evilexposed.org Open in urlscan Pro
132.148.141.140 Public Scan

URL:
http://evilexposed.org/
Submission: On October 13 via manual (October 13th 2019, 1:56:14 am UTC) from PH

Summary HTTP 103 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 25 domains to perform 103 HTTP transactions. The main IP is 132.148.141.140, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is evilexposed.org.

This is the only time evilexposed.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 45	132.148.141.140 132.148.141.140	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
12	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG - Total Server Solutions L.L.C.)
3	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200c:ae00:e:5a70:ca47:86e1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	104.20.252.85 104.20.252.85	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2600:9000:21f... 2600:9000:21f3:9600:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	91.228.74.252 91.228.74.252	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
2 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	8.41.222.152 8.41.222.152	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	3.222.241.144 3.222.241.144	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 4	2600:9000:215... 2600:9000:2156:1000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:181::2bfe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2600:9000:215... 2600:9000:2156:fc00:14:85db:2b40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.230.203.68 54.230.203.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	216.200.199.154 216.200.199.154	6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth)
2	91.228.74.179 91.228.74.179	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
4	68.71.249.120 68.71.249.120	20093 (ZEROLAG) (ZEROLAG - Total Server Solutions L.L.C.)
1	52.85.182.99 52.85.182.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.231.120.186 54.231.120.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
103	24

45 132.148.141.140 (Scottsdale, United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-141-140.ip.secureserver.net

evilexposed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.evilexposed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 68.71.249.118 (Atlanta, United States)

ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:ae00:e:5a70:ca47:86e1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.20.252.85 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:9600:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.252 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.41.222.152 (United States) 1 redirects

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.241.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-241-144.compute-1.amazonaws.com

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:1000:6:44e3:f8c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:181::2bfe (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

bvadtgs.scdn1.secure.raxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:fc00:14:85db:2b40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

fpn.flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.203.68 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-203-68.fra50.r.cloudfront.net

flipboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.199.154 (United States)

ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 216.200.199.154.bpath.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.179 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.71.249.120 (Atlanta, United States)

ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US)
PTR: underdogmedia.com

edge.udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.182.99 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-99.fra50.r.cloudfront.net

d1lax2pddqj38d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.120.186 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	evilexposed.org 2 redirects evilexposed.org www.evilexposed.org	2 MB
16	udmserve.net udmserve.net edge.udmserve.net	16 KB
5	doubleclick.net googleads.g.doubleclick.net
4	quantcount.com 2 redirects rules.quantcount.com	2 KB
4	quantserve.com edge.quantserve.com pixel.quantserve.com	12 KB
4	pubmatic.com ads.pubmatic.com
4	underdog.media bid.underdog.media	133 KB
4	infolinks.com resources.infolinks.com router.infolinks.com	264 KB
4	flipboard.com 1 redirects cdn.flipboard.com flipboard.com Failed fpn.flipboard.com	5 KB
2	facebook.com staticxx.facebook.com www.facebook.com
2	raxcdn.com bvadtgs.scdn1.secure.raxcdn.com	5 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	61 KB
2	googlesyndication.com pagead2.googlesyndication.com	122 KB
1	amazonaws.com s3.amazonaws.com	53 KB
1	cloudfront.net d1lax2pddqj38d.cloudfront.net	16 KB
1	bidvertiser.com bdv.bidvertiser.com	224 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com	415 B
1	1rx.io 1 redirects sync.1rx.io	309 B
1	googleapis.com ajax.googleapis.com	25 KB
103	25

	Domain	Requested by
44	evilexposed.org	2 redirects evilexposed.org pagead2.googlesyndication.com
12	udmserve.net	evilexposed.org bid.underdog.media
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	edge.udmserve.net	bid.underdog.media
4	rules.quantcount.com	2 redirects evilexposed.org
4	ads.pubmatic.com	udmserve.net
4	bid.underdog.media	udmserve.net bid.underdog.media evilexposed.org
2	pixel.quantserve.com	evilexposed.org
2	router.infolinks.com	resources.infolinks.com evilexposed.org
2	fpn.flipboard.com	1 redirects evilexposed.org
2	bvadtgs.scdn1.secure.raxcdn.com	evilexposed.org bvadtgs.scdn1.secure.raxcdn.com
2	sync.search.spotxchange.com	2 redirects
2	ib.adnxs.com	2 redirects
2	edge.quantserve.com	udmserve.net
2	www.google-analytics.com	evilexposed.org
2	connect.facebook.net	evilexposed.org connect.facebook.net
2	resources.infolinks.com	evilexposed.org
2	pagead2.googlesyndication.com	evilexposed.org pagead2.googlesyndication.com
1	s3.amazonaws.com	evilexposed.org
1	d1lax2pddqj38d.cloudfront.net	evilexposed.org
1	bdv.bidvertiser.com	bvadtgs.scdn1.secure.raxcdn.com
1	www.facebook.com	connect.facebook.net
1	staticxx.facebook.com	connect.facebook.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	flipboard.com	cdn.flipboard.com evilexposed.org
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	sync.technoratimedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	cdn.flipboard.com	evilexposed.org
1	ajax.googleapis.com	evilexposed.org
1	www.evilexposed.org	evilexposed.org
103	32

