urlscan.io logo urlscan.io
SecurityTrails logo

bitwp-itdoifkm-1061.users.nyc1.aw1.io Open in urlscan Pro
157.230.66.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Submission: On December 12 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 38 HTTP transactions. The main IP is 157.230.66.122, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is bitwp-itdoifkm-1061.users.nyc1.aw1.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 4th 2020. Valid for: 2 years.
This is the only time bitwp-itdoifkm-1061.users.nyc1.aw1.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 157.230.66.122 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 52.54.203.20 14618 (AMAZON-AES)
1 192.0.77.32 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
5 13.33.232.107 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
38 11
11    157.230.66.122 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bitwp-itdoifkm-1061.users.nyc1.aw1.io
recettes.ameriquebec.net
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
5    52.54.203.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-203-20.compute-1.amazonaws.com
adserve.atedra.com
1    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
s0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
5    13.33.232.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-232-107.mad51.r.cloudfront.net
code.adstanding.com
7    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com
www.googletagservices.com
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
9 bitwp-itdoifkm-1061.users.nyc1.aw1.io bitwp-itdoifkm-1061.users.nyc1.aw1.io
5 code.adstanding.com adserve.atedra.com
code.adstanding.com
5 adserve.atedra.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
adserve.atedra.com
code.adstanding.com
4 pagead2.googlesyndication.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 recettes.ameriquebec.net 1 redirects bitwp-itdoifkm-1061.users.nyc1.aw1.io
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
1 stats.wp.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
1 s0.wp.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
1 fonts.googleapis.com bitwp-itdoifkm-1061.users.nyc1.aw1.io
38 15

This site contains links to these domains. Also see Links.

Domain
recettes.ameriquebec.net
atedra.com
Subject Issuer Validity Valid
*.users.nyc1.aw1.io
Sectigo RSA Domain Validation Secure Server CA		 2020-01-04 -
2022-01-03		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
recettes.ameriquebec.net
Let's Encrypt Authority X3		 2020-10-25 -
2021-01-23		 3 months crt.sh
atedra.com
Amazon		 2020-02-21 -
2021-03-21		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Frame ID: 276D4C6F9911D440E1039A20871D3B8E
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 8BEE0710B82C47E3DCD12FE4B350ED24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9372512420705084&output=html&adk=1812271804&adf=3025194257&lmt=1578171395&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fbitwp-itdoifkm-1061.users.nyc1.aw1.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607738081374&bpp=4&bdt=732&idt=5&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=853769259769&frm=20&pv=2&ga_vid=1523328498.1607738081&ga_sid=1607738081&ga_hid=1670673349&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2180989079667&pem=73&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=19
Frame ID: 3118874B5CFA2F144DCDCB5C3C46F509
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: CB361554C4ACA99046D98C3DAFBEB5E9
Requests: 1 HTTP requests in this frame

Frame: https://adserve.atedra.com/static/zone.php?z=1624&vi=baaaaaaaaaaaaaaaaaaaaaaaaaaaaaad&l=5fd422e1886d550110390ffc&ord=16077380815038409187
Frame ID: A11C2F339932F233944F49D3D3312B18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

95 %
HTTPS

40 %
IPv6

12
Domains

15
Subdomains

11
IPs

2
Countries

459 kB
Transfer

847 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg HTTP 308
  • https://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bitwp-itdoifkm-1061.users.nyc1.aw1.io/ 		112 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
38b71c4d4365e54a4fb4f2ce48d3954a7d6ef7a2857505c8983bb3641efbaaaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
bitwp-itdoifkm-1061.users.nyc1.aw1.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:40 GMT
content-type
text/html; charset=UTF-8
last-modified
Sat, 04 Jan 2020 20:56:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
css
fonts.googleapis.com/ 		764 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:400,700
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c1c949b90354f9bcf12fb10b67f5aca8cc4073362b3f71d31e4e0ffda881e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 00:13:32 GMT
server
ESF
date
Sat, 12 Dec 2020 01:54:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Dec 2020 01:54:40 GMT
8cf4b98d4aef45fdca4c92a544d66b2f.css
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/8cf4b98d4aef45fdca4c92a544d66b2f.css
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:40 GMT
content-length
555
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47114
x-xss-protection
0
server
cafe
etag
10026942970525496094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Dec 2020 01:54:40 GMT
e1490b843a58e3f54a4c142e50177196.js
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/e1490b843a58e3f54a4c142e50177196.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:40 GMT
content-length
555
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html
logo-recettes-blanc.jpg
recettes.ameriquebec.net/wp-content/uploads/2014/07/
Redirect Chain
  • http://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg
  • https://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
4509f2f4014207742d7337629f6d8a5befbf8ed8fa4133a4f3397ba902b08027
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
last-modified
Sun, 31 Aug 2014 14:40:02 GMT
etag
"540333c2-2449"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
9289
expires
Mon, 11 Jan 2021 01:54:41 GMT

