957
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7113232945286848&output=html&adk=1812271804&adf=3025194257&lmt=1705267218&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fdonotbelieveherlies.com%2Fdnbherlhome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705267217841&bpp=3&bdt=299&idt=205&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8608331361048&frm=20&pv=2&ga_vid=99040403.1705267218&ga_sid=1705267218&ga_hid=611262881&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320890&oid=2&pvsid=3925671484793423&tmod=1137085832&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fdonotbelieveherlies.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: 0404A450BB26B922E91CA13F55F15833
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9155D3BD16B10DB982F2728A53A7F3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32558658296EBE63DC354FBED6AC875E
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Do Not Believe Her Lies

Page URL History Show full URLs

  1. http://donotbelieveherlies.com/ Page URL
  2. http://donotbelieveherlies.com/dnbherlhome.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

38
Requests

42 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

907 kB
Transfer

1431 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://donotbelieveherlies.com/ Page URL
  2. http://donotbelieveherlies.com/dnbherlhome.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
donotbelieveherlies.com/
62 B
390 B
Document
General
Full URL
http://donotbelieveherlies.com/
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Upgrade, Keep-Alive
Content-Length
62
Content-Type
text/html
Date
Sun, 14 Jan 2024 21:20:17 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Sat, 15 Aug 2020 12:19:42 GMT
Server
Apache
Upgrade
h2,h2c
Primary Request dnbherlhome.php
donotbelieveherlies.com/
10 KB
4 KB
Document
General
Full URL
http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
3c8f3d12c2504e3b30959244642a7e7040e01ff0a939bb23503a84fdc5e7b9aa

Request headers

Referer
http://donotbelieveherlies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
https://donotbelieveherlies.com
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3442
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Jan 2024 21:20:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=74
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
main.css
donotbelieveherlies.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://donotbelieveherlies.com/css/main.css
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
45d838064c8d865036d7e2d232a2cf5822fae306375ccdac59025dfda2504741

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 31 Oct 2020 09:56:26 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
867
fonts.css
donotbelieveherlies.com/css/
2 KB
727 B
Stylesheet
General
Full URL
http://donotbelieveherlies.com/css/fonts.css
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
14b5d7c3924c61757c474bc44f30c807848d90bd1c92ddffa2dc6ec4320e620a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 19:10:11 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
352
dnbherlogo.png
donotbelieveherlies.com/images/
13 KB
13 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/dnbherlogo.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
ceebd1dec3a56c538fc467a90df1fee20022fc0e95395741183245c2d2e5b669

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Last-Modified
Thu, 31 Oct 2019 12:29:20 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
13385
hn.gif
www.moonmodule.com/cs/dm/
7 KB
8 KB
Image
General
Full URL
https://www.moonmodule.com/cs/dm/hn.gif
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5785c953c42e70eb47ca489d49a19466d4871c3d73ecabaf03b5880dda220c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
alt-svc
h3=":443"; ma=86400
content-length
7306
last-modified
Sun, 14 Jan 2024 20:00:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srji8NtuOrJQpk52as6E5eJ21yQxbXG0TwXZgnvFGyc5CYdT8g%2BNKZZTDubiJlUPWOB1WQXFo15VdGudl9dk4F8MkS%2FDz%2FREqxjFpOXLu3MJfR1tz2XkA%2BQyJp66%2BaZSWw5eWvhWQXJCZt50VY9DBE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8458ec0e8d9b7019-CDG
expires
Sun, 14 Jan 2024 21:32:02 GMT
fivelogo.png
donotbelieveherlies.com/images/
39 KB
39 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/fivelogo.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
ada60f1936ca0c4c720b27ca3808c0069dfee75af06f22368564a59ffe348d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Last-Modified
Tue, 20 Jul 2021 14:30:31 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
39752
6logo.png
donotbelieveherlies.com/images/
198 KB
199 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/6logo.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
822ab9f3476f2e671664ba2f92e225ba99f56c7659ed0af4f8f9144293687d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Last-Modified
Thu, 23 Jul 2020 16:13:50 GMT
Server
Apache
Upgrade
h2,h2c
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
203118
sevenlogo.png
donotbelieveherlies.com/images/
8 KB
9 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/sevenlogo.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
faaee47a2aebd83bfad8235cc1023e00867176e3b5b9f5b11428ef70f7b77e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Last-Modified
Mon, 13 Jul 2020 14:16:11 GMT
Server
Apache
Upgrade
h2,h2c
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
8616
thornburylink.png
donotbelieveherlies.com/images/
52 KB
52 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/thornburylink.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
23b95882c02b4f81386d2ad7f82d870712548511b024da2bdf7216b4c8997bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:17 GMT
Last-Modified
Tue, 03 Nov 2020 21:06:43 GMT
Server
Apache
Upgrade
h2,h2c
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Type
image/png
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
53364
discord_logo.png
donotbelieveherlies.com/images/
32 KB
32 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/discord_logo.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
aa6712eb0e791e104c18c2137127ff9125eaab6b9c35be9a96e4edb4575a39c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Thu, 10 Jan 2019 22:59:49 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=71
Content-Length
32718
btn_donate_SM.gif
www.paypalobjects.com/en_US/i/btn/
1 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
164cb18022ff9
dc
ccg11-origin-www-1.paypal.com
content-length
1447
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
ECAcc (frc/4CEB)
traceparent
00-0000000000000000000164cb18022ff9-23456a60dbc270d4-01
etag
"5d5637bd-5a7"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 14 Jan 2024 22:20:17 GMT
pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain
  • https://www.paypal.com/en_US/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif
43 B
185 B
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBC) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
44dbe3fea9359
dc
ccg11-origin-www-1.paypal.com
content-length
43
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
ECAcc (frc/4CBC)
traceparent
00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag
"5d5637be-2b"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sun, 14 Jan 2024 22:20:17 GMT