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
*.flipboard.com DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2019-11-06`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
udmserve.net DigiCert SHA2 High Assurance Server CA	`2019-07-15` - `2021-10-14`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
ssl902972.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-08` - `2020-04-15`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://evilexposed.org/
Frame ID: 2FEEFBF4AF5F3AC57162F7110CEB8539
Requests: 84 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Frame ID: 652E724D8079FF760597AE70BD8D3D2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html
Frame ID: A36FBE7023A1AEAD45DDF3387A3958A2
Requests: 1 HTTP requests in this frame

Frame: https://flipboard.com/cover/@ronforemand57r7/illuminati-puppet-h9vf8khvy
Frame ID: 8A3DE96D0248B42183BACEC5FD98C06F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=90&slotname=5226932605&adk=1940160681&adf=2534418036&w=728&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&dt=1570931740322&bpp=44&bdt=1472&fdt=344&idt=344&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&correlator=6274180390058&frm=20&pv=2&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=17361331434112&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=44&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&xpc=R9hsc6qLKy&p=http%3A//evilexposed.org&dtd=362
Frame ID: CCA8D71CBD795303023F3E9DE45D634D
Requests: 1 HTTP requests in this frame

Frame: https://flipboard.com/cover/@ronforemand57r7/illuminati-puppet-h9vf8khvy
Frame ID: CC9613125ADB11B914A640D80CF46BE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&adk=1812271804&adf=3025194257&lmt=1570931740&plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fevilexposed.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570931740761&bpp=4&bdt=1911&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=69442104865408&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&dtd=10
Frame ID: E90CE2DD3EE04FBF857807CC6A4C4B31
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Frame ID: E11929C088ABFCA559C08B0EF6D59E49
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 1E63D19A066B5F8D4203B2CA032507FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=363934571&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740376&bpp=181&bdt=1526&fdt=474&idt=474&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=402&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&xpc=98gNxvYWbk&p=http%3A//evilexposed.org&dtd=479
Frame ID: 358B2624B6CEE05688E8297AC4C6C391
Requests: 1 HTTP requests in this frame

Frame: http://udmserve.net/udm/img.fetch?sid=12680;tid=2;dt=7;p=1;mid=43265;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.0958695670453984;session=1;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931740260_434773_109.236.94.21
Frame ID: BC26D8CF3AD202BFA8DD59C4430F519C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=627442307315732&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1668d1bb3bb58%26domain%3Devilexposed.org%26origin%3Dhttp%253A%252F%252Fevilexposed.org%252Ff2cf83d891b6098%26relation%3Dparent.parent&container_width=234&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FEvil-Exposed%2F532812473503324%3Fref%3Dhl&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true
Frame ID: A4B89C9ADEF1D3C555C534C3506BAA97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=998295998&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740558&bpp=6&bdt=1708&fdt=330&idt=330&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C120x600&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=1022&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&xpc=8bLVPOIAD6&p=http%3A//evilexposed.org&dtd=333
Frame ID: 739B7A33C548D452E0345981F5BB146A
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage
Frame ID: 55636FD90225047FE180BAA8B648BBA1
Requests: 1 HTTP requests in this frame

Frame: http://udmserve.net/udm/img.fetch?sid=12680;tid=4;dt=7;p=1;mid=43266;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.9860955400352021;refresh=2;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931742958_552531_109.236.94.21
Frame ID: 717F7EC264C4B1395047FDF376892777
Requests: 2 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Frame ID: 9FF608078B50C449E08D5AE9A7F6F897
Requests: 1 HTTP requests in this frame