Redirect headers

Location
https://recettes.ameriquebec.net/wp-content/uploads/2014/07/logo-recettes-blanc.jpg
Date
Sat, 12 Dec 2020 01:54:41 GMT
Connection
keep-alive
Content-Length
164
Content-Type
text/html
serve.php
adserve.atedra.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserve.atedra.com/serve.php?z=1627
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.203.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-203-20.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9c2141071b59ce96649414283a70e10b0bce22c6a9da76ef8539a82999065f59

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
cache-control
max-age=3600
content-type
text/javascript;charset=UTF-8
server
Apache
content-encoding
gzip
vary
Accept-Encoding
expires
Sat, 12 Dec 2020 02:54:41 +0000
serve.php
adserve.atedra.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserve.atedra.com/serve.php?z=1626
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.203.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-203-20.compute-1.amazonaws.com
Software
Apache /
Resource Hash
24f247af6a416f8b55ed1ce6a7bf7c357152636e7d2411cee5115207c9aacfff

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
cache-control
max-age=3600
content-type
text/javascript;charset=UTF-8
server
Apache
content-encoding
gzip
vary
Accept-Encoding
expires
Sat, 12 Dec 2020 02:54:41 +0000
devicepx-jetpack.js
s0.wp.com/wp-content/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202001
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 12 Dec 2020 01:54:40 GMT
content-encoding
gzip
server
nginx
etag
W/"5bfee312-52b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
x-ac
2.hhn _dca
expires
Fri, 05 Nov 2021 08:49:48 GMT
e-202001.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202001.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT cdg
date
Sat, 12 Dec 2020 01:54:40 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Wed, 30 Dec 2020 00:26:14 GMT
2d462dafc57d9d13eadd7833ad36b351.js
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/2d462dafc57d9d13eadd7833ad36b351.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:40 GMT
content-length
555
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html
serve.php
adserve.atedra.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adserve.atedra.com/serve.php?z=1624
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.203.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-203-20.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ff0779f01cbcbb107b3adf481ad0ab2f415f08a08c3fc2a185794654d144c196

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
cache-control
max-age=3600
content-type
text/javascript;charset=UTF-8
server
Apache
content-encoding
gzip
vary
Accept-Encoding
expires
Sat, 12 Dec 2020 02:54:41 +0000
serve.php
adserve.atedra.com/ 		0
0
requireJS-2.1.11.js
code.adstanding.com/js/lib/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Requested by
Host: adserve.atedra.com
URL: https://adserve.atedra.com/serve.php?z=1624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.232.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-232-107.mad51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87b4424a38ce03cecc15bdb413970fadac4a6165c43339915de7381cc8cc21f1

