www.3fcef9da9b31.xyz Open in urlscan Pro
157.245.24.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.3fcef9da9b31.xyz/
Effective URL:
https://www.3fcef9da9b31.xyz/
Submission: On February 06 via manual (February 6th 2020, 8:59:42 pm UTC) from US

Summary HTTP 62 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 18 domains to perform 62 HTTP transactions. The main IP is 157.245.24.75, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.3fcef9da9b31.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 3rd 2020. Valid for: 3 months.

This is the only time www.3fcef9da9b31.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	157.245.24.75 157.245.24.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
22	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6812:2fad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:9e00:19:d208:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 3	104.85.250.71 104.85.250.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.137.80 104.19.137.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
2 2	52.18.161.147 52.18.161.147	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.124.153 18.194.124.153	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 1	195.201.196.144 195.201.196.144	24940 (HETZNER-AS) (HETZNER-AS)
62	14

17 157.245.24.75 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.3fcef9da9b31.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6812:2fad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.blockaway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:9e00:19:d208:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.85.250.71 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-250-71.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.137.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.161.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-147.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.124.153 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-124-153.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.196.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.196.201.195.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	154 KB
17	3fcef9da9b31.xyz 1 redirects www.3fcef9da9b31.xyz	259 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	userreport.com cdn.userreport.com	73 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1017 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	662 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	790 B
2	gstatic.com fonts.gstatic.com	31 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	loopme.me 1 redirects csync.loopme.me	192 B
1	omnitagjs.com visitor.omnitagjs.com	371 B
1	lentainform.com cm.lentainform.com	329 B
1	steepto.com cm.steepto.com	278 B
1	blockaway.net cdn.blockaway.net
1	googletagmanager.com www.googletagmanager.com	28 KB
0	Failed function sub() { [native code] }. Failed
62	18

	Domain	Requested by
17	www.3fcef9da9b31.xyz	1 redirects www.3fcef9da9b31.xyz
10	s-img.mgid.com
6	cm.mgid.com	jsc.mgid.com
4	platform.twitter.com	www.3fcef9da9b31.xyz platform.twitter.com
3	cdn.mgid.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com
3	cdn.userreport.com	www.3fcef9da9b31.xyz cdn.userreport.com
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	fonts.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	csync.loopme.me	1 redirects
1	visitor.omnitagjs.com
1	cm.lentainform.com
1	cm.steepto.com
1	c.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	syndication.twitter.com	www.3fcef9da9b31.xyz
1	cdn.blockaway.net	www.3fcef9da9b31.xyz
1	jsc.mgid.com	www.3fcef9da9b31.xyz
1	www.googletagmanager.com	www.3fcef9da9b31.xyz
0	docbehmolikiogjomonmfieaidgfcbpc Failed	www.3fcef9da9b31.xyz
0	haanbmjmhcofgngkioelkdablmmmbhoo Failed	www.3fcef9da9b31.xyz
0	ckjnnmdnpicjmpmcheonhjhbhamjclhi Failed	www.3fcef9da9b31.xyz
0	djpehmepgepfpoiaendmglmnjmmfalio Failed	www.3fcef9da9b31.xyz
0	lmmpgfjnchldhcieiiegcpdmaidkaanb Failed	www.3fcef9da9b31.xyz
62	28

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
brainberries.co
chrome.google.com
github.com
twitter.com

Subject Issuer	Validity	Valid
3fcef9da9b31.xyz Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
ssl382684.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-22` - `2020-10-09`	9 months	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
ssl382690.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA	`2019-03-26` - `2020-06-23`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.3fcef9da9b31.xyz/
Frame ID: 2D1CD59E8CA1DBB09E465CE5B826E46D
Requests: 58 HTTP requests in this frame

Frame: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Frame ID: A2F15857F638E55314C4735D0CD9971D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
Frame ID: 8BB77A32C1D309E888E14DA232626E1F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.3fcef9da9b31.xyz
Frame ID: EB514E65EABFB0587CE94FE4ED582F6A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
Frame ID: 01D4EB73FE925C0713468D992967DF08
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1581022770856104862906
Frame ID: C65CE65AFCBAD5743C30D08EE7C89ECD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.3fcef9da9b31.xyz/ HTTP 301
https://www.3fcef9da9b31.xyz/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

62
Requests

92 %
HTTPS

28 %
IPv6

18
Domains

28
Subdomains

14
IPs

6
Countries

597 kB
Transfer

1839 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=www.3fcef9da9b31.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=371007

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/the-6-best-90s-action-movies/

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/10-inventions-that-make-us-question-humanity/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/do-you-recognize-these-baby-faces-33-pics/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-stunning-asian-actresses-no-man-can-resist/

Search URL Search Domain Scan URL

URL: https://brainberries.co/funny/28-geeky-and-hilarious-shower-curtains-you-can-actually-buy/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/12-actors-who-always-play-villains/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/7-actors-who-had-ridiculous-reasons-for-quitting-a-role/

