tfdsd4q.info Open in urlscan Pro
13.56.189.78 Public Scan

URL:
http://tfdsd4q.info/a/usnp.php
Submission: On June 25 via manual (June 25th 2018, 11:36:04 am UTC) from US

Summary HTTP 55 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 27 domains to perform 55 HTTP transactions. The main IP is 13.56.189.78, located in San Jose, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is tfdsd4q.info.

This is the only time tfdsd4q.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.56.189.78 13.56.189.78	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
26	35.225.46.100 35.225.46.100	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 4	172.217.22.102 172.217.22.102	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8186:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	5.153.20.140 5.153.20.140	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
15 17	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 2	107.178.240.89 107.178.240.89	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.153.63.253 35.153.63.253	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.108.51.30 104.108.51.30	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	34.251.108.175 34.251.108.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.206.65.84 52.206.65.84	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	5.153.15.173 5.153.15.173	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2 2	34.199.239.114 34.199.239.114	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	54.243.144.136 54.243.144.136	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	46.51.169.149 46.51.169.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.250.48.64 34.250.48.64	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.211.137.191 34.211.137.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET - Packet Host)
1	185.59.220.18 185.59.220.18	60068 (CDN77) (CDN77)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.33.223.200 185.33.223.200	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
1	62.67.193.85 62.67.193.85	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
55	25

1 13.56.189.78 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-56-189-78.us-west-1.compute.amazonaws.com

tfdsd4q.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 35.225.46.100 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 100.46.225.35.bc.googleusercontent.com

popeyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.102 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f102.1e100.net

5081500.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.153.20.140 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 8c.14.9905.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 159.253.128.183 (Amsterdam, Netherlands) 15 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.89 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.63.253 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-153-63-253.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.51.30 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.108.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-108-175.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.65.84 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-65-84.compute-1.amazonaws.com

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.153.15.173 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: ad.0f.9905.ip4.static.sl-reverse.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.239.114 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-239-114.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.144.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-144-136.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.169.149 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-169-149.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.48.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-48-64.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.137.191 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-211-137-191.us-west-2.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.200 (Switzerland) 1 redirects

ASN54825 (PACKET - Packet Host, Inc., US)

loadr.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.18 (Frankfurt, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-10.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.200 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.34 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	popeyes.com popeyes.com	1 MB
19	simpli.fi 15 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	14 KB
8	doubleclick.net 6 redirects 5081500.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
2	openx.net 1 redirects us-u.openx.net	597 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	exelator.com 1 redirects loadr.exelator.com load77.exelator.com	601 B
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	791 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	pro-market.net 1 redirects fei.pro-market.net	763 B
2	facebook.com www.facebook.com	395 B
2	google.de www.google.de	216 B
2	google.com 2 redirects www.google.com	469 B
2	facebook.net connect.facebook.net	27 KB
2	google-analytics.com 1 redirects www.google-analytics.com	14 KB
1	pubmatic.com image2.pubmatic.com	798 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	contextweb.com bh.contextweb.com	665 B
1	adnxs.com ib.adnxs.com	592 B
1	googleadservices.com 1 redirects www.googleadservices.com	260 B
1	lijit.com ce.lijit.com	515 B
1	intentiq.com sync.intentiq.com	502 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	444 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	tfdsd4q.info tfdsd4q.info	8 KB
55	27

	Domain	Requested by
26	popeyes.com	tfdsd4q.info
17	um.simpli.fi	15 redirects
4	5081500.fls.doubleclick.net	2 redirects www.googletagmanager.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	idsync.rlcdn.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects
2	fei.pro-market.net	1 redirects
2	www.facebook.com	tfdsd4q.info
2	www.google.de	tfdsd4q.info
2	www.google.com	2 redirects
2	connect.facebook.net	tfdsd4q.info connect.facebook.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	bh.contextweb.com
1	ib.adnxs.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	load77.exelator.com
1	loadr.exelator.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ce.lijit.com
1	sync.intentiq.com
1	stags.bluekai.com
1	sync.bfmio.com
1	i.simpli.fi	tag.simpli.fi
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	tfdsd4q.info
1	tag.simpli.fi	tfdsd4q.info
1	tfdsd4q.info
55	35

This site contains links to these domains. Also see Links.