Frame: http://udmserve.net/udm/img.fetch?sid=12680;tid=11;dt=7;p=1;mid=43267;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.2603699093999692;refresh=2;session=1;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931745176_768230_109.236.94.21
Frame ID: 880D0862ACDF7B87191B20FE6F3C60A4
Requests: 2 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Frame ID: 72B0014B05925662D446D186D34E9EEF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

103
Requests

22 %
HTTPS

44 %
IPv6

25
Domains

32
Subdomains

24
IPs

6
Countries

2549 kB
Transfer

4267 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Evil-Exposed/532812473503324
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://evilexposed.org/ajax/common.ashx HTTP 302
http://evilexposed.org/404.aspx

Request Chain 8

http://evilexposed.org/ajax/BLL.Queries,App_Code.mkuj4wfu.ashx HTTP 302
http://evilexposed.org/404.aspx

Request Chain 46

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 52

http://ib.adnxs.com/getuid?http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
http://udmserve.net/udm/fetch.pix?dt=1;apnid=4931306887278689889

Request Chain 53

http://sync.1rx.io/usersync2/underdogmedia HTTP 302
http://udmserve.net/udm/fetch.pix?dt=1;roid=OPTOUT

Request Chain 54

http://sync.search.spotxchange.com/partner?adv_id=8587&redir=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bspotx%3D%24SPOTX_USER_ID HTTP 302
http://sync.search.spotxchange.com/partner?adv_id=8587&redir=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bspotx%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=8ef41c04-ed5c-11e9-814f-16821cb21b06 HTTP 302
http://udmserve.net/udm/fetch.pix?dt=1;spotx=8ef41b95-ed5c-11e9-814f-16821cb21b06

Request Chain 55

http://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID] HTTP 307
https://udmserve.net/udm/fetch.pix?dt=1;sncr=GDPR

Request Chain 59

http://rules.quantcount.com/rules-p-effSsmMYCbAck.js HTTP 301
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js

Request Chain 60

http://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js HTTP 301
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js

Request Chain 68

https://fpn.flipboard.com/pix/__fpn.gif?utm_source=http%3A%2F%2Fevilexposed.org%2F HTTP 307
https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fevilexposed.org%25252F&rh=http%253A%252F%252Fevilexposed.org%252F

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
evilexposed.org/ 100 KB
100 KB 1017ms
708ms Document
text/html 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 662f45a282070612f3c12f8ac58e16da5644c667ed5fc8c3e62094920475984e

Request headers

Host: evilexposed.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ufkftgqos1uj3pzdltqrdz3r; path=/; HttpOnly
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Content-Length: 102170

GET
H/1.1 200
OK Site.css
evilexposed.org/Styles/ 4 KB
5 KB 294ms
280ms Stylesheet
text/css 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/Styles/Site.css
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6c16f999c2279e02e8d82d7bc30ea3be48fb3add8cbe000be39fbc4dc927020d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Fri, 20 Apr 2018 14:50:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c3594dbb6d8d31:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4429

GET
H/1.1 200
OK jquery_1_9_1.js Show response
evilexposed.org/JavaScript/ 345 KB
345 KB 292ms
278ms Script
application/javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/JavaScript/jquery_1_9_1.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b43da5502aac63efbd55aa91dd808b99b0ab74944b64d5d1d67a4680a5b62e21

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Fri, 20 Apr 2018 14:49:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f2391d6b6d8d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 353405

GET
H/1.1 200
OK jquery1_10_3_ui.js Show response
evilexposed.org/JavaScript/ 558 KB
558 KB 292ms
279ms Script
application/javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/JavaScript/jquery1_10_3_ui.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c66f15f3f62139ddbb522bf8d66f8e9dd51aa40611fffa59e8de423596cfeaff

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Fri, 20 Apr 2018 14:49:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2a8db2d6b6d8d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 571522

GET
H/1.1 200
OK illuminati.js Show response
evilexposed.org/JavaScript/ 7 KB
7 KB 292ms
279ms Script
application/javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/JavaScript/illuminati.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e69c559710aee763765953f58d1814b2f2617557acf3050e63a593d9d00a81c7

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Fri, 20 Apr 2018 14:49:47 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "12e1dfd3b6d8d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6691

GET
H/1.1 200
OK style.css
evilexposed.org/Styles/ 2 KB
2 KB 293ms
280ms Stylesheet
text/css 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/Styles/style.css
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 11b7d9deb71801d4777db85b9da02fc747e733e90f59b3302ecbca1f50e3c314

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Fri, 20 Apr 2018 14:50:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b57696dbb6d8d31:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2098