Search URL Search Domain Scan URL

URL: https://brainberries.co/funny/average-guy-photoshops-himself-sleeping-with-celebrities-and-its-hilarious/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/crazy-luxuries-the-rock-affords-for-himself/

Search URL Search Domain Scan URL

URL: https://brainberries.co/gadgets-and-science/8-surprising-ways-drones-could-be-used-in-the-future/

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/croxyproxy-free-web-proxy/lmmpgfjnchldhcieiiegcpdmaidkaanb
Title: from Chrome web store

Search URL Search Domain Scan URL

URL: https://github.com/croxy-proxy-official/extension
Title: manually

Search URL Search Domain Scan URL

URL: https://twitter.com/croxy_proxy
Title: @croxy_proxy Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.3fcef9da9b31.xyz/ HTTP 301
https://www.3fcef9da9b31.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F&c9=&cs_ak_ss=1

Request Chain 57

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=8fdcba68-9e61-4191-b7b9-faae51677a0b

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azE2dXZNNFk5Q1hj&muidn=k16uvM4Y9CXc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azE2dXZNNFk5Q1hj&muidn=k16uvM4Y9CXc&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k16uvM4Y9CXc&google_ula={guid},5&google_gid=CAESEDaCHzgpNWlBgzt0yIAXscY&google_cver=1

Request Chain 60

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=f90c494a-2f66-49b7-a803-edcc31fa24b5&ttl=1583614773

Request Chain 61

https://x.bidswitch.net/sync?dsp_id=303&user_id=k16uvM4Y9CXc HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k16uvM4Y9CXc HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=59dd5240-b366-4db6-ba64-aebc6b4b464e&name=BIDSWITCH

Request Chain 62

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=c62a5e35-345f-440b-b54e-eb0655c39edc

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.3fcef9da9b31.xyz/
Redirect Chain

http://www.3fcef9da9b31.xyz/
https://www.3fcef9da9b31.xyz/

21 KB
5 KB

125ms
53ms

Document
text/html

157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.3fcef9da9b31.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

2cdfe721285d183e1cc62f2e6a3aecd2d1add038846c50ce066eddf0024085fc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: www.3fcef9da9b31.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Server: Apache
access-control-allow-origin: https://www.3fcef9da9b31.xyz
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5014
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Server: Apache
Location: https://www.3fcef9da9b31.xyz/
Content-Length: 349
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK __cpa.main.css
www.3fcef9da9b31.xyz/assets/ 191 KB
35 KB 89ms
38ms Stylesheet
text/css 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.3fcef9da9b31.xyz/assets/__cpa.main.css
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 5146068779fad2a9556232682e7913b630cd077dbce047b53792a0a6d2b5f3a9

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 May 2019 14:17:56 GMT
Server: Apache
ETag: "2fdf0-589df36fa7f91-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 35780

GET
H/1.1 200
OK __cpa.main.js Show response
www.3fcef9da9b31.xyz/assets/ 763 KB
113 KB 127ms
64ms Script
application/javascript 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.3fcef9da9b31.xyz/assets/__cpa.main.js
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 0b58b8755c2f7cbaab6f30d48ea7286459679aa6aff02a27a4e98d5037ebd7a4

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Nov 2019 10:08:14 GMT
Server: Apache
ETag: "beae6-597b03e04a877-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Requested by

Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bfd2b8af30916e0ddcc7c0c2fef0a4e6ebdd3f311cf1119bdc614ee16327bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:23 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=604800; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28366
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 20:40:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Feb 2020 20:59:23 GMT

GET
H/1.1 200
OK en.svg
www.3fcef9da9b31.xyz/images/flags/ 3 KB
3 KB 95ms
32ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/en.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1a55a5ced0b629a0bdc966b76b6cd4348cf7dc75a04a91ccc63900bea8cdbcf6

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "a27-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 2599

GET
H/1.1 200
OK tr.svg
www.3fcef9da9b31.xyz/images/flags/ 1 KB
1 KB 79ms
27ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/tr.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: a8c53a89e1fa010c4235f6b9b1e6f5f9affcd084c7b0c013cf06e7636a2c8be0

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "488-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1160

GET
H/1.1 200
OK es.svg
www.3fcef9da9b31.xyz/images/flags/ 1016 B
1 KB 86ms
34ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/es.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: df32b3db71cf153c8483b53fa1e7338d89bff15cce31bc9c1a6ece19fb1868c4

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "3f8-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1016

GET
H/1.1 200
OK id.svg
www.3fcef9da9b31.xyz/images/flags/ 678 B
946 B 103ms
37ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/id.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: b16649c3ef1f2f3a583d6f4e8c0249fb1fdec133475336efb794949cfa677d5a

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:23 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "2a6-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 678

GET
H/1.1 200
OK pt.svg
www.3fcef9da9b31.xyz/images/flags/ 1 KB
1 KB 126ms
45ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/pt.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e10999b6a4921097745a2a63cfa9e9814a1204082d7e62960ea3dcd829fe4db7

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "4d2-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1234