Domain
popeyes.com
1qt-1.tlnk.io
www.coke.com
company.popeyes.com
popeyes.jobs
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.louisianaentertainment.gov

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://tfdsd4q.info/a/usnp.php
Frame ID: 8D1A9273B3BA85795C81F92798FF7AE3
Requests: 53 HTTP requests in this frame

Frame: http://5081500.fls.doubleclick.net/activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php
Frame ID: 70ED46DCEE1C5E753F0F55C8FEC0EB88
Requests: 1 HTTP requests in this frame

Frame: http://5081500.fls.doubleclick.net/activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php
Frame ID: FE4236A9449B8D9951DAEB28305DE527
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

env /^tinyMCE$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

55
Requests

0 %
HTTPS

23 %
IPv6

27
Domains

35
Subdomains

25
IPs

7
Countries

1560 kB
Transfer

2287 kB
Size

5
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://popeyes.com/

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/
Title: Menu

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/bonafide-chicken/
Title: Bonafide® Chicken

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/tenders/
Title: Tenders

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/seafood/
Title: Seafood

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/sandwiches-and-wraps/
Title: Sandwiches

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/live-well/
Title: Live Well

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/family-and-kids-meals/
Title: Family & Kids’ Meals

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/signature-sides/
Title: Sides

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/sauces/
Title: Sauces

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/desserts/
Title: Desserts

Search URL Search Domain Scan URL

URL: https://popeyes.com/menu/beverages/
Title: Beverages

Search URL Search Domain Scan URL

URL: https://popeyes.com/our-story/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://popeyes.com/promos/
Title: Promos

Search URL Search Domain Scan URL

URL: https://popeyes.com/coupons/
Title: Coupons

Search URL Search Domain Scan URL

URL: https://1qt-1.tlnk.io/serve?action=click&campaign_id_android=396991&campaign_id_ios=391379&campaign_id_web=435377&destination_id_android=340549&destination_id_ios=309731&destination_id_web=499196&invoke_id_android=283130&invoke_id_ios=274899&my_ad={Ad_size}&my_keyword={Creative_type}&my_placement={App_name}&my_publisher={Exchange}&my_site={App_Id}&publisher_id=362605&site_id_android=116377&site_id_ios=113033&site_id_web=102144&sub_ad={Ad_name}&sub_campaign=us_popeyes_launch_external_site_51618&sub_publisher={xyz}
Title:

Search URL Search Domain Scan URL

URL: http://www.coke.com/popeyes
Title:

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/franchise/
Title: Popeyes Franchising ❯

Search URL Search Domain Scan URL

URL: http://popeyes.jobs/
Title: Jobs At Popeyes ❯

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/company/corporate-responsibility/
Title: Corporate Responsibility ❯

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/
Title: Company

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://company.popeyes.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://popeyes.com/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PopeyesLouisianaKitchen
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/popeyeschicken
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/popeyes
Title: YouTube

Search URL Search Domain Scan URL

URL: https://instagram.com/popeyeslouisianakitchen
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.louisianaentertainment.gov/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://5081500.fls.doubleclick.net/activityi;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php HTTP 302
http://5081500.fls.doubleclick.net/activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php

Request Chain 31

http://5081500.fls.doubleclick.net/activityi;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php HTTP 302
http://5081500.fls.doubleclick.net/activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php

Request Chain 32

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=873661012&t=pageview&_s=1&dl=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php&ul=en-us&de=UTF-8&dt=Popeyes%20Louisiana%20Kitchen&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=360875967&gjid=1236726844&cid=744025705.1529926553&tid=UA-11957493-1&_gid=93036845.1529926553&_r=1&gtm=G6cTMFNPNX&z=1166741392 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_gid=93036845.1529926553&gjid=1236726844&_v=j68&z=1166741392 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392&slf_rd=1&random=2894965485

Request Chain 37

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img;sr

Request Chain 38

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=B08932A998D3305B1C3F655702E27F08

Request Chain 39

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=B08932A998D3305B1C3F655702E27F08

Request Chain 40

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08

Request Chain 41

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A998D3305B1C3F655702E27F08

Request Chain 42

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B08932A998D3305B1C3F655702E27F08

Request Chain 43

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A998D3305B1C3F655702E27F08 HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A998D3305B1C3F655702E27F08&redirect=1 HTTP 302
https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

Request Chain 44

https://aa.agkn.com/adscores/g.pixel?sid=9201915418 HTTP 302
https://d.agkn.com/pixel/5502/?sk=164441102732000213183&pd=&l0=https://um.simpli.fi/aa_px?sk=164441102732000213183 HTTP 302
https://um.simpli.fi/aa_px?sk=164441102732000213183

Request Chain 45

https://loadr.exelator.com/load/?p=104&g=870&j=0 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 46

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1529926554054&cv=7&fst=1529926554054&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=m9MwW6GmFcvGb7nisuAI&sscte=1&crd=CKrPGw&gsr= HTTP 302
https://www.google.com/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=m9MwW6GmFcvGb7nisuAI&random=482163461 HTTP 302
https://www.google.de/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=m9MwW6GmFcvGb7nisuAI&random=482163461&ipr=y&ulfeg=n

Request Chain 47

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08&__user_check__=1&sync_id=ec46d189-786b-11e8-945c-191ab6a90e06

Request Chain 48

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=B08932A998D3305B1C3F655702E27F08

Request Chain 49

https://um.simpli.fi/cw_match HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A998D3305B1C3F655702E27F08