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
eDZ8YpqZETw37WG5cbIEa9dUEsYUx8Tm
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 15:37:42 GMT
server
AmazonS3
age
77
etag
"9e49095bd3dc52bd8b7cc9a5aab52b7b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2bfefa9edba21d94426d6e53f8ee4516.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sat, 12 Dec 2020 01:53:25 GMT
x-amz-cf-pop
MAD51-C1
x-amz-cf-id
MwVChFZSY5fddRqGAYqZ5KsuzJZ_TUeHFOfT97U4LmUHWGL18SvITw==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
header-image.png
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/themes/food-recipes/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/themes/food-recipes/images/header-image.png
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
96275221d1dbfb193e116130a7472a356f3dc14d6cd7e96b94e36e5794f1b3a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
last-modified
Tue, 17 Nov 2015 20:12:36 GMT
etag
"564b8a34-16b28"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
92968
expires
Mon, 11 Jan 2021 01:54:41 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Dec 2020 01:54:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 8BEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 11 Dec 2020 10:01:15 GMT
expires
Fri, 25 Dec 2020 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
57206
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
serve.php
adserve.atedra.com/ 		0
0
rating_over.gif
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/plugins/wp-postratings/images/stars/ 		523 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
last-modified
Fri, 10 Aug 2018 14:45:38 GMT
etag
"5b6da512-20b"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
523
expires
Mon, 11 Jan 2021 01:54:41 GMT
lazyload-10.5.2.min.js
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/plugins/wp-rocket/inc/front/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.5.2.min.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
last-modified
Fri, 10 Aug 2018 14:49:05 GMT
etag
"5b6da5e1-e7d"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3709
expires
Sun, 12 Dec 2021 01:54:41 GMT
2d462dafc57d9d13eadd7833ad36b351.js
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/cache/min/1/2d462dafc57d9d13eadd7833ad36b351.js
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-length
555
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A6.8.1&blog=4656439&post=1787&tz=-5&srv=bitwp-itdoifkm-1061.users.nyc1.aw1.io&host=bitwp-itdoifkm-1061.users.nyc1.aw1.io&ref=&fcp=603&rand=0.9722605422167148
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
adstanding.js
code.adstanding.com/js/1605195456/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.adstanding.com/js/1605195456/adstanding.js
Requested by
Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.232.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-232-107.mad51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f17ea059929282c309ca7ae7959f9e393a7c6b2a2feef0e924360bbbbea313c

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
xdE6CdDUBCEEE.9CXLWVESZsBYbhbvLB
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 15:37:40 GMT
server
AmazonS3
age
9811
etag
"c176b48b93074763c6d5916d6859a0db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2bfefa9edba21d94426d6e53f8ee4516.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 11 Dec 2020 23:11:11 GMT
x-amz-cf-pop
MAD51-C1
x-amz-cf-id
-Ob4-k-rgKhbAsqEsGQVhLVf6scfTbLedWduVkz02Y3mwt58iQynQg==
jquery-1.11.0.js
code.adstanding.com/js/1605195456/lib/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.adstanding.com/js/1605195456/lib/jquery-1.11.0.js
Requested by
Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.232.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-232-107.mad51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
354416670fe683f63b8a8e1bed21c0e6e6ca38598820839c665dfa66b74a1556

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
2WpQ4Ex652t4Rm9B43tpAmQY9e7Oe2Gy
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 15:37:40 GMT
server
AmazonS3
age
2814
etag
"7ff7ce262b8880a8b6ed26ec7c7b23e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2bfefa9edba21d94426d6e53f8ee4516.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 12 Dec 2020 01:07:47 GMT
x-amz-cf-pop
MAD51-C1
x-amz-cf-id
SoHkfTaM1XYgnl2CuIcEI7EJYyvMoM4iOp2fAJml4X6LJRZALzBS1Q==
jquery-xdomainrequest-1.0.1.js
code.adstanding.com/js/1605195456/lib/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.adstanding.com/js/1605195456/lib/jquery-xdomainrequest-1.0.1.js
Requested by
Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.232.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-232-107.mad51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
978e247261f11ba9b27dd613f5c55d6e2450e841efbaab21e1caeb024694ef90

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
dxeDCLCNMoy2GR8lQR.YH3EF19h32FYw
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 15:37:40 GMT
server
AmazonS3
age
51714
etag
"f2460c4403cc849f0d08b43e3eb5cae6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2bfefa9edba21d94426d6e53f8ee4516.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 11 Dec 2020 11:32:48 GMT
x-amz-cf-pop
MAD51-C1
x-amz-cf-id
yBq71I8BQn9Vuz0J6vYOb3IqVu4eWINPn4lMTvTM7LfoBQg3TVXppg==
adstanding-viewability.js
code.adstanding.com/js/1605195456/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.adstanding.com/js/1605195456/adstanding-viewability.js
Requested by
Host: code.adstanding.com
URL: https://code.adstanding.com/js/lib/requireJS-2.1.11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.232.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-232-107.mad51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4da3e8f1b7214143da64b0c3763d8ca36b4ad8b812a25fc3ad4f4bc93a95d887