Redirect headers

date
Sun, 14 Jan 2024 21:20:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f499113e24884
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-served-by
cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f499113e24884-12de01d4ffc60299-01
x-timer
S1705267218.683972,VS0,VE155
location
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0
dnbhl.png
donotbelieveherlies.com/images/
37 KB
38 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/dnbhl.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
3eca2a68da062153365df72b0cb71b22dfdc0b806a9befa9223401edf0cc0ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Sat, 27 Jul 2019 12:44:18 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
38241
warning_.png
donotbelieveherlies.com/images/
76 KB
76 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/warning_.png
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
387f353bee8f8030841326029d811b9d477c60fcb9f37e2437883a733c1e76d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Mon, 22 Apr 2019 13:02:25 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
77586
1.js
cdn.ywxi.net/js/
20 KB
6 KB
Script
General
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:4e00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e439ab908d5181dccc2a2994a2b3cc4d3232d1a77b906a8d366959f609850b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 20:51:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
1710
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
4835
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-trace
2B3B27A5E137091180A2E39AE5B3A40FAE517157DC000000000000000000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
2zCacXuEHC0ciqhZF69mnY5XAPNYB_zRT6HBk6VUNZWS0v5qfBIYkw==
expires
Sun, 14 Jan 2024 21:51:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9820804dc36dbf467d6a5aa80bcea126aecceba2022f621d35f109c6b3de84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51144
x-xss-protection
0
server
cafe
etag
18135695648578827800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 21:20:17 GMT
silence.mp3
donotbelieveherlies.com/media/ Frame 2F59
0
0
Document
General
Full URL
http://donotbelieveherlies.com/media/silence.mp3
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash

Request headers

Referer
http://donotbelieveherlies.com/dnbherlhome.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Upgrade, Keep-Alive
Content-Length
144
Content-Type
audio/mpeg
Date
Sun, 14 Jan 2024 21:20:17 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Sun, 25 Nov 2018 12:06:52 GMT
Server
Apache
Upgrade
h2,h2c
mus1.mp3
donotbelieveherlies.com/media/
97 KB
0
Media
General
Full URL
http://donotbelieveherlies.com/media/mus1.mp3
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash

Request headers

Referer
http://donotbelieveherlies.com/dnbherlhome.php
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Sat, 27 Jun 2020 10:14:28 GMT
Server
Apache
Content-Type
audio/mpeg
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Range
bytes 0-3803773/3803774
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=70
Content-Length
3803774
mainbg.jpg
donotbelieveherlies.com/images/
192 KB
192 KB
Image
General
Full URL
http://donotbelieveherlies.com/images/mainbg.jpg
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
3134da9bc25c3fd3a716949faa9af8240d3e61e0bd9cc57354fe3f48fa42ad51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/dnbherlhome.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Sat, 27 Jun 2020 10:20:24 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
196563
Chalkduster.woff2
donotbelieveherlies.com/fonts/chalk/
0
0