Request Chain 50

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A998D3305B1C3F655702E27F08&expires=365

Request Chain 51

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B08932A998D3305B1C3F655702E27F08 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A998D3305B1C3F655702E27F08

Request Chain 52

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08932A998D3305B1C3F655702E27F08

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEHIZJAUuECJql3B2CJilq9I&google_cver=1 HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B08932A998D3305B1C3F655702E27F08 HTTP 302
https://um.simpli.fi/g_match?id=

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set usnp.php Show response
tfdsd4q.info/a/ 29 KB
8 KB 556ms
389ms Document
text/html 13.56.189.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://tfdsd4q.info/a/usnp.php
Protocol: HTTP/1.1
Server: 13.56.189.78 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-56-189-78.us-west-1.compute.amazonaws.com
Software: nginx / PHP/5.5.38
Resource Hash: c266f2177600b4f3307e1ee31811be252693467ea7d0cedb0dbbf06a5fdd6cce

Request headers

Host: tfdsd4q.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8D1A9273B3BA85795C81F92798FF7AE3

Response headers

Server: nginx
Date: Mon, 25 Jun 2018 11:35:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.38
Set-Cookie: ip_access_token=2017234553790; expires=Sat, 22-Dec-2018 11:35:52 GMT; Max-Age=15552000; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK fdbc9e20-d6c0-0135-e21e-06659b33d47c Show response
tag.simpli.fi/sifitag/ 2 KB
3 KB 58ms
13ms Script
application/javascript 169.50.137.176
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/fdbc9e20-d6c0-0135-e21e-06659b33d47c

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

HTTP/1.1

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

openresty /

Resource Hash

0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:52 GMT
X-Content-Type-Options: nosniff
Server: openresty
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="/w3c/p3p.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1998
x-request-id: rj70avv93pvgl3r39hlj5ckfhb64svsb
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 styles.css
popeyes.com/wp-content/themes/popeyes_wcag/css/ 199 KB
32 KB 509ms
232ms Stylesheet
text/css 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/css/styles.css?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

785b4092ab0197123e2b2ab1d7d09a80345631f0c474800ab991307dc1680736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-31a4e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 jquery.js Show response
popeyes.com/wp-includes/js/jquery/ 95 KB
39 KB 509ms
233ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Wed, 04 Apr 2018 04:31:01 GMT
server: nginx
status: 200
etag: W/"5ac45505-17ba0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 jquery-migrate.min.js Show response
popeyes.com/wp-includes/js/jquery/ 10 KB
4 KB 624ms
348ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Wed, 04 Apr 2018 04:31:01 GMT
server: nginx
status: 200
etag: W/"5ac45505-2748"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 logo-square.png
popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/ 13 KB
13 KB 228ms
227ms Image
image/png 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/logo-square.png

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fbe2a37dee8ecebf690923886b70eab99fb6e1722f98c99e1e8ecab3c67570f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-32f6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 13046

GET
S 200 logo-horizontal.png
popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/ 15 KB
15 KB 228ms
227ms Image
image/png 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/logo-horizontal.png

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c2937396e85c0ebc10e781dd2e66687fd843b90d3184a40e3120fd50d42521a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-3a38"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 14904

GET
S 200 uber_eats.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/ 145 KB
145 KB 228ms
227ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/uber_eats.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

73de1f05b7ade7f8ff9c4b421e334af7a499fb06bde7545238cad64d6280af51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-243f0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 148464

GET
S 200 5-ripn-chicken.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/ 292 KB
292 KB 227ms
226ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/5-ripn-chicken.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4170c4f6c4353ef5701a94c32d92815d5fbb2f7fc9c42a646e56ac3ae743d8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-48e91"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 298641

GET
S 200 5-dollar-4PCs.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/ 290 KB
290 KB 227ms
226ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/5-dollar-4PCs.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

28dd89482882f7e488e509f3a95e07274c0058df88477d8a3b16b181daf6384b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-48600"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 296448

GET
S 200 share-a-coke.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/ 303 KB
304 KB 229ms
227ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/lto/home/share-a-coke.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c616685c34d5697c85a0512789a1a26cee9e8a4488bf1301129e77945b628e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-4bd40"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 310592

GET
S 200 la-entertainment-logo.svg
popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/ 4 KB
2 KB 229ms
227ms Image
image/svg+xml 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/wrapper/la-entertainment-logo.svg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

f0663fce42cdfe1f6aefa48b2876e449b41f90be32b90ae6b14c39cd323c42aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-1176"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 qppr_frontend_script.min.js Show response
popeyes.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
845 B 228ms
226ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.1.8

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Wed, 04 Apr 2018 04:31:03 GMT
server: nginx
status: 200
etag: W/"5ac45507-636"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 bower.min.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 431 KB
168 KB 121ms
119ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/bower.min.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

be4952637d381ffa5b5403fa7dfa274b552b402aa8fb71922bab18f6fea887e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-6bca4"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 jquery.mobile.custom.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 54 KB
20 KB 228ms
226ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/jquery.mobile.custom.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

