thedarwinhub.com Open in urlscan Pro
161.47.117.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.marketbeat.com/scripts/click.aspx?SponsorshipID=64798
Effective URL:
https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2...
Submission: On September 08 via api (September 8th 2022, 3:09:20 pm UTC) from CA — Scanned from CA

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 9 domains to perform 44 HTTP transactions. The main IP is 161.47.117.248, located in Rutherfordton, United States and belongs to RACKSPACE, US. The main domain is thedarwinhub.com. The Cisco Umbrella rank of the primary domain is 506643.
TLS certificate: Issued by Thawte RSA CA 2018 on February 2nd 2022. Valid for: a year.

This is the only time thedarwinhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:310... 2606:4700:3108::ac42:2b0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 15	161.47.117.248 161.47.117.248	19994 (RACKSPACE) (RACKSPACE)
9	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2 2	18.234.1.56 18.234.1.56	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:806::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
44	9

1 2606:4700:3108::ac42:2b0e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.marketbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 161.47.117.248 (Rutherfordton, United States) 3 redirects

ASN19994 (RACKSPACE, US)

thedarwinhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:817::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80b::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.234.1.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-1-56.compute-1.amazonaws.com

www.investmentnewsdaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	thedarwinhub.com 3 redirects thedarwinhub.com — Cisco Umbrella Rank: 506643	739 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	905 KB
9	google.com www.google.com — Cisco Umbrella Rank: 19	88 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	68 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	114 KB
2	investmentnewsdaily.com 2 redirects www.investmentnewsdaily.com	845 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188	440 B
1	marketbeat.com 1 redirects www.marketbeat.com — Cisco Umbrella Rank: 65582	286 B
44	9

	Domain	Requested by
15	thedarwinhub.com	3 redirects thedarwinhub.com
10	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	thedarwinhub.com www.gstatic.com www.google.com
4	fonts.gstatic.com	www.google.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	thedarwinhub.com
2	ajax.googleapis.com	thedarwinhub.com
2	www.investmentnewsdaily.com	2 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	thedarwinhub.com
1	www.marketbeat.com	1 redirects
44	11

This site contains no links.

Subject Issuer	Validity	Valid
thedarwinhub.com Thawte RSA CA 2018	`2022-02-02` - `2023-02-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Frame ID: D33E232A002D6FF3CE43E6CBCA995310
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=tkxnwb28qpji
Frame ID: 4779231E200F34706BEBE538C394E50E
Requests: 8 HTTP requests in this frame

Frame: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Frame ID: 5AEE2FFB02F00B2947BF04C6BD60DB89
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=1w4l6agdqgdy
Frame ID: BE8A2B028C5DCAD4C567019331E25A33
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE
Frame ID: 3A355B2150494AAE3391D887B2ADF45E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Special Offers

Page URL History Show full URLs

https://www.marketbeat.com/scripts/click.aspx?SponsorshipID=64798 HTTP 301
https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295 Page URL
https://thedarwinhub.com/track/lg/?mbid=2194&gm=&email=&de_sourceid=1295 HTTP 302
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=... Page URL
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=... HTTP 302
https://thedarwinhub.com/track/lg/?recaptcha=1&score=0.3&response=03ANYolqsHF_7-VRc0YJ2bIpNn7j3-tLLk_... HTTP 302
https://www.investmentnewsdaily.com/custom?email= HTTP 301
https://www.investmentnewsdaily.com/custom/?email= HTTP 302
https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnews... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