GET
H/1.1 200
OK fr.svg
www.3fcef9da9b31.xyz/images/flags/ 841 B
1 KB 128ms
45ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/fr.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 9c16026758eb006aff26298a9b7ed632e7ff3fee6deded797ae490f7ad889dea

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "349-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 841

GET
H/1.1 200
OK de.svg
www.3fcef9da9b31.xyz/images/flags/ 984 B
1 KB 143ms
49ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/de.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 59015b92fdd88f18eb426bd5b30bea58f2551b50c11edc1c8dc4dd82ed3de73d

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "3d8-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 984

GET
H/1.1 200
OK it.svg
www.3fcef9da9b31.xyz/images/flags/ 841 B
1 KB 145ms
50ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/it.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 53c3938f7174e2922d0d06927ccda017988928d4529c845f233ab6f9fe7a5e8c

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "349-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 841

GET
H/1.1 200
OK ko.svg
www.3fcef9da9b31.xyz/images/flags/ 3 KB
3 KB 176ms
47ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/ko.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: b5defb8a0aed8a9ca429e6cdcb1ecb9590ede92bcdf2edf5d6ee6eda4cf6df37

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "caa-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 3242

GET
H/1.1 200
OK ar.svg
www.3fcef9da9b31.xyz/images/flags/ 988 B
1 KB 290ms
61ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/ar.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e85307a9af14db0637114ca484ac2e259b128906aaf6d09b9ca184d5d0ec2d19

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "3dc-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 988

GET
H/1.1 200
OK zh.svg
www.3fcef9da9b31.xyz/images/flags/ 1 KB
2 KB 179ms
67ms Image
image/svg+xml 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/flags/zh.svg
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 8342a764b0465d57ca4f135f618558d33b5311d815bed6a5e04e4588f9772899

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "500-59deb787b82a7"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 1280

GET
H/1.1 200
OK logo.png
www.3fcef9da9b31.xyz/images/ 12 KB
13 KB 111ms
44ms Image
image/png 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.3fcef9da9b31.xyz/images/logo.png
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "31a9-59deb787b9247"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 12713

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 104ms
35ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:24 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29101
x-served-by: cache-iad2127-IAD, cache-fra19142-FRA
last-modified: Wed, 05 Feb 2020 23:55:53 GMT
etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.3fcef9da9b31.xyz/fonts/ 75 KB
76 KB 116ms
44ms Font
application/octet-stream 157.245.24.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.3fcef9da9b31.xyz/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.24.75 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.3fcef9da9b31.xyz/assets/__cpa.main.css
Origin: https://www.3fcef9da9b31.xyz

Response headers

Date: Thu, 06 Feb 2020 20:59:24 GMT
Last-Modified: Thu, 06 Feb 2020 17:19:07 GMT
Server: Apache
ETag: "12d68-59deb787b82a7"
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 77160

GET
H2 200 croxyproxy.com.371007.js Show response
jsc.mgid.com/c/r/ Frame A2F1 147 KB
41 KB 6668ms
6613ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e963e2de24e626d87271e5c7d78f62386b9d0df8eaebd57a28164d8e7bac75a

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 5BE1E3172F73B683
cf-polished: origSize=150427
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: BJaUBhgZWR8NUPiWk3diW2VSQh7lLxVBwrwZl1yoG54nGnCGDHJ7o83sy9+UOcnWON9pMzW8PjA=
last-modified: Thu, 30 Jan 2020 16:26:04 GMT
server: cloudflare
etag: W/"b3dfcd6ca924ba795955e425b2424bc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 06 Feb 2020 21:59:30 GMT
cache-control: public, max-age=3600
cf-ray: 56100c338e82c84f-AMS
cf-bgj: minify

GET
H2 200 aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
cdn.blockaway.net/buttons/ Frame 8BB7 0
0 104ms
48ms Document
text/html 2606:4700:3032::6812:2fad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=

Requested by

Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6812:2fad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: cdn.blockaway.net
:scheme: https
:path: /buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Thu, 06 Feb 2020 20:59:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dde0421c0ff77eb10a0cc11edfde198fd1581022764; expires=Sat, 07-Mar-20 20:59:24 GMT; path=/; domain=.blockaway.net; HttpOnly; SameSite=Lax
access-control-allow-origin: https://cdn.blockaway.net
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56100c3369332724-FRA
content-encoding: br

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 4254
date: Thu, 06 Feb 2020 19:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Thu, 06 Feb 2020 21:48:30 GMT

GET
H2 200 userreport.js Show response
cdn.userreport.com/ 237 KB
71 KB 34ms
7ms Script
application/x-javascript 2600:9000:2057:9e00:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/userreport.js
Requested by: Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9e00:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b331d22231cb69e3809e664735e0b340680ff6b9a3ed8fb4179c794b3eef1b80

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: QghsnqXR_1toUKWODcogYQcbKP5ULBui
content-encoding: gzip
age: 3202
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Feb 2020 20:06:03 GMT
content-length: 71729
last-modified: Mon, 20 Jan 2020 14:01:12 GMT
server: AmazonS3
etag: "f142ec135de295af1560d69f65f04140"
content-type: application/x-javascript
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: SfJ9RBVkuWcU0CwyINwSHoPpwYdpkiSfa4gVJqygbdaxsmtq5JA3kg==