030657a0a68c9197a5c6224b1cde81cca704f38de817f171401bc5524e20b70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-d9b5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 paypal.collapse.1.0.5.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 6 KB
2 KB 228ms
226ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/paypal.collapse.1.0.5.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e0f760899fe5a2989d2047af11150396c5a2d93e0d1e79a6e0f439bcf635084a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-17fc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 paypal.carousel.1.0.5.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 12 KB
4 KB 228ms
226ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/paypal.carousel.1.0.5.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

cb2a7cca28a004423b4b5dd2af76a4b4b4a2dde3199b47026a87913e34d5ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-3068"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 gsdm.carousel.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 5 KB
2 KB 228ms
226ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/gsdm.carousel.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c80ee465d2d404399b6a2c966622365597dbb5d2f6b568106f40055407213feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-128f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 SiteManager.js Show response
popeyes.com/wp-content/themes/popeyes_wcag/js/ 3 KB
2 KB 227ms
225ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/js/SiteManager.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ecee5370ede7f9858136e93dbd7cb9c2a48662606dec7b8a0cf638545e32f8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: W/"5b2d36e0-ddc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 wp-embed.min.js Show response
popeyes.com/wp-includes/js/ 1 KB
1 KB 228ms
227ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-includes/js/wp-embed.min.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Wed, 04 Apr 2018 04:31:01 GMT
server: nginx
status: 200
etag: W/"5ac45505-576"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
27 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMFNPNX

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

42ef9c60e314a6b75346adcab3b17aafbef0df5090349d78bda5ebddc3262c0d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 27615
x-xss-protection: 1; mode=block
expires: Mon, 25 Jun 2018 11:35:53 GMT

GET
S 200 wp-emoji-release.min.js Show response
popeyes.com/wp-includes/js/ 11 KB
5 KB 212ms
212ms Script
application/x-javascript 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.6

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
content-encoding: gzip
last-modified: Wed, 04 Apr 2018 04:31:01 GMT
server: nginx
status: 200
etag: W/"5ac45505-2dc9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
S 200 corp-responsibility.png
popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/ 10 KB
10 KB 206ms
205ms Image
image/png 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/corp-responsibility.png

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9a36a0f1ef3b128fea6b881325e92a7e2d171d9ec95a598fd37a8e9bd385a7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-2765"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 10085

GET
S 200 careers.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/ 23 KB
24 KB 206ms
205ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/careers.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

288646cac2ae7c9ab5b7b7e0476928b52322d9363a336d0a1bf99d78d5589f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-5cff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 23807

GET
S 200 franchising.png
popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/ 12 KB
12 KB 206ms
205ms Image
image/png 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/franchising.png

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

11562ac35a6c5fb686dd6aa62b889e530dcee36c784bf8b786f7530d9a598b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-2f98"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 12184

GET
S 200 catering.jpg
popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/ 27 KB
28 KB 206ms
205ms Image
image/jpeg 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/images/home/sub-promos/catering.jpg

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0fafadc815d4fa5363252e488a6c66680d077be4e32d70d4379f83708f24e522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-6d62"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 28002

GET
S 200 322F06_0_0.woff2
popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/ 30 KB
30 KB 466ms
235ms Font
application/x-font-woff 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/322F06_0_0.woff2

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

eb3f2ac1556af8e61e33821d8b72d3ecfef62b131fe2b6aa32256325d13c0260

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://popeyes.com/wp-content/themes/popeyes_wcag/css/styles.css?ver=4.9.6
Origin: http://tfdsd4q.info

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-781d"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 30749

GET
S 200 icomoon.ttf
popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/ 3 KB
3 KB 575ms
345ms Font
font/truetype 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/icomoon.ttf?utissk

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

93e1da9a9a5a355349838233652dd881ecd26cde03abc1d2cc4fba53d192f701

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://popeyes.com/wp-content/themes/popeyes_wcag/css/styles.css?ver=4.9.6
Origin: http://tfdsd4q.info

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-a00"
vary: Accept-Encoding
content-type: font/truetype
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2560

GET
S 200 322F06_1_0.woff2
popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/ 23 KB
23 KB 465ms
235ms Font
application/x-font-woff 35.225.46.100
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://popeyes.com/wp-content/themes/popeyes_wcag/css/fonts/322F06_1_0.woff2

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

35.225.46.100 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

100.46.225.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

89dc6775c466e11be95dd084d32b89c40343586d4dd9e6d3e37121ab7a7efc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://popeyes.com/wp-content/themes/popeyes_wcag/css/styles.css?ver=4.9.6
Origin: http://tfdsd4q.info

Response headers

x-type: static/known
date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 22 Jun 2018 17:50:24 GMT
server: nginx
status: 200
etag: "5b2d36e0-5a19"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 23065