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
QOCmcVYx4UZnt.dMc4MnLBj..yJUt6xK
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 15:37:40 GMT
server
AmazonS3
age
12392
etag
"1e29feb47908f63ea70811cea3c07fd6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2bfefa9edba21d94426d6e53f8ee4516.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Fri, 11 Dec 2020 22:28:09 GMT
x-amz-cf-pop
MAD51-C1
x-amz-cf-id
KxzAdEoYT9m_fdjpZd8h55Xjw5hphAdgejPWgvnalouDXtBJEak63g==
cookie.js
partner.googleadservices.com/gampad/ 		196 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bitwp-itdoifkm-1061.users.nyc1.aw1.io&callback=_gfp_s_&client=ca-pub-9372512420705084
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
ebcef989d76bf77b0e3e3d01549495bd3415ac75c165e6574a3b4c043c305187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bitwp-itdoifkm-1061.users.nyc1.aw1.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bitwp-itdoifkm-1061.users.nyc1.aw1.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3118 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9372512420705084&output=html&adk=1812271804&adf=3025194257&lmt=1578171395&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fbitwp-itdoifkm-1061.users.nyc1.aw1.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607738081374&bpp=4&bdt=732&idt=5&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=853769259769&frm=20&pv=2&ga_vid=1523328498.1607738081&ga_sid=1607738081&ga_hid=1670673349&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2180989079667&pem=73&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9372512420705084&output=html&adk=1812271804&adf=3025194257&lmt=1578171395&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fbitwp-itdoifkm-1061.users.nyc1.aw1.io%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607738081374&bpp=4&bdt=732&idt=5&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=853769259769&frm=20&pv=2&ga_vid=1523328498.1607738081&ga_sid=1607738081&ga_hid=1670673349&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2180989079667&pem=73&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 12 Dec 2020 01:54:41 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 12-Dec-2020 02:09:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Sat, 12 Dec 2020 01:54:41 GMT
gateau-froid-63x53.jpg
bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/uploads/2011/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/wp-content/uploads/2011/03/gateau-froid-63x53.jpg
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.66.122 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8ad9090141aece1b01e6b7761f0c8fa68ce496e074c8ed7b7c033ab5bee4006f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
last-modified
Sun, 31 Aug 2014 22:24:36 GMT
etag
"5403a0a4-aa0"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2720
expires
Mon, 11 Jan 2021 01:54:41 GMT
zones.php
adserve.atedra.com/ 		3 KB
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserve.atedra.com/zones.php
Requested by
Host: code.adstanding.com
URL: https://code.adstanding.com/js/1605195456/lib/jquery-1.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.203.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-203-20.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5012cc99b8fbe05c9eb73a6af2d01c009429bc6f48b28e77822b659f9ffc1c59

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json; charset=uft-8
access-control-allow-origin
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io
cache-control
no-store
access-control-allow-credentials
true
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7455ad65dbd4ef19000a51a2abe1d7d5216ead46772aec6fa578f609c269461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6520
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Sat, 12 Dec 2020 01:54:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame CB36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Sat, 12 Dec 2020 00:32:48 GMT
expires
Sun, 12 Dec 2021 00:32:48 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4913
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zone.php
adserve.atedra.com/static/ Frame A11C 		64 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adserve.atedra.com/static/zone.php?z=1624&vi=baaaaaaaaaaaaaaaaaaaaaaaaaaaaaad&l=5fd422e1886d550110390ffc&ord=16077380815038409187
Requested by
Host: bitwp-itdoifkm-1061.users.nyc1.aw1.io
URL: https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.203.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-203-20.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:54:41 GMT
cache-control
no-store
expires
0
server
Apache
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=2180989079667&bg=!OzilOBjNAAXKjztByliDqUA_xrCrKQIAAABIUgAAAAtoAQcKAM3Ls7xDNRfcmegE5zXOFnHi7iM_cQ8shybnNrQoxBx5XOrO6pXwJ0LHMOFIBrev3_4JRkZrfeDh3J3sFVhCw1ZTPRXuNe8lhKxjPj6xd_SNGE_Qmhthk3qg8qshqLWM_d3GjztgzdnlIErazz9YSAJRpEi3FK5lfOHOpqNm19z7Jz2B8292HltjiaPOAi5nUTP3aaYrlTfgRQG6MkeCLDb3e-u50i207MFkDaPG6t2WpNaU_ln389y0hiZTTnkxGMEIMyDCIdbnA0mZZ-93mQHO5YDVCQJyMKIquAlv5UNv7trjR6PrvGX1dKF_F6IDLKIlNDS_9bMy1jxgnlZMaD7e34Uq5aomsMz0ShDkT4bWskY_1nYFyVnXf7DbXFgr0WxhwffkKHOBHOdpp6GGXXvVz5s3x9pQwQXB4-1Y8YD2PcjoSbLiZ6HbtwM0oBTUcsGHUYxb283xZPmxJT85_OTPPDbHKam4urihNdjopVjY9rUEV_HqjfDoGOu0zwL0CvN4XyRV5O42QbRZe5pTDrKZPcVNdlXzSrIgYrvWwsqLma_IoDaQqH_WFQJlVh44R293pVI7d_tJnQNW5ymiq5kuTNak1Y6xnvkx-DAojnoMewxD3rGLN3zp-AyLSFEnIpoZhEd_FfOxbQxIk647x6kQ-0C_l0qLMWRBrfz7IFXRWTZ9fCk4ffKpF9LlCrbcHzfpT7ncnQ_Secrm_QClik5lLZn13gfPzWLSNTJJNe_dQVgFcrDEoUpPwnCBBS2HgBopWVchZD2goBrrntau1zz-8Yv-62tRWKK3pFryBgoT8A0T6kj_lpYJ65f_2F469Td-8mlmdTijd6noAUXYJB85oMHnTPNnx7e0g79wqF51qlzpQTNrKFQD5pujVYFB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitwp-itdoifkm-1061.users.nyc1.aw1.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Dec 2020 01:54:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserve.atedra.com
URL
http://adserve.atedra.com/serve.php?z=6619
Domain
adserve.atedra.com
URL
http://adserve.atedra.com/serve.php?z=3340