GET test.png
lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/ 0
0

GET test.png
djpehmepgepfpoiaendmglmnjmmfalio/shared/images/ 0
0

GET test.png
ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/ 0
0

GET test.png
haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/ 0
0

GET test.png
docbehmolikiogjomonmfieaidgfcbpc/shared/images/ 0
0

POST
H2 200 collect
www.google-analytics.com/r/ 35 B
134 B 14ms
13ms Other
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/r/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.3fcef9da9b31.xyz/
Origin: https://www.3fcef9da9b31.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://www.3fcef9da9b31.xyz
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/ 5 KB
2 KB 106ms
106ms Script
text/javascript 2600:9000:2057:9e00:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/settings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9e00:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f6f6d1e20f8aba348906edcf179aac2b3c0eb693effb3d5f3fa4a6f2e267306

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 06:41:05 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 09:20:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "f91ce6a184741df747cc92e1ba055e52"
x-cache: RefreshHit from cloudfront
x-amz-version-id: X1ADh2U4sBHi94XWZezwSnAVmEW394Ct
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-type: text/javascript
content-length: 1675
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-id: 3NtTD_cJWRO2Xiu9It1rOAb9Nc8kdPlJ_dZdUnqjX8h-FvSjUE4jZg==

GET
H2 200 widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame EB51 0
0 37ms
37ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.3fcef9da9b31.xyz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.3fcef9da9b31.xyz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.3fcef9da9b31.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.3fcef9da9b31.xyz/

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:46:01 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 06 Feb 2020 20:59:24 GMT
x-served-by: cache-iad2132-IAD, cache-fra19142-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 button.a657e8de41cd5e7b38cde1f36c9ab9c2.js Show response
platform.twitter.com/js/ 7 KB
2 KB 42ms
42ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.a657e8de41cd5e7b38cde1f36c9ab9c2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8fb0dbd66e3091dd62288e41c7cf318688f865c82235b9b20859f137616b8fb0

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:24 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2298
x-served-by: cache-iad2134-IAD, cache-fra19142-FRA
last-modified: Wed, 05 Feb 2020 23:45:52 GMT
etag: "09b3168455e779aae7dfda717bf2c67c+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 SystemSettings.js Show response
cdn.userreport.com/ 894 B
842 B 40ms
40ms Script
text/javascript 2600:9000:2057:9e00:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/SystemSettings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9e00:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: gQ1hO0YgbYhTxRfqxYszZJ_hqU5aLpvt
content-encoding: gzip
last-modified: Wed, 14 Mar 2018 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "fbcd727c30fa10bc139aca4aec81f8e3"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=0
date: Thu, 06 Feb 2020 20:59:25 GMT
accept-ranges: bytes
content-length: 442
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-id: 7oc3LwyGOr05h9as9s6vHlmGKgBTF7P1iaAXIgSmLXGmAaaeCOrz7g==

GET
H2 200 follow_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
platform.twitter.com/widgets/ Frame 01D4 0
0 43ms
43ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/follow_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.3fcef9da9b31.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.3fcef9da9b31.xyz/

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:45:54 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "52a415f1f5d7421bb271ae7d69fdc862+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 06 Feb 2020 20:59:24 GMT
x-served-by: cache-iad2125-IAD, cache-fra19142-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13806

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 232ms
156ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1581022764407%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%224a203525%3A1580945701206%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.3fcef9da9b31.xyz
URL: https://www.3fcef9da9b31.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Thu, 06 Feb 2020 20:59:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e31a816148a5b186054c824e117a93ed
x-transaction: 00bf1a2500e9b1cb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.3fcef9da9b31.xyz/
Origin: https://www.3fcef9da9b31.xyz

Response headers

date: Sat, 01 Feb 2020 12:57:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 460910
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16224
x-xss-protection: 0
expires: Sun, 31 Jan 2021 12:57:40 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.3fcef9da9b31.xyz/
Origin: https://www.3fcef9da9b31.xyz

Response headers

date: Sat, 01 Feb 2020 15:01:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 453458
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15556
x-xss-protection: 0
expires: Sun, 31 Jan 2021 15:01:52 GMT

GET
H2 200 1 Show response
servicer.mgid.com/371007/ 7 KB
3 KB 66ms
65ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/371007/1?w=750&h=5160&cols=1&pv=5&cbuster=1581022770781762786015&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F&pageView=1&pvid=1701c4cf65d8b8bfc36&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939051d0da8762860427b378938b8ce71a7c4f462c284ab062d42b8586471d0d

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 56100c5d7fe3c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 827 B
392 B 2117ms
2116ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1581022770852900453458
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 022390189073b7d23acc1602e8fe8b359c9affcbd1853131a707a5009cd955b2

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:32 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 56100c5de930c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C65C 19 B
260 B 123ms
122ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1581022770856104862906
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 56100c5de944c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 19