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMFNPNX

Protocol

SPDY

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 2276
date: Mon, 25 Jun 2018 10:57:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Mon, 25 Jun 2018 12:57:57 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 42 KB
13 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

822cac9dcc726b0a79afcf39c8a6dc6f52cb5377d763efa4346ae0f2b73018a5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13335
x-xss-protection: 0
pragma: public
x-fb-debug: h56V1wgnAArGLZudZg1vZa873hr3fb/XyFaX/Rj1Bv0Hb56tGPPedfqRvVlBphhdbFYvIjEebwT8o8Y3kMWoqw==
x-frame-options: DENY
date: Mon, 25 Jun 2018 11:35:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php
5081500.fls.doubleclick.net/ Frame 70ED
Redirect Chain

http://5081500.fls.doubleclick.net/activityi;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?
http://5081500.fls.doubleclick.net/activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?

0
0

32ms
31ms

Document
text/html

172.217.22.102
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://5081500.fls.doubleclick.net/activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMFNPNX

Protocol

HTTP/1.1

Server

172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: 5081500.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://tfdsd4q.info/a/usnp.php
Accept-Encoding: gzip, deflate
Cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8D1A9273B3BA85795C81F92798FF7AE3
Referer: http://tfdsd4q.info/a/usnp.php

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Mon, 25 Jun 2018 11:35:53 GMT
Expires: Mon, 25 Jun 2018 11:35:53 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 491
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUmAqKDMFczCNE0idsY5JFiYAL0jIHnEhvaB7zjVi54SC3PBd5lF0EzlP42e; expires=Sat, 20-Jul-2019 11:35:53 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Mon, 25 Jun 2018 11:35:53 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://5081500.fls.doubleclick.net/activityi;dc_pre=CIiShMbc7tsCFQKn7QodtKAPRQ;src=5081500;type=popey0;cat=allpa0;ord=3149901552082;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 25-Jun-2018 11:50:53 GMT; path=/; domain=.doubleclick.net

GET
H/1.1

200
OK

Cookie set activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php
5081500.fls.doubleclick.net/ Frame FE42
Redirect Chain

http://5081500.fls.doubleclick.net/activityi;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?
http://5081500.fls.doubleclick.net/activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?

0
0

31ms
31ms

Document
text/html

172.217.22.102
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://5081500.fls.doubleclick.net/activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMFNPNX

Protocol

HTTP/1.1

Server

172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: 5081500.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://tfdsd4q.info/a/usnp.php
Accept-Encoding: gzip, deflate
Cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8D1A9273B3BA85795C81F92798FF7AE3
Referer: http://tfdsd4q.info/a/usnp.php

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Mon, 25 Jun 2018 11:35:53 GMT
Expires: Mon, 25 Jun 2018 11:35:53 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 177
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUmgpjQEwsBhakXbSrSB-BWvdnP_6IkdUbGy97nQ4VWYaKL-ENBdasa7h9Bq; expires=Sat, 20-Jul-2019 11:35:53 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Mon, 25 Jun 2018 11:35:53 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://5081500.fls.doubleclick.net/activityi;dc_pre=CIK7g8bc7tsCFQaj7QodY_cI8g;src=5081500;type=popey0;cat=sitev0;ord=1;num=6629586531434;gtm=G6c;~oref=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 25-Jun-2018 11:50:53 GMT; path=/; domain=.doubleclick.net

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=873661012&t=pageview&_s=1&dl=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php&ul=en-us&de=UTF-8&dt=Popeyes%20Louisiana%20Kitchen&sd=24-bit&sr=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_gid=93036845.1529926553&gjid=1236726844&_v=j68&z=1166741392
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392&slf_rd=1&random=2894965485

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392&slf_rd=1&random=2894965485

Requested by

Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php

Protocol

SPDY

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11957493-1&cid=744025705.1529926553&jid=360875967&_v=j68&z=1166741392&slf_rd=1&random=2894965485
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 363197074072940 Show response
connect.facebook.net/signals/config/ 58 KB
14 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363197074072940?v=2.8.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6e562f8e7e9bee20126018a64143cd1c9ca21149f680bf44cdc8b132bf2f50eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: tColbC6vFnyyqjKSxbHEtLt0ewl0rFm8e8J+cl2huq52R/Ad8juXhvsvsN3+qD0qIbWvJ6Y5KZDrKx0vAIXnMA==
x-frame-options: DENY
date: Mon, 25 Jun 2018 11:35:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=363197074072940&ev=PageView&dl=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php&rl=&if=false&ts=1529926553545&sw=1600&sh=1200&v=2.8.18&r=stable&ec=0&o=28&it=1529926553485
Requested by: Host: tfdsd4q.info
URL: http://tfdsd4q.info/a/usnp.php
Protocol: SPDY
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Jun 2018 11:35:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 25 Jun 2018 11:35:53 GMT