client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/
176 B
1011 B
XHR
General
Full URL
http://s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/client.json?source=jsmain
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Server
52.218.250.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e53ac74a3c3eb73bf8f78ae6906703a0f09b88c580c959eaabda47b6d6ca339b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:19 GMT
Content-Encoding
gzip
x-amz-version-id
SB47PWOUNgyeOL1y.Fc.ASlcFBlN1HY1
x-amz-request-id
FHW9G4HYMVXY0ZK7
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Length
155
x-amz-id-2
/jELTwZPDRrNPS0MzVuReNCUF6tezhgBsn+dUjgjZdxroK23UWd9jGddqOblKhlMm7pXG2eyMBc=
Last-Modified
Thu, 04 Jan 2024 03:01:26 GMT
Server
AmazonS3
ETag
"0d3dce0eaf0d4054a4ade46ac903f397"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
http://donotbelieveherlies.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials
true
Cache-Control
public, max-age=60
Accept-Ranges
bytes
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/
176 B
1011 B
XHR
General
Full URL
http://s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/client.json?source=jsinline
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
HTTP/1.1
Server
52.218.250.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e53ac74a3c3eb73bf8f78ae6906703a0f09b88c580c959eaabda47b6d6ca339b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sun, 14 Jan 2024 21:20:19 GMT
Content-Encoding
gzip
x-amz-version-id
SB47PWOUNgyeOL1y.Fc.ASlcFBlN1HY1
x-amz-request-id
FHW0AWQVA2JDKS7W
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Length
155
x-amz-id-2
7zGxgoKPAknyl98IEWOA4rX1matSHpbiiPJ452gmtIQF6ZBAcezg8qhJxSEhA9dKN24WXZnFcrI=
Last-Modified
Thu, 04 Jan 2024 03:01:26 GMT
Server
AmazonS3
ETag
"0d3dce0eaf0d4054a4ade46ac903f397"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
http://donotbelieveherlies.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials
true
Cache-Control
public, max-age=60
Accept-Ranges
bytes
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7113232945286848&plah=donotbelieveherlies.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74971240d7f10c852bd49b1ae36b8a22be3257e8a6a224ea52b86c11a2a93157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139392
x-xss-protection
0
server
cafe
etag
11029454284657120431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 21:20:17 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame A2C8
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://donotbelieveherlies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 01:39:14 GMT
etag
9219409622527106327
expires
Sun, 28 Jan 2024 01:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
silence.mp3
donotbelieveherlies.com/media/ Frame 2F59
144 B
493 B
Media
General
Full URL
http://donotbelieveherlies.com/media/silence.mp3
Requested by
Host: donotbelieveherlies.com
URL: http://donotbelieveherlies.com/dnbherlhome.php
Protocol
HTTP/1.1
Server
192.185.225.63 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
dainippon.com.ar
Software
Apache /
Resource Hash
46e9d3ff1254ccd8a6fc7e7a0d5fc0c4adbaa873cd7b2f874911578fab92e7fd

Request headers

Referer
http://donotbelieveherlies.com/media/silence.mp3
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 14 Jan 2024 21:20:18 GMT
Last-Modified
Sun, 25 Nov 2018 12:06:52 GMT
Server
Apache
Content-Type
audio/mpeg
Access-Control-Allow-Origin
https://donotbelieveherlies.com
Content-Range
bytes 0-143/144
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
144
ads
googleads.g.doubleclick.net/pagead/ Frame 0404
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7113232945286848&output=html&adk=1812271804&adf=3025194257&lmt=1705267218&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fdonotbelieveherlies.com%2Fdnbherlhome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705267217841&bpp=3&bdt=299&idt=205&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8608331361048&frm=20&pv=2&ga_vid=99040403.1705267218&ga_sid=1705267218&ga_hid=611262881&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320890&oid=2&pvsid=3925671484793423&tmod=1137085832&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fdonotbelieveherlies.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7113232945286848&plah=donotbelieveherlies.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://donotbelieveherlies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 21:20:18 GMT
expires
Sun, 14 Jan 2024 21:20:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ajax
www.trustedsite.com/rpc/
6 B
998 B
Script
General
Full URL
https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=donotbelieveherlies.com&rand=1705267218259
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.106.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-106-248.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
Apache
x-trace
2BDDBDCAEF84D5708A3D495F13400ECBBB2CCE46B9000000000000000000
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type
text/javascript; charset=utf-8
content-length
26
Chalkduster.woff
donotbelieveherlies.com/fonts/chalk/
0
0