9
IPs

1
Countries

1932 kB
Transfer

3602 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.marketbeat.com/scripts/click.aspx?SponsorshipID=64798 HTTP 301
https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295 Page URL
https://thedarwinhub.com/track/lg/?mbid=2194&gm=&email=&de_sourceid=1295 HTTP 302
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295 Page URL
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295 HTTP 302
https://thedarwinhub.com/track/lg/?recaptcha=1&score=0.3&response=03ANYolqsHF_7-VRc0YJ2bIpNn7j3-tLLk_Et1GEGgt79duyRo5hzkjHXoyt3IkK8E-lewAimFLKkBxCwIdNYnA_T5GNZ1zKosVFrnzUHzmyuAFsmyu4tXes_x9Ii-7hhNIfO7OEgqJF5MD1DjKKgk3jT74LcwJZt9vlhiyB1ufK-T2_30Kwmh80bsfEjB6m8e-Xxq6Rqj-G2XcKBO_xWUTA2Ad07vSbLBuxhWtbCNgrgXaym26XfeKdGMUN5rKjwRiANGqYBgsr68-NJRQWZwTPubBX_qY2z-FcnZp7skp-3wDmSzYeHE7-lMc0LLg1GAsZ21oA3Y9ileGAcTH1FTHFQCr9-IWyEiON7iW2ftBrk3RIyExdxgxRgl3Og6pWUbLRffwhVplLY_p_bx3HtnZDw7hmtqIJ1DLVwzealBRAPqkLgkMtqIf9V_rQdKlCOsy9NLfpz1TW5sefHZjhFozpFFJ2VdvLqdvrPaYnLP49HsDeoUKH2KHQQbGcL6inZisUQaWJDHKYBLCiF9S213T76fV9obh8-fhA&hubvet=true&sw=1600&sh=1200&cDepth=24&insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295 HTTP 302
https://www.investmentnewsdaily.com/custom?email= HTTP 301
https://www.investmentnewsdaily.com/custom/?email= HTTP 302
https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.marketbeat.com/scripts/click.aspx?SponsorshipID=64798 HTTP 301
https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295

Request Chain 1

https://thedarwinhub.com/track/lg/?mbid=2194&gm=&email=&de_sourceid=1295 HTTP 302
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
thedarwinhub.com/rr/cto/
Redirect Chain

https://www.marketbeat.com/scripts/click.aspx?SponsorshipID=64798
https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295

845 B
1 KB

6932ms
5293ms

Document
text/html

161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 845
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:10 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
X-Powered-By: PHP/7.2.34

Redirect headers

access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 74789a7f9adc4bc5-YUL
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 15:09:08 GMT
location: https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295
server: cloudflare
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

recaptcha-lg.php Show response
thedarwinhub.com/track/lg/
Redirect Chain

https://thedarwinhub.com/track/lg/?mbid=2194&gm=&email=&de_sourceid=1295
https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295

2 KB
2 KB

31ms
29ms

Document
text/html

161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: b4fc8d579fa0d46d83f748723e2ec0d2d3f6e552974fee90a3610cb037db5386

Request headers

Referer: https://thedarwinhub.com/rr/cto/?rr=232&email=&refchan=1295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 1843
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
X-Powered-By: PHP/7.2.34

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
X-Powered-By: PHP/7.2.34
location: https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1001 B 321ms
43ms Script
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1f5bddbc67311fc6fed692086da8f455b4bafa17b45c5db289edf8828522def

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:15 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 387 KB
154 KB 66ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedarwinhub.com/
Origin: https://thedarwinhub.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157166
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:52:05 GMT

GET
H/1.1 200
OK loading.gif
thedarwinhub.com/track/submit/ 182 KB
182 KB 29ms
28ms Image
image/gif 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedarwinhub.com/track/submit/loading.gif
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 842fcabca07137fc0367dd0abbbe34d9cb995a5f7bb3746611b08489fbb9b11e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:16 GMT
Last-Modified: Fri, 21 Feb 2020 17:51:56 GMT
Server: Apache
ETag: "2d61c-59f19ad6f3404"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 185884

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4779 42 KB
22 KB 50ms
49ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=tkxnwb28qpji

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3963d8a558086ef58683dd966d89c2c5a927b321776bb00791f35d95c0e0267

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1BgRgqIpAcKX93YZy4DRYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedarwinhub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22195
content-security-policy: script-src 'report-sample' 'nonce-1BgRgqIpAcKX93YZy4DRYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 15:09:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 4779 52 KB
24 KB 61ms
20ms Stylesheet
text/css 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=tkxnwb28qpji