GET
H/1.1 200
OK p Show response
i.simpli.fi/ 806 B
2 KB 43ms
11ms Script
application/javascript 5.153.20.140
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_64056838778._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/fdbc9e20-d6c0-0135-e21e-06659b33d47c

Protocol

HTTP/1.1

Server

5.153.20.140 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

8c.14.9905.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

21840286bb9d9b79e6b017e89c614fc44bb3269bf4583a162cdf917d93f5db88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=363197074072940&ev=Microdata&dl=http%3A%2F%2Ftfdsd4q.info%2Fa%2Fusnp.php&rl=&if=false&ts=1529926554049&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fpopeyes.com%2Fwp-content%2Fthemes%2Fpopeyes_wcag%2Fimages%2Fsocial%2Fog_logo.png%22%2C%22og%3Atitle%22%3A%22Home%20%7C%20Popeyes%20Louisiana%20Kitchen%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpopeyes.com%2F%22%2C%22og%3Adescription%22%3A%22Popeyes%20Louisiana%20Kitchen%20shows%20off%20its%20New%20Orleans%20heritage%20with%20authentic%20spicy%20%26%20mild%20fried%20chicken%2C%20chicken%20tenders%2C%20seafood%20and%20signature%20sides%20like%20red%20beans%20and%20rice.%20Visit%20one%20of%20our%20many%20fried%20chicken%20restaurants%20today.%22%7D&cd[Meta]=%7B%22title%22%3A%22Popeyes%20Louisiana%20Kitchen%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Popeyes%20Louisiana%20Kitchen%20shows%20off%20its%20New%20Orleans%20heritage%20with%20authentic%20spicy%20%26%20mild%20fried%20chicken%2C%20chicken%20tenders%2C%20seafood%20and%20signature%20sides.%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.18&r=stable&ec=1&o=28&it=1529926553485&es=automatic
Protocol: SPDY
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Jun 2018 11:35:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 25 Jun 2018 11:35:54 GMT

GET
S

200

engine
fei.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img;sr

43 B
281 B

14ms
14ms

Image
image/gif

107.178.240.89
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img;sr
Protocol: SPDY
Server: 107.178.240.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 89.240.178.107.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
status: 302
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://fei.pro-market.net/engine?du=24;csync=B08932A998D3305B1C3F655702E27F08;mimetype=img;sr
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=B08932A998D3305B1C3F655702E27F08

37 B
444 B

412ms
101ms

Image
image/gif

35.153.63.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 35.153.63.253 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-153-63-253.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

access-control-allow-origin: *
Connection: keep-alive
Content-Length: 37
Content-Type: image/gif

Redirect headers

Date: Mon, 25 Jun 2018 11:35:54 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.bfmio.com/sync?pid=141&uid=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=B08932A998D3305B1C3F655702E27F08

62 B
329 B

95ms
95ms

Image
image/gif

104.108.51.30
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 104.108.51.30 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-51-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Jun 2018 11:35:54 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: e805
Content-Type: image/gif

Redirect headers

Date: Mon, 25 Jun 2018 11:35:54 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://stags.bluekai.com/site/29931?id=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

tpid=B08932A998D3305B1C3F655702E27F08
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08

49 B
877 B

41ms
41ms

Image
image/gif

34.251.108.175
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 34.251.108.175 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-108-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:54 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Cache-Control: no-cache
X-Server: 10.26.25.74
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:54 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=B08932A998D3305B1C3F655702E27F08
Cache-Control: no-cache
X-Server: 10.26.17.57
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A998D3305B1C3F655702E27F08

43 B
502 B

408ms
102ms

Image
image/gif

52.206.65.84
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 52.206.65.84 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-206-65-84.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 25 Jun 2018 11:35:54 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=B08932A998D3305B1C3F655702E27F08

0
515 B

90ms
45ms

Image
text/html

5.153.15.173
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 5.153.15.173 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: ad.0f.9905.ip4.static.sl-reverse.com
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap2ams2
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ce.lijit.com/merge?pid=2&3pid=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

204
No Content

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A998D3305B1C3F655702E27F08
https://idsync.rlcdn.com/419566.gif?partner_uid=B08932A998D3305B1C3F655702E27F08&redirect=1
https://usermatch.krxd.net/um/v2?partner=liveramp
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

0
453 B

128ms
40ms

Image
text/plain

46.51.169.149
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Protocol: HTTP/1.1
Server: 46.51.169.149 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-169-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Jun 2018 11:35:56 GMT
Cache-Control: private, no-cache, no-store
X-Request-Time: D=36 t=1529926556
Connection: keep-alive
P3P: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
X-Served-By: beacon-n017-dub.krxd.net

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
Accept-Ranges: bytes
X-Served-By: usermatch-a018.krxd.net
X-Cache: MISS
X-Request-Backend: krux_scala_usermatch_webservice
Location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Connection: keep-alive
X-Age: 0
Content-Length: 0
X-Cache-Hits: 0