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
27ms Script
application/x-javascript 104.85.250.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/r/croxyproxy.com.371007.js?t=1201620
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.250.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-250-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 06 Feb 2020 20:59:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 07 Feb 2020 20:59:30 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 57ms
23ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3077
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 1DA48E4E68F72EDE
x-amz-id-2: 2QWmz/oWhzaUHelrfKb+69OTX98+Ej7x73dHGUYSOJAlwrINCUv5rcrzCRkk8XYu+nxahoIwbGU=
last-modified: Mon, 18 Nov 2019 15:04:17 GMT
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 56100c5e29f5c84f-AMS
expires: Fri, 07 Feb 2020 00:59:30 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzVmMzhkNmE4OGEzYjg1MTMyM2NkOTk4ZTg4Nzc2OGRkLmpwZWc*.webp
s-img.mgid.com/g/4003651/328x328/289x0x341x341/ 11 KB
11 KB 43ms
41ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4003651/328x328/289x0x341x341/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzVmMzhkNmE4OGEzYjg1MTMyM2NkOTk4ZTg4Nzc2OGRkLmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7196997c66553451d7732123c81ddfb111c67e89117e923569929373c51b048

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:49:13 GMT
server: cloudflare
age: 15318617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df96fc84f-AMS
access-control-allow-origin: *
content-length: 11594

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2E4NGZmYTUxNTI5ZDZmNGQ2NzJmM2UxMjFlYzNjMjk4LmpwZWc*.webp
s-img.mgid.com/g/4147880/328x328/16x0x498x498/ 8 KB
8 KB 37ms
34ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147880/328x328/16x0x498x498/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2E4NGZmYTUxNTI5ZDZmNGQ2NzJmM2UxMjFlYzNjMjk4LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2069da3b8f7fc452065de49dd7f18b2eb1049d387942f077fbf0fea2cc527df8

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2019 16:15:49 GMT
server: cloudflare
age: 12889770
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df96dc84f-AMS
access-control-allow-origin: *
content-length: 8110

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0LzgyZTU0Y2U5NWZmYTc3MjgwNjY1NDE2NzA0MzI3NTYwLmpwZz90PTE0OTEzODYzMjc4MjE*.webp
s-img.mgid.com/g/3805569/328x328/82x0x328x328/ 9 KB
9 KB 22ms
20ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805569/328x328/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0LzgyZTU0Y2U5NWZmYTc3MjgwNjY1NDE2NzA0MzI3NTYwLmpwZz90PTE0OTEzODYzMjc4MjE*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38fe843a4e4cdde9141d688de655be8d4964c0f1358aa806c13b53ac2fb7b850

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:20:45 GMT
server: cloudflare
age: 11540583
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df968c84f-AMS
access-control-allow-origin: *
content-length: 9274

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZz90PTE0OTIwMjgyNjQyNDU*.webp
s-img.mgid.com/g/3805539/328x328/0x0x900x900/ 19 KB
19 KB 28ms
25ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805539/328x328/0x0x900x900/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0Lzc5ZjU2ZGFhYjZiOTEzNzU3OTMwNjY0NjFmMWViYzAyLmpwZz90PTE0OTIwMjgyNjQyNDU*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4a1e9e13fcac1b35a0bc2077115defd7ef795b20e2a9ed91bd8ed85963eb80

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Oct 2019 07:10:27 GMT
server: cloudflare
age: 8081220
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df96cc84f-AMS
access-control-allow-origin: *
content-length: 19256

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzVmMDM2OTJmNTBiYWVhNmExM2ZhOWM5Y2IzODBiNjNlLmpwZWc*.webp
s-img.mgid.com/g/3946094/328x328/0x0x623x623/ 8 KB
8 KB 34ms
32ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3946094/328x328/0x0x623x623/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzVmMDM2OTJmNTBiYWVhNmExM2ZhOWM5Y2IzODBiNjNlLmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81316fa9d2f9e3c6f327576ed70adfb4382cd1fc2bfec0a00fa480872ff153f

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:32:02 GMT
server: cloudflare
age: 7406327
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df966c84f-AMS
access-control-allow-origin: *
content-length: 8456

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzY1ZDlhODA2NWUzYmZhZTMwOGFhNmU5ZWNlYzdkMGQxLmpwZWc*.webp
s-img.mgid.com/g/4074790/328x328/207x0x722x722/ 5 KB
5 KB 25ms
24ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4074790/328x328/207x0x722x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzY1ZDlhODA2NWUzYmZhZTMwOGFhNmU5ZWNlYzdkMGQxLmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af450c2f0a2b1a0a5ce50bf9b3f5722f0199be91db4d761725bdf5bd2496a2a8

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 12:36:08 GMT
server: cloudflare
age: 11457770
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5df969c84f-AMS
access-control-allow-origin: *
content-length: 5180