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:51:33 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 4779 387 KB
154 KB 59ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157166
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:52:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4779 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 190106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Sep 2022 10:20:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4779 15 KB
16 KB 68ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 185262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 11:41:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4779 15 KB
15 KB 74ms
26ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 535478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 10:24:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4779 102 B
134 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=g8G8cw32bNQPGUVoDvt680GA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41a7af34c3ce11b82aae8779426043729cca067fd28f9df87406c8b65857f278

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=tkxnwb28qpji
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:16 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4779 32 KB
18 KB 69ms
69ms XHR
application/json 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

17f33cdb6f30dc3458b03bd2a43ab9d6d3417dea15a78d6943351c7c53f5006b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LekKLoUAAAAAGHGwTU0s3W5iOcAro_sdAhLYE9y&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=tkxnwb28qpji
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 08 Sep 2022 15:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18494
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:16 GMT

GET
H/1.1

200
OK

Primary Request / Show response
thedarwinhub.com/special-offers/
Redirect Chain

https://thedarwinhub.com/track/lg/recaptcha-lg.php?insertid=3676810&mbid=2194&gm=&email=&de_sourceid=1295
https://thedarwinhub.com/track/lg/?recaptcha=1&score=0.3&response=03ANYolqsHF_7-VRc0YJ2bIpNn7j3-tLLk_Et1GEGgt79duyRo5hzkjHXoyt3IkK8E-lewAimFLKkBxCwIdNYnA_T5GNZ1zKosVFrnzUHzmyuAFsmyu4tXes_x9Ii-7hhNI...
https://www.investmentnewsdaily.com/custom?email=
https://www.investmentnewsdaily.com/custom/?email=
https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank...

3 KB
3 KB

266ms
265ms

Document
text/html

161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 8198d246efe93c52d0295d7c0b69d02bc452b0d85c3f0d627f2fea8420632603

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://thedarwinhub.com
Referer: https://thedarwinhub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 2952
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=94
Pragma: no-cache
Server: Apache
X-Powered-By: PHP/7.2.34

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Location: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK jquery.js Show response
thedarwinhub.com/wp/wp-includes/js/jquery/ 281 KB
281 KB 28ms
28ms Script
application/javascript 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/wp/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:17 GMT
Last-Modified: Thu, 15 Jul 2021 13:15:27 GMT
Server: Apache
ETag: "463a2-5c72943bcaddb"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 287650

GET
H/1.1 200
OK jquery-migrate.min.js Show response
thedarwinhub.com/wp/wp-includes/js/jquery/ 11 KB
11 KB 404ms
263ms Script
application/javascript 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:17 GMT
Last-Modified: Thu, 15 Jul 2021 13:15:27 GMT
Server: Apache
ETag: "2bd8-5c72943bcf044"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 11224

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:49:53 GMT

GET
H/1.1 200
OK responsive-iframe.js Show response
thedarwinhub.com/test/ 4 KB
5 KB 675ms
270ms Script
application/javascript 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/test/responsive-iframe.js
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: a4ec8fbdc69449afeb941784d3382c7328392892df89e8f7d79f4af52b0c9f52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:18 GMT
Last-Modified: Wed, 18 Jul 2018 19:53:03 GMT
Server: Apache
ETag: "115e-5714b691fa86a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 4446

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 342ms
41ms Script
application/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-133168883-16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

184baa54f8a0fa395750cfd659b169c005baa9e741c6b3c161afbc9632164012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41845
x-xss-protection: 0
expires: Thu, 08 Sep 2022 15:09:18 GMT

GET
H/1.1 200
OK display-foffers.php Show response
thedarwinhub.com/track/ Frame 5AEE 12 KB
12 KB 163ms
162ms Document
text/html 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: fa9c6e8d7bbde5be6b2ec2a8da84e77a4f90ec16452affe826c84795ac9d286b