Chalkduster.ttf
donotbelieveherlies.com/fonts/chalk/
0
0

sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7113232945286848&plah=donotbelieveherlies.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4751ac9896b9421a6bd30fa4d1f675a89d7b593fefc735e9ef7e82aa04423c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12398
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7113232945286848&plah=donotbelieveherlies.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:20:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F915
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://donotbelieveherlies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
121813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 11:30:06 GMT
expires
Sun, 12 Jan 2025 11:30:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3255
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7403f3381b165c419d584675263f82cb3a483ed8776ba64550c6177c05fc95c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AkdV5jWnwd4_Qf-YNVr2Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://donotbelieveherlies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-AkdV5jWnwd4_Qf-YNVr2Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 21:20:19 GMT
expires
Sun, 14 Jan 2024 21:20:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame F915
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 16:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
104435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 16:19:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3255
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3925671484793423&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame F915
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?2zKa1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 21:20:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3925671484793423&bg=!v7ylvPPNAAaumcC-jpk7ADQBe5WfOCPw_fP7Q2I9kzkqpeNFRHVl4JfP5fHyVX4rpd5daBB9xfNSd7_s5egZUkTIjgMzAgAAAI9SAAAABGgBBwoAgZXfCRYQolzTF2rWiDtiPEntDhLqUpVfysSHQqzAdTlcGm78SsivL-8A-5Pt6Ubgf5J7I3WXIagioOusNoBlzxI0ThRLDOGg3pkw_st6vt-dpZ_4FbsGLH6KYGoTWJi9QkbMchQ8Jbrli5uOaepe8A7ARxaEoqlbm-y7Kc8lkOBUTZkCy0O4GFQQDH3UGpjNLnQc0z91uSFnyjFyGiavSa0s7PG9DnjBL_y55KSQRsKAM1_o47xdmdk1kCmAxqyM88YZuWf4vk81Mv_Akok-7BSI2Dd4Ru58eggVwzu8uXnaAB0jO3chQVbEYmtCmQqPImfDmZ1V074Of9cUlB8ZHnzPV4W8dhJGrPZs3cO3YCUP2mM3EsoPD3ABlQiaQstxvQs-JvaRWTVOAl5lGxCgpXqJ7KfLEtfKX-n6v2JuWyj4PyTpIUBzLhYnTCI-A1nQxTKd_ca6sklpwUL41AIdG5VB2JFrb9HZbcTi_U6xX1nPMKO0CvWjjWEerlwt95Rqr39fMVjjabScOwM_2sPmxRHONafNJw0CCUN9w7PcYDEFpfjBfA-H73VTTtoP3sdJRZw_fK5DDOPhGgEIDkfWUN2jyhwB1iHWpsGKBbjZDfpkPH8RPtchb9606nyzaRqOeEViZAcIzNK6CWpdX3kWAkEYX6w6FqAjBGociFJS4fVOEZPORdv5ztwzZOGAsgr9Yu3NH4vMgiI2OcHDaxgHYr8M11aF_plDiWHqPXW3C2JlPhnA9SkvU2G-Pm5kY_bCvDNXNLSZKxwIZ_VCu6Q_Zi-HWUzpYdSE1blb3m1eFr3IPHViywubhzO0Vd6ZP5SChRrUB80hR4F5wbrkBmzdXbo1d0aMgeg9bOsMAF1TYEBx10hcvzCOY8lwE-jxf-tkFamLclC8BXirmZT07FWyecpdZ5bsKUc1GidhB_A7ZVslih2hzH8zb2aEfWJ2ZE3i3kixAHEcF05THKpH0luYYMrgFWmelc0C4vfIjwqpY9B_ofsrnyHv10q1vEtIkMn0HiVqfTXL2RF94mRT7V_hrJbn5b-YY1WPU4V8uWU3Zbss-nZVr8YZ-u_fRSOnV_5QvGxPBJS5HqfPMWbBQiYc3g01ptGhCEB0L8F8yy2WYb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://donotbelieveherlies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
donotbelieveherlies.com
URL
https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff2
Domain
donotbelieveherlies.com
URL
https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff
Domain
donotbelieveherlies.com
URL
https://donotbelieveherlies.com/fonts/chalk/Chalkduster.ttf