GET
H/1.1

200
OK

aa_px
um.simpli.fi/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9201915418
https://d.agkn.com/pixel/5502/?sk=164441102732000213183&pd=&l0=https://um.simpli.fi/aa_px?sk=164441102732000213183
https://um.simpli.fi/aa_px?sk=164441102732000213183

43 B
375 B

11ms
11ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.simpli.fi/aa_px?sk=164441102732000213183
Protocol: HTTP/1.1
Server: 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: b7.80.fd9f.ip4.static.sl-reverse.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:56 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164441102732000213183
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://loadr.exelator.com/load/?p=104&g=870&j=0
https://load77.exelator.com/pixel.gif

43 B
272 B

24ms
6ms

Image
image/gif

185.59.220.18
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: SPDY
Server: 185.59.220.18 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Jun 2018 11:35:55 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-edge-ip: 185.59.220.10
x-age: 674192
accept-ranges: bytes
content-length: 43

Redirect headers

date: Mon, 25 Jun 2018 11:35:55 GMT
server: nginx/1.12.2
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
S

200

/
www.google.de/ads/conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1529926554054&cv=7&fst=1529926554054&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
https://www.google.com/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr...
https://www.google.de/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr=...

42 B
107 B

14ms
14ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=m9MwW6GmFcvGb7nisuAI&random=482163461&ipr=y&ulfeg=n

Protocol

SPDY

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:55 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Jun 2018 11:35:55 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/conversion/1026675585/?random=2099619996&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKrPGw&gsr=&cdct=2&is_vtc=1&ocp_id=m9MwW6GmFcvGb7nisuAI&random=482163461&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 537
x-xss-protection: 1; mode=block
expires: Mon, 25 Jun 2018 11:35:55 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08&__user_check__=1&sync_id=ec46d189-786b-11e8-945c-191ab6a90e06

43 B
573 B

12ms
12ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08&__user_check__=1&sync_id=ec46d189-786b-11e8-945c-191ab6a90e06
Protocol: HTTP/1.1
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=B08932A998D3305B1C3F655702E27F08&__user_check__=1&sync_id=ec46d189-786b-11e8-945c-191ab6a90e06
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=B08932A998D3305B1C3F655702E27F08

0
592 B

41ms
13ms

Image
text/html

185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=B08932A998D3305B1C3F655702E27F08

Protocol

HTTP/1.1

Server

185.33.223.200 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:57 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid: a1a5aa0c-e46d-49da-a28f-458605bfbf86
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://ib.adnxs.com/setuid?entity=66&code=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

rtset
bh.contextweb.com/bh/
Redirect Chain

https://um.simpli.fi/cw_match
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A998D3305B1C3F655702E27F08

49 B
665 B

39ms
22ms

Image
image/gif

151.101.112.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.6.v20170531) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
Via: 1.1 varnish
Server: Jetty(9.4.6.v20170531)
Transfer-Encoding: chunked
Content-Language: en-US
P3P: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
X-Cache-Hits: 0
X-Cache: MISS
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
CW-Server: ams-bh01
X-Served-By: cache-hhn1530-HHN

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A998D3305B1C3F655702E27F08&expires=365

42 B
371 B

43ms
15ms

Image
image/gif

62.67.193.85
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A998D3305B1C3F655702E27F08&expires=365
Protocol: HTTP/1.1
Server: 62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:55 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: E9ZQFDUMeflSXVpS6ZrlFw
Expires: 0

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B08932A998D3305B1C3F655702E27F08&expires=365
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
S

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B08932A998D3305B1C3F655702E27F08
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A998D3305B1C3F655702E27F08

43 B
255 B

13ms
13ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A998D3305B1C3F655702E27F08
Protocol: SPDY
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.35.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:55 GMT
server: OXGW/16.35.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 25 Jun 2018 11:35:55 GMT
server: OXGW/16.35.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=B08932A998D3305B1C3F655702E27F08
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pm_match?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08932A998D3305B1C3F655702E27F08

42 B
798 B

14ms
13ms

Image
image/gif

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08932A998D3305B1C3F655702E27F08
Protocol: HTTP/1.1
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 25 Jun 2018 11:35:55 GMT
X-lat: Pug22049:0:470
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B08932A998D3305B1C3F655702E27F08
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 154

GET
H/1.1

204
No Content

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEHIZJAUuECJql3B2CJilq9I&google_cver=1
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsimplifi%26google_hm%3D%24UID
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B08932A998D3305B1C3F655702E27F08
https://um.simpli.fi/g_match?id=