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc*.webp
s-img.mgid.com/g/3948452/328x328/205x0x640x640/ 8 KB
8 KB 30ms
30ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3948452/328x328/205x0x640x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2090e7458d5a9eb7b0b74acfa70c4e7b4f3388c39bc9fea81cc24582414533af

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:46:14 GMT
server: cloudflare
age: 3512695
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5e29e5c84f-AMS
access-control-allow-origin: *
content-length: 7988

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM*.webp
s-img.mgid.com/g/3805489/328x328/131x158x625x625/ 10 KB
10 KB 25ms
25ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805489/328x328/131x158x625x625/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ef42861897827419e1272af7cce25bf8a5b0a406a217d48acbffee7a1b6df4

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:39:17 GMT
server: cloudflare
age: 15318898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5e29e7c84f-AMS
access-control-allow-origin: *
content-length: 10080

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA1LzEwMTkyNC80ZjU3MWNlMTcyM2ZmN2Y1OTM3NmJiZGRmMDU0NzUwMy5qcGVn.webp
s-img.mgid.com/g/3805666/328x328/277x0x855x855/ 17 KB
18 KB 20ms
20ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805666/328x328/277x0x855x855/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA1LzEwMTkyNC80ZjU3MWNlMTcyM2ZmN2Y1OTM3NmJiZGRmMDU0NzUwMy5qcGVn.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba775f4f586a428feb7851adc4229ad94422d4f1fe9ece9c18413d604c1fede3

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:25:28 GMT
server: cloudflare
age: 15319452
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5e29edc84f-AMS
access-control-allow-origin: *
content-length: 17836

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JmNGFiNWZhMThjM2Y5ODY5ZWVlYjNhZDUyNGJlZTBhLmpwZWc*.webp
s-img.mgid.com/g/3959825/328x328/173x0x399x399/ 9 KB
9 KB 27ms
27ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3959825/328x328/173x0x399x399/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JmNGFiNWZhMThjM2Y5ODY5ZWVlYjNhZDUyNGJlZTBhLmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af300572bfa0317f58b361f403590da051c5c6c997da6a4604bc4b530ad0cd7

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:35:53 GMT
server: cloudflare
age: 11773637
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 56100c5e3a13c84f-AMS
access-control-allow-origin: *
content-length: 9482

GET
H2 200 scroll-arrow-to-left.svg
cdn.mgid.com/test/carousel/img/ 788 B
762 B 37ms
22ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/test/carousel/img/scroll-arrow-to-left.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec41d545a64b87618509b885e972f52bd334f6ae0e58872243c26fa546c1d86

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 455
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 7AE92AB47B37F8D9
x-amz-id-2: xWmJW6A40F1NMsnknVynz/31XzLu3vHjlGzI/suIzueqjHLGoUPFeZQEYD3PMQTGQ+nFC3cOUGQ=
last-modified: Mon, 27 Jan 2020 11:09:10 GMT
server: cloudflare
etag: W/"2151c597970bf0779adc0fd097dffe1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 56100c5e29f6c84f-AMS
expires: Fri, 07 Feb 2020 00:59:30 GMT

GET
H2 200 scroll-arrow-to-right.svg
cdn.mgid.com/test/carousel/img/ 781 B
681 B 31ms
22ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/test/carousel/img/scroll-arrow-to-right.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3171d9b141de17ebe95ff337b08751cb9c21ae46f1ce81db85fa04b8cd6e9089

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 571
status: 200
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 4F25DCD7F839EBA4
x-amz-id-2: +F015OO2zP58OMXxTY3EMSbUSK4ILNVF5+nwu5ozIEZ2acl3cCG8XQJgpAUiSMp9B/mZC56E1ic=
last-modified: Mon, 03 Feb 2020 10:15:02 GMT
server: cloudflare
etag: W/"153545e178defa5c7b9a1e3364cf5ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 56100c5e29f4c84f-AMS
expires: Fri, 07 Feb 2020 00:59:30 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fww...

0
528 B

26ms
25ms

Image
text/plain

104.85.250.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.250.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-250-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Feb 2020 20:59:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1581022770886&ns_c=UTF-8&cv=3.5&c8=The%20Most%20Advanced%20Secure%20And%20Free%20Web%20Proxy%20%7C%20CroxyProxy&c7=https%3A%2F%2Fwww.3fcef9da9b31.xyz%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 06 Feb 2020 20:59:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c
c.mgid.com/ Frame A2F1 43 B
428 B 64ms
63ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=196|278|12|Pnjqfzjk7pUU3U1JAVF4a8IoFK0HHHs1Tpgx6_DLafD0VbqXSuVrv75f0Gp9x4NS&fw=1&v=196|278|12|Pnjqfzjk7pUU3U1JAVF4axReAF8W9CtmvnbQMa7D4lxOe8WjjzXXYT6a7v176fl7&v=196|278|12|Pnjqfzjk7pUU3U1JAVF4a2xEr6U-1381QmckwADiyv8CRUNjqK_IUx9NwaxkKtGs&cid=371007&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=91de52be-4923-11ea-ae1b-d094662c24f7&tt=Direct&cbuster=1581022772032501665889&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:32 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 56100c654d13c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
278 B 211ms
169ms Image
image/gif 104.19.137.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=k16uvM4Y9CXc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 56100c6b6c84bda5-AMS
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=8fdcba68-9e61-4191-b7b9-faae51677a0b