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| FF object| adsbygoogle object| TrustedSite number| TrustedSite_done object| TrustedSiteInline object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
donotbelieveherlies.com/ Name: PHPSESSID
Value: f671316eb350683019e97d916eed8de7
.paypal.com/ Name: ts
Value: vreXpYrS%3D1799961617%26vteXpYrS%3D1705269017%26vr%3D09d8c56518d0a55120230fceff561473%26vt%3D09d8c56518d0a55120230fceff561472%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D09d8c56518d0a55120230fceff561473%26vt%3D09d8c56518d0a55120230fceff561472
donotbelieveherlies.com/ Name: trustedsite_visit
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.trustedsite.com/ Name: AWSALBCORS
Value: 5eWa5dh4yE+Nx3+y45X3IzUBXnm1kr9gOO6hDJG4J3DOSCraFPEI2waglO6ilYtiodJwoocpizBHYrgxRlhrINsYI0P1yYkCeMdQw7YRIlz/iv25Q0YxvlE9/s3Y

6 Console Messages

Source Level URL
Text
javascript error URL: http://donotbelieveherlies.com/dnbherlhome.php
Message:
Access to font at 'https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff2' from origin 'http://donotbelieveherlies.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://donotbelieveherlies.com' that is not equal to the supplied origin.
network error URL: https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://donotbelieveherlies.com/dnbherlhome.php
Message:
Access to font at 'https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff' from origin 'http://donotbelieveherlies.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://donotbelieveherlies.com' that is not equal to the supplied origin.
network error URL: https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://donotbelieveherlies.com/dnbherlhome.php
Message:
Access to font at 'https://donotbelieveherlies.com/fonts/chalk/Chalkduster.ttf' from origin 'http://donotbelieveherlies.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://donotbelieveherlies.com' that is not equal to the supplied origin.
network error URL: https://donotbelieveherlies.com/fonts/chalk/Chalkduster.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ywxi.net
donotbelieveherlies.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3-us-west-2.amazonaws.com
tpc.googlesyndication.com
www.google.com
www.moonmodule.com
www.paypal.com
www.paypalobjects.com
www.trustedsite.com
donotbelieveherlies.com
151.101.193.21
192.185.225.63
192.229.221.25
2600:9000:238d:4e00:14:6bfc:5740:93a1
2606:4700:3036::ac43:9214
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2002
52.218.250.160
54.68.106.248
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
14b5d7c3924c61757c474bc44f30c807848d90bd1c92ddffa2dc6ec4320e620a
23b95882c02b4f81386d2ad7f82d870712548511b024da2bdf7216b4c8997bd4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3134da9bc25c3fd3a716949faa9af8240d3e61e0bd9cc57354fe3f48fa42ad51
387f353bee8f8030841326029d811b9d477c60fcb9f37e2437883a733c1e76d8
3c8f3d12c2504e3b30959244642a7e7040e01ff0a939bb23503a84fdc5e7b9aa
3eca2a68da062153365df72b0cb71b22dfdc0b806a9befa9223401edf0cc0ace
45d838064c8d865036d7e2d232a2cf5822fae306375ccdac59025dfda2504741
46e9d3ff1254ccd8a6fc7e7a0d5fc0c4adbaa873cd7b2f874911578fab92e7fd
4751ac9896b9421a6bd30fa4d1f675a89d7b593fefc735e9ef7e82aa04423c0d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5785c953c42e70eb47ca489d49a19466d4871c3d73ecabaf03b5880dda220c5e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
74971240d7f10c852bd49b1ae36b8a22be3257e8a6a224ea52b86c11a2a93157
822ab9f3476f2e671664ba2f92e225ba99f56c7659ed0af4f8f9144293687d77
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
aa6712eb0e791e104c18c2137127ff9125eaab6b9c35be9a96e4edb4575a39c7
ada60f1936ca0c4c720b27ca3808c0069dfee75af06f22368564a59ffe348d7b
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
b9820804dc36dbf467d6a5aa80bcea126aecceba2022f621d35f109c6b3de84c
c7403f3381b165c419d584675263f82cb3a483ed8776ba64550c6177c05fc95c
ceebd1dec3a56c538fc467a90df1fee20022fc0e95395741183245c2d2e5b669
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439ab908d5181dccc2a2994a2b3cc4d3232d1a77b906a8d366959f609850b40
e53ac74a3c3eb73bf8f78ae6906703a0f09b88c580c959eaabda47b6d6ca339b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
faaee47a2aebd83bfad8235cc1023e00867176e3b5b9f5b11428ef70f7b77e6e