0
428 B

11ms
11ms

Image
text/plain

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

HTTP/1.1

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tfdsd4q.info/a/usnp.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Jun 2018 11:35:55 GMT
X-Content-Type-Options: nosniff
Server: openresty
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

pragma: no-cache
date: Mon, 25 Jun 2018 11:35:55 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 229
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 02:20:22	Name: IDE Value: AHWqTUmAqKDMFczCNE0idsY5JFiYAL0jIHnEhvaB7zjVi54SC3PBd5lF0EzlP42e
.tfdsd4q.info/	1970-01-18 16:58:46	Name: _gat_UA-11957493-1 Value: 1
.tfdsd4q.info/	1970-01-18 17:00:12	Name: _gid Value: GA1.2.93036845.1529926553
.tfdsd4q.info/	1970-01-19 10:29:58	Name: _ga Value: GA1.2.744025705.1529926553
tfdsd4q.info/	1970-01-18 21:17:58	Name: ip_access_token Value: 2017234553790

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://popeyes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5081500.fls.doubleclick.net
aa.agkn.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
load77.exelator.com
loadr.exelator.com
pixel.rubiconproject.com
popeyes.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
tfdsd4q.info
um.simpli.fi
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.108.51.30
107.178.240.89
13.56.189.78
147.75.102.200
151.101.112.166
159.253.128.183
169.50.137.176
172.217.22.102
173.241.240.143
185.33.223.200
185.59.220.18
185.64.189.110
185.94.180.125
216.58.205.226
216.58.207.34
2a00:1450:4001:80b::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
34.199.239.114
34.211.137.191
34.250.48.64
34.251.108.175
35.153.63.253
35.225.46.100
46.51.169.149
5.153.15.173
5.153.20.140
52.206.65.84
54.243.144.136
62.67.193.85
030657a0a68c9197a5c6224b1cde81cca704f38de817f171401bc5524e20b70d
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0fafadc815d4fa5363252e488a6c66680d077be4e32d70d4379f83708f24e522
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11562ac35a6c5fb686dd6aa62b889e530dcee36c784bf8b786f7530d9a598b64
21840286bb9d9b79e6b017e89c614fc44bb3269bf4583a162cdf917d93f5db88
288646cac2ae7c9ab5b7b7e0476928b52322d9363a336d0a1bf99d78d5589f91
28dd89482882f7e488e509f3a95e07274c0058df88477d8a3b16b181daf6384b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
4170c4f6c4353ef5701a94c32d92815d5fbb2f7fc9c42a646e56ac3ae743d8a4
42ef9c60e314a6b75346adcab3b17aafbef0df5090349d78bda5ebddc3262c0d
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6e562f8e7e9bee20126018a64143cd1c9ca21149f680bf44cdc8b132bf2f50eb
73de1f05b7ade7f8ff9c4b421e334af7a499fb06bde7545238cad64d6280af51
785b4092ab0197123e2b2ab1d7d09a80345631f0c474800ab991307dc1680736
822cac9dcc726b0a79afcf39c8a6dc6f52cb5377d763efa4346ae0f2b73018a5
89dc6775c466e11be95dd084d32b89c40343586d4dd9e6d3e37121ab7a7efc03
93e1da9a9a5a355349838233652dd881ecd26cde03abc1d2cc4fba53d192f701
9a36a0f1ef3b128fea6b881325e92a7e2d171d9ec95a598fd37a8e9bd385a7a5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be4952637d381ffa5b5403fa7dfa274b552b402aa8fb71922bab18f6fea887e1
c266f2177600b4f3307e1ee31811be252693467ea7d0cedb0dbbf06a5fdd6cce
c2937396e85c0ebc10e781dd2e66687fd843b90d3184a40e3120fd50d42521a4
c616685c34d5697c85a0512789a1a26cee9e8a4488bf1301129e77945b628e1d
c80ee465d2d404399b6a2c966622365597dbb5d2f6b568106f40055407213feb
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb2a7cca28a004423b4b5dd2af76a4b4b4a2dde3199b47026a87913e34d5ed58
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e0f760899fe5a2989d2047af11150396c5a2d93e0d1e79a6e0f439bcf635084a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb3f2ac1556af8e61e33821d8b72d3ecfef62b131fe2b6aa32256325d13c0260
ecee5370ede7f9858136e93dbd7cb9c2a48662606dec7b8a0cf638545e32f8bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0663fce42cdfe1f6aefa48b2876e449b41f90be32b90ae6b14c39cd323c42aa
fbe2a37dee8ecebf690923886b70eab99fb6e1722f98c99e1e8ecab3c67570f6
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

tfdsd4q.info Open in urlscan Pro 13.56.189.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

0 %HTTPS

23 %IPv6

27 Domains

35 Subdomains

25 IPs

7 Countries

1560 kBTransfer

2287 kBSize

5 Cookies

32 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tfdsd4q.info Open in urlscan Pro
13.56.189.78 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

0 %
HTTPS

23 %
IPv6

27
Domains

35
Subdomains

25
IPs

7
Countries

1560 kB
Transfer

2287 kB
Size

5
Cookies

55 HTTP transactions
0 data transactions