Request headers

Referer: https://thedarwinhub.com/special-offers/?email=&pixel=&id=1644&refer=https%3A%2F%2Fwww.investmentnewsdaily.com%2Fcustom%2F%3Femail%3D&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Sep 2022 15:09:18 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=90
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.34

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133168883-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2626
date: Thu, 08 Sep 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 16:25:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5AEE 3 KB
1 KB 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald|Raleway

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

476be2c833033fb39fdd14ef402af5c631da576f244b53842d9fac41c88386b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 14:59:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 15:09:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 15:09:18 GMT

GET
H/1.1 200
OK quantum-refresh.css
thedarwinhub.com/include/css/ Frame 5AEE 503 B
770 B 29ms
28ms Stylesheet
text/css 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/include/css/quantum-refresh.css
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: 73bba20270c9468e418d35f13efabf799e743fb31f723c6e8a2f7855a3513b19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:18 GMT
Last-Modified: Wed, 13 Oct 2021 21:07:44 GMT
Server: Apache
ETag: "1f7-5ce425a7290b8"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 503

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5AEE 95 KB
33 KB 61ms
20ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:49:53 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 5AEE 850 B
578 B 44ms
43ms Script
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62873763c68dae3a2e2d5426b0bea772aa615eab4b31e48f8d35709dd49e84b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:18 GMT

GET
H/1.1 200
OK responsive-iframe.js Show response
thedarwinhub.com/test/ Frame 5AEE 4 KB
5 KB 58ms
28ms Script
application/javascript 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarwinhub.com/test/responsive-iframe.js
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: a4ec8fbdc69449afeb941784d3382c7328392892df89e8f7d79f4af52b0c9f52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:18 GMT
Last-Modified: Wed, 18 Jul 2018 19:53:03 GMT
Server: Apache
ETag: "115e-5714b691fa86a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 4446

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5AEE 203 KB
72 KB 85ms
44ms Script
application/javascript 2607:f8b0:4006:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PBG4Z78YXE

Requested by

Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

078c95409392efde0f28f70a35f4f3f16b832c76992c4bb81b16f5123f2a4ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74036
x-xss-protection: 0
expires: Thu, 08 Sep 2022 15:09:18 GMT

GET
H/1.1 200
OK 15-logo.png
thedarwinhub.com/ads/ Frame 5AEE 27 KB
27 KB 29ms
28ms Image
image/png 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedarwinhub.com/ads/15-logo.png
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: e540c73acdbacd021f9a8f2fd1fde4dc5bbcdf16024c146a539d0c36bd7eaf6e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:18 GMT
Last-Modified: Wed, 26 Jan 2022 22:28:16 GMT
Server: Apache
ETag: "6b3d-5d683b7cafdf3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 27453

GET
H/1.1 200
OK musth_FDA.png
thedarwinhub.com/hub/images/ Frame 5AEE 206 KB
207 KB 58ms
28ms Image
image/png 161.47.117.248
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedarwinhub.com/hub/images/musth_FDA.png
Requested by: Host: thedarwinhub.com
URL: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.47.117.248 Rutherfordton, United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Apache /
Resource Hash: c761d6fec3076023cd4d282b0acec1191ed50a5b746336444628d2d456876c7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/track/display-foffers.php?refer=&perc=70&ratio=66&id=1644&catid=&redirect=https%3A%2F%2Finvestmentnewsdaily.com%2Fcustom%2Fthank-you.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 15:09:18 GMT
Last-Modified: Tue, 06 Sep 2022 17:42:37 GMT
Server: Apache
ETag: "33955-5e805b8e0c794"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 211285