43 B
296 B

121ms
111ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=8fdcba68-9e61-4191-b7b9-faae51677a0b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 56100c6fdc11c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

date: Thu, 06 Feb 2020 20:59:33 GMT
via: 1.1 google
location: //cm.mgid.com/m?cdsp=287839&c=8fdcba68-9e61-4191-b7b9-faae51677a0b
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azE2dXZNNFk5Q1hj&muidn=k16uvM4Y9CXc
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azE2dXZNNFk5Q1hj&muidn=k16uvM4Y9CXc&google_tc=
https://cm.mgid.com/google?muidn=k16uvM4Y9CXc&google_ula={guid},5&google_gid=CAESEDaCHzgpNWlBgzt0yIAXscY&google_cver=1

0
47 B

114ms
114ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k16uvM4Y9CXc&google_ula={guid},5&google_gid=CAESEDaCHzgpNWlBgzt0yIAXscY&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 06 Feb 2020 20:59:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
status: 200
accept-ranges: bytes
cf-ray: 56100c6b9fcdc84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
server: HTTP server (unknown)
location: https://cm.mgid.com/google?muidn=k16uvM4Y9CXc&google_ula={guid},5&google_gid=CAESEDaCHzgpNWlBgzt0yIAXscY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 169ms
56ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k16uvM4Y9CXc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=f90c494a-2f66-49b7-a803-edcc31fa24b5&ttl=1583614773

43 B
156 B

107ms
107ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=f90c494a-2f66-49b7-a803-edcc31fa24b5&ttl=1583614773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 56100c6ba809c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
x-aspnet-version: 4.0.30319
location: https://cm.mgid.com/m?cdsp=371158&c=f90c494a-2f66-49b7-a803-edcc31fa24b5&ttl=1583614773
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k16uvM4Y9CXc
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k16uvM4Y9CXc
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=59dd5240-b366-4db6-ba64-aebc6b4b464e&name=BIDSWITCH

49 B
371 B

97ms
33ms

Image
image/gif

185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=59dd5240-b366-4db6-ba64-aebc6b4b464e&name=BIDSWITCH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 73
expires: 0

Redirect headers

status: 302
date: Thu, 06 Feb 2020 20:59:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=59dd5240-b366-4db6-ba64-aebc6b4b464e&name=BIDSWITCH
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=c62a5e35-345f-440b-b54e-eb0655c39edc

43 B
292 B

103ms
103ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=c62a5e35-345f-440b-b54e-eb0655c39edc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.3fcef9da9b31.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Feb 2020 20:59:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 56100c6baff0c84f-AMS
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

status: 307
date: Thu, 06 Feb 2020 20:59:33 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=c62a5e35-345f-440b-b54e-eb0655c39edc

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lmmpgfjnchldhcieiiegcpdmaidkaanb
URL: chrome-extension://lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/test.png

Domain: djpehmepgepfpoiaendmglmnjmmfalio
URL: chrome-extension://djpehmepgepfpoiaendmglmnjmmfalio/shared/images/test.png

Domain: ckjnnmdnpicjmpmcheonhjhbhamjclhi
URL: chrome-extension://ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/test.png

Domain: haanbmjmhcofgngkioelkdablmmmbhoo
URL: chrome-extension://haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/test.png

Domain: docbehmolikiogjomonmfieaidgfcbpc
URL: chrome-extension://docbehmolikiogjomonmfieaidgfcbpc/shared/images/test.png

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.blockaway.net/	1970-01-19 16:37:44	Name: __atuvc Value: 1%7C6
.3fcef9da9b31.xyz/	1970-01-19 07:10:22	Name: _gat_gtag_UA_111548442_4 Value: 1
.3fcef9da9b31.xyz/	1970-01-19 07:11:49	Name: _gid Value: GA1.2.1601518172.1581022764
cdn.blockaway.net/	1970-01-19 07:10:24	Name: __atuvs Value: 5e3c7e2c24c90066000
.3fcef9da9b31.xyz/	1970-01-20 00:41:34	Name: _ga Value: GA1.2.514067990.1581022764

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: ^^^ Browser extension is not installed ^^^