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| AdStanding object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map undefined| AtedraVideo object| wpcom_img_zoomer object| detectZoom object| ratingsL10n object| ratings_mouseover_image object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| addFocusAndBlur function| st_go function| linktracker_init object| wpcom function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| google_jobrunner object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| _extends function| _typeof function| LazyLoad undefined| $ undefined| jQuery function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.aw1.io/ Name: __gads
Value: ID=9b57c9b089fc4035-22256b385bb9002e:T=1607738081:RT=1607738081:S=ALNI_Mb_kfsgr8TpAkbzAad4LVw1simmmw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserve.atedra.com
adservice.google.com
adservice.google.de
bitwp-itdoifkm-1061.users.nyc1.aw1.io
code.adstanding.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
recettes.ameriquebec.net
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
www.googletagservices.com
adserve.atedra.com
13.33.232.107
157.230.66.122
172.217.21.226
192.0.76.3
192.0.77.32
2a00:1450:4001:800::2001
2a00:1450:4001:817::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2002
52.54.203.20
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
24f247af6a416f8b55ed1ce6a7bf7c357152636e7d2411cee5115207c9aacfff
354416670fe683f63b8a8e1bed21c0e6e6ca38598820839c665dfa66b74a1556
38b71c4d4365e54a4fb4f2ce48d3954a7d6ef7a2857505c8983bb3641efbaaaa
3f17ea059929282c309ca7ae7959f9e393a7c6b2a2feef0e924360bbbbea313c
4509f2f4014207742d7337629f6d8a5befbf8ed8fa4133a4f3397ba902b08027
4da3e8f1b7214143da64b0c3763d8ca36b4ad8b812a25fc3ad4f4bc93a95d887
5012cc99b8fbe05c9eb73a6af2d01c009429bc6f48b28e77822b659f9ffc1c59
5c1c949b90354f9bcf12fb10b67f5aca8cc4073362b3f71d31e4e0ffda881e15
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
87b4424a38ce03cecc15bdb413970fadac4a6165c43339915de7381cc8cc21f1
8ad9090141aece1b01e6b7761f0c8fa68ce496e074c8ed7b7c033ab5bee4006f
96275221d1dbfb193e116130a7472a356f3dc14d6cd7e96b94e36e5794f1b3a6
974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c
978e247261f11ba9b27dd613f5c55d6e2450e841efbaab21e1caeb024694ef90
9c2141071b59ce96649414283a70e10b0bce22c6a9da76ef8539a82999065f59
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c7455ad65dbd4ef19000a51a2abe1d7d5216ead46772aec6fa578f609c269461
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95312c4f446a778a4e381be2ab80be0f36fea344760b66ec06e17d1e4c1740f
ebcef989d76bf77b0e3e3d01549495bd3415ac75c165e6574a3b4c043c305187
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
ff0779f01cbcbb107b3adf481ad0ab2f415f08a08c3fc2a185794654d144c196