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=839077958&t=pageview&_s=1&dl=https%3A%2F%2Fthedarwinhub.com%2Fspecial-offers%2F%3Femail%3D%26pixel%3D%26id%3D1644%26refer%3Dhttps%253A%252F%252Fwww.investmentnewsdaily.com%252Fcustom%252F%253Femail%253D%26redirect%3Dhttps%253A%252F%252Finvestmentnewsdaily.com%252Fcustom%252Fthank-you.php&ul=en-us&de=UTF-8&dt=Special%20Offers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1699146479&gjid=1821683575&cid=889303052.1662649758&tid=UA-133168883-16&_gid=637373889.1662649758&_r=1&gtm=2ou8v0&z=1630734674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedarwinhub.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 15:09:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedarwinhub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 394ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-133168883-16&cid=889303052.1662649758&jid=1699146479&gjid=1821683575&_gid=637373889.1662649758&_u=YEBAAUAAAAAAAC~&z=1830752969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedarwinhub.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 15:09:18 GMT
content-type: text/plain
access-control-allow-origin: https://thedarwinhub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 5AEE 387 KB
154 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedarwinhub.com/
Origin: https://thedarwinhub.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157166
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:52:05 GMT

POST
H3 204 collect
www.google-analytics.com/g/ Frame 5AEE 0
17 B 33ms
32ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PBG4Z78YXE&gtm=2oe8v0&_p=1745684482&cid=889303052.1662649758&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662649758&sct=1&seg=0&dl=https%3A%2F%2Fthedarwinhub.com%2Ftrack%2Fdisplay-foffers.php%3Frefer%3D%26perc%3D70%26ratio%3D66%26id%3D1644%26catid%3D%26redirect%3Dhttps%253A%252F%252Finvestmentnewsdaily.com%252Fcustom%252Fthank-you.php&dr=https%3A%2F%2Fthedarwinhub.com%2Fspecial-offers%2F%3Femail%3D%26pixel%3D%26id%3D1644%26refer%3Dhttps%253A%252F%252Fwww.investmentnewsdaily.com%252Fcustom%252F%253Femail%253D%26redirect%3Dhttps%253A%252F%252Finvestmentnewsdaily.com%252Fcustom%252Fthank-you.php&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBG4Z78YXE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://thedarwinhub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 15:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedarwinhub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BE8A 42 KB
22 KB 52ms
52ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=1w4l6agdqgdy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3134d838e222005d0c51eb1635ec5998f6ed4384ef15c0d4355973fed8cef6c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FFC0MbnboU6J7vq2TTAHrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedarwinhub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22680
content-security-policy: script-src 'report-sample' 'nonce-FFC0MbnboU6J7vq2TTAHrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 15:09:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame BE8A 52 KB
24 KB 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=1w4l6agdqgdy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:51:33 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame BE8A 387 KB
154 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157166
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:52:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BE8A 2 KB
2 KB 23ms
22ms Image
image/png 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 190108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Sep 2022 10:20:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE8A 15 KB
15 KB 71ms
23ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 185264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 11:41:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BE8A 15 KB
15 KB 69ms
22ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 535480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 10:24:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BE8A 102 B
134 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=g8G8cw32bNQPGUVoDvt680GA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41a7af34c3ce11b82aae8779426043729cca067fd28f9df87406c8b65857f278

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE&co=aHR0cHM6Ly90aGVkYXJ3aW5odWIuY29tOjQ0Mw..&hl=en&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=1w4l6agdqgdy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 15:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:18 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3A35 7 KB
1 KB 46ms
43ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

076d1182249b32b7ba3f1bc66c9aac8716c86249380f1880ffc59b0965cadecb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XgV_s5X_JLKUWxZyzHtUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thedarwinhub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-XgV_s5X_JLKUWxZyzHtUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 15:09:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 3A35 52 KB
24 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:51:33 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 3A35 387 KB
154 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157166
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 16:52:05 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3A35 38 KB
23 KB 71ms
70ms XHR
application/json 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c600e631bbc4112a0896333efe1a937c4ff8fa9474449199592697730629320