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
cdn.blockaway.net
cdn.mgid.com
cdn.userreport.com
ckjnnmdnpicjmpmcheonhjhbhamjclhi
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cm.steepto.com
csync.loopme.me
djpehmepgepfpoiaendmglmnjmmfalio
docbehmolikiogjomonmfieaidgfcbpc
fonts.gstatic.com
haanbmjmhcofgngkioelkdablmmmbhoo
jsc.mgid.com
lmmpgfjnchldhcieiiegcpdmaidkaanb
match.adsrvr.org
platform.twitter.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
servicer.mgid.com
syndication.twitter.com
visitor.omnitagjs.com
www.3fcef9da9b31.xyz
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
ckjnnmdnpicjmpmcheonhjhbhamjclhi
djpehmepgepfpoiaendmglmnjmmfalio
docbehmolikiogjomonmfieaidgfcbpc
haanbmjmhcofgngkioelkdablmmmbhoo
lmmpgfjnchldhcieiiegcpdmaidkaanb
104.19.132.78
104.19.137.80
104.244.42.8
104.85.250.71
151.101.12.157
157.245.24.75
18.194.124.153
185.255.84.153
195.201.196.144
216.58.206.2
23.105.245.5
2600:9000:2057:9e00:19:d208:7940:93a1
2606:4700:3032::6812:2fad
2a00:1450:4001:808::2003
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
35.212.212.222
52.18.161.147
022390189073b7d23acc1602e8fe8b359c9affcbd1853131a707a5009cd955b2
0b58b8755c2f7cbaab6f30d48ea7286459679aa6aff02a27a4e98d5037ebd7a4
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1a55a5ced0b629a0bdc966b76b6cd4348cf7dc75a04a91ccc63900bea8cdbcf6
2069da3b8f7fc452065de49dd7f18b2eb1049d387942f077fbf0fea2cc527df8
2090e7458d5a9eb7b0b74acfa70c4e7b4f3388c39bc9fea81cc24582414533af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cdfe721285d183e1cc62f2e6a3aecd2d1add038846c50ce066eddf0024085fc
2f6f6d1e20f8aba348906edcf179aac2b3c0eb693effb3d5f3fa4a6f2e267306
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
3171d9b141de17ebe95ff337b08751cb9c21ae46f1ce81db85fa04b8cd6e9089
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
38fe843a4e4cdde9141d688de655be8d4964c0f1358aa806c13b53ac2fb7b850
3bfd2b8af30916e0ddcc7c0c2fef0a4e6ebdd3f311cf1119bdc614ee16327bfc
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60
5146068779fad2a9556232682e7913b630cd077dbce047b53792a0a6d2b5f3a9
53c3938f7174e2922d0d06927ccda017988928d4529c845f233ab6f9fe7a5e8c
59015b92fdd88f18eb426bd5b30bea58f2551b50c11edc1c8dc4dd82ed3de73d
62ef42861897827419e1272af7cce25bf8a5b0a406a217d48acbffee7a1b6df4
7e963e2de24e626d87271e5c7d78f62386b9d0df8eaebd57a28164d8e7bac75a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8342a764b0465d57ca4f135f618558d33b5311d815bed6a5e04e4588f9772899
8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0
8fb0dbd66e3091dd62288e41c7cf318688f865c82235b9b20859f137616b8fb0
939051d0da8762860427b378938b8ce71a7c4f462c284ab062d42b8586471d0d
9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af
9af300572bfa0317f58b361f403590da051c5c6c997da6a4604bc4b530ad0cd7
9c16026758eb006aff26298a9b7ed632e7ff3fee6deded797ae490f7ad889dea
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a8c53a89e1fa010c4235f6b9b1e6f5f9affcd084c7b0c013cf06e7636a2c8be0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af450c2f0a2b1a0a5ce50bf9b3f5722f0199be91db4d761725bdf5bd2496a2a8
b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59
b16649c3ef1f2f3a583d6f4e8c0249fb1fdec133475336efb794949cfa677d5a
b331d22231cb69e3809e664735e0b340680ff6b9a3ed8fb4179c794b3eef1b80
b5defb8a0aed8a9ca429e6cdcb1ecb9590ede92bcdf2edf5d6ee6eda4cf6df37
ba775f4f586a428feb7851adc4229ad94422d4f1fe9ece9c18413d604c1fede3
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
df32b3db71cf153c8483b53fa1e7338d89bff15cce31bc9c1a6ece19fb1868c4
e10999b6a4921097745a2a63cfa9e9814a1204082d7e62960ea3dcd829fe4db7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7196997c66553451d7732123c81ddfb111c67e89117e923569929373c51b048
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e85307a9af14db0637114ca484ac2e259b128906aaf6d09b9ca184d5d0ec2d19
ec4a1e9e13fcac1b35a0bc2077115defd7ef795b20e2a9ed91bd8ed85963eb80
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
f81316fa9d2f9e3c6f327576ed70adfb4382cd1fc2bfec0a00fa480872ff153f
fec41d545a64b87618509b885e972f52bd334f6ae0e58872243c26fa546c1d86

www.3fcef9da9b31.xyz Open in urlscan Pro 157.245.24.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

92 %HTTPS

28 %IPv6

18 Domains

28 Subdomains

14 IPs

6 Countries

597 kBTransfer

1839 kBSize

5 Cookies

14 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.3fcef9da9b31.xyz Open in urlscan Pro
157.245.24.75 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

92 %
HTTPS

28 %
IPv6

18
Domains

28
Subdomains

14
IPs

6
Countries

597 kB
Transfer

1839 kB
Size

5
Cookies

62 HTTP transactions
2 data transactions