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=g8G8cw32bNQPGUVoDvt680GA&k=6Ldn1EUUAAAAAGfz_x7Pp9_f2JZrz3ledx5mKbYE
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 08 Sep 2022 15:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23444
x-xss-protection: 1; mode=block
expires: Thu, 08 Sep 2022 15:09:19 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:10:01	Name: _GRECAPTCHA Value: 09AMjm62W3RRr5Ez5qdSuDsxb0OzsZv3HCoZpzlTAyGPoUrCa6JVn1LuVcd_hpCLx9wia6U_KbkJ3XnqbpVN5aMWg
www.marketbeat.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0zu2ngyiole10u45jwyjhbzy
thedarwinhub.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 23d5ed7d8e59f4d3d7a70946b7856022
.thedarwinhub.com/	1970-01-20 06:34:01	Name: lg_mbid Value: 2194
.thedarwinhub.com/	1970-01-20 06:34:01	Name: screenWidth Value: 1600
www.investmentnewsdaily.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5695geuc6jcdl750t584jruf8l
.thedarwinhub.com/	1970-01-20 05:52:16	Name: _gid Value: GA1.2.637373889.1662649758
.thedarwinhub.com/	1970-01-20 05:50:49	Name: _gat_gtag_UA_133168883_16 Value: 1
.thedarwinhub.com/	1970-01-20 15:26:49	Name: _ga_PBG4Z78YXE Value: GS1.1.1662649758.1.0.1662649758.0.0.0
.thedarwinhub.com/	1970-01-20 15:26:49	Name: _ga Value: GA1.1.889303052.1662649758

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
thedarwinhub.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.investmentnewsdaily.com
www.marketbeat.com
161.47.117.248
18.234.1.56
2606:4700:3108::ac42:2b0e
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:806::2008
2607:f8b0:4006:80b::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2004
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2003
2607:f8b0:4006:821::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
076d1182249b32b7ba3f1bc66c9aac8716c86249380f1880ffc59b0965cadecb
078c95409392efde0f28f70a35f4f3f16b832c76992c4bb81b16f5123f2a4ea1
17f33cdb6f30dc3458b03bd2a43ab9d6d3417dea15a78d6943351c7c53f5006b
184baa54f8a0fa395750cfd659b169c005baa9e741c6b3c161afbc9632164012
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3134d838e222005d0c51eb1635ec5998f6ed4384ef15c0d4355973fed8cef6c4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a7af34c3ce11b82aae8779426043729cca067fd28f9df87406c8b65857f278
476be2c833033fb39fdd14ef402af5c631da576f244b53842d9fac41c88386b5
52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62873763c68dae3a2e2d5426b0bea772aa615eab4b31e48f8d35709dd49e84b8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c600e631bbc4112a0896333efe1a937c4ff8fa9474449199592697730629320
73bba20270c9468e418d35f13efabf799e743fb31f723c6e8a2f7855a3513b19
8198d246efe93c52d0295d7c0b69d02bc452b0d85c3f0d627f2fea8420632603
842fcabca07137fc0367dd0abbbe34d9cb995a5f7bb3746611b08489fbb9b11e
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f5bddbc67311fc6fed692086da8f455b4bafa17b45c5db289edf8828522def
a4ec8fbdc69449afeb941784d3382c7328392892df89e8f7d79f4af52b0c9f52
b4fc8d579fa0d46d83f748723e2ec0d2d3f6e552974fee90a3610cb037db5386
c761d6fec3076023cd4d282b0acec1191ed50a5b746336444628d2d456876c7f
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3963d8a558086ef58683dd966d89c2c5a927b321776bb00791f35d95c0e0267
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e540c73acdbacd021f9a8f2fd1fde4dc5bbcdf16024c146a539d0c36bd7eaf6e
fa9c6e8d7bbde5be6b2ec2a8da84e77a4f90ec16452affe826c84795ac9d286b

thedarwinhub.com Open in urlscan Pro 161.47.117.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

82 %IPv6

9 Domains

11 Subdomains

9 IPs

1 Countries

1932 kBTransfer

3602 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thedarwinhub.com Open in urlscan Pro
161.47.117.248 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

9
IPs

1
Countries

1932 kB
Transfer

3602 kB
Size

10
Cookies

44 HTTP transactions
0 data transactions