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 6 KB
2 KB 322ms
308ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12679;tid=1;dt=8;
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: 62888019486c1502dd5465f4dfb2976f12623392655c4391e2ec1516b1c57dbe

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:39 GMT
Content-Encoding: gzip
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Length: 1865
Expires: 0

GET
H/1.1 200
OK WebResource.axd Show response
evilexposed.org/ 23 KB
23 KB 279ms
147ms Script
application/x-javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/WebResource.axd?d=Oq4nkX27zl2k_DIohY-QNMXyjeoqnSltzdlGZ-E5naWhlCi_ISjc1gJPq4on61jZlj82cDOxG6cfP7y3UHHWQxqNDCgn1OorZrIDQ7NPxZ01&t=637026141540455162
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Last-Modified: Thu, 29 Aug 2019 01:35:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 23063
Expires: Mon, 12 Oct 2020 01:55:48 GMT

GET
H/1.1

200
OK

404.aspx Show response
evilexposed.org/
Redirect Chain

http://evilexposed.org/ajax/common.ashx
http://evilexposed.org/404.aspx

11 KB
11 KB

669ms
666ms

Script
text/html

132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/404.aspx
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 584561ca290d7684423ec493fab310e18508afd456e860ce1a30d85dfcade6a2

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 11457

Redirect headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Location: http://evilexposed.org/404.aspx
Cache-Control: private

GET
H/1.1

200
OK

404.aspx Show response
evilexposed.org/
Redirect Chain

http://evilexposed.org/ajax/BLL.Queries,App_Code.mkuj4wfu.ashx
http://evilexposed.org/404.aspx

11 KB
11 KB

305ms
158ms

Script
text/html

132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/404.aspx
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 584561ca290d7684423ec493fab310e18508afd456e860ce1a30d85dfcade6a2

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 11457

Redirect headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Location: http://evilexposed.org/404.aspx
Cache-Control: private

GET
H/1.1 200
OK ScriptResource.axd Show response
evilexposed.org/ 312 KB
47 KB 453ms
172ms Script
application/x-javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/ScriptResource.axd?d=L046ARdrgM-4R08aYb-R34SDSznEqlDyYfaVPoTiSy1nHVGDdujmAat0nggtms4ZDeShAAw6lgFCkd2Ty58GSnssaM39erdGi2da57Kn4COFPfrEF-H3L3NLl8oMYLPJEb1Hq_VrjMgDPd2YMisPoUgEgldSyEe0QJ-uMPnwawZSNawi01yfvAKmH79Wa25K0&t=10c151ff
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4c6ebc58d3cf8c131d99dd1adfd0c09ae67731226711fbe83132e17e8c2f6233

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 01:55:48 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 47752
Expires: Mon, 12 Oct 2020 01:55:48 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
evilexposed.org/ 99 KB
15 KB 458ms
161ms Script
application/x-javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/ScriptResource.axd?d=_gOGjaDrcjbpPm3VvEsXKBjyY_HAHJOXmPyxmbBx3lxGbJF3_uwY_lbVQBf2I1rgBL3PZA5rw2qK7wzbgDhrJ38cVUMi-gFn2PwtQW0cggFJemaNFmCJCWPS8eR2ti8-J0QhvRQ_jI_hx9iULJ40TfkEOwhNW5ga8gcbFSrzAy2aygEGd8NtijQD9OLgbGhz0&t=10c151ff
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5370433ee2bffd2ae12b033a997343d094b5c853b09243a06f4850a13bc0e5aa

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Oct 2019 01:55:48 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 15431
Expires: Mon, 12 Oct 2020 01:55:48 GMT

GET
H/1.1 200
OK Default.aspx Show response
evilexposed.org/ 44 KB
11 KB 471ms
157ms Script
application/x-javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/Default.aspx?_TSM_HiddenField_=ToolkitScriptManager1_HiddenField&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c+Version%3d3.0.30512.20351%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3ac73b5a33-b750-40f5-8849-44b74757ea70%3ae2e86ef9%3a1df13a87%3a3858419b
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ba7b53edf5072224bd1b80c763da7486901f8d9b2735baf749f3076d2eebb7c6

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jun 2019 18:45:25 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 10897
Expires: Mon, 12 Oct 2020 01:55:48 GMT

GET
H/1.1 200
OK evileexposed1.gif
evilexposed.org/Images/ 9 KB
9 KB 156ms
156ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/evileexposed1.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ea851ab367bde9266526c1ea520e0b0d78af395f0eaacd1ab4d7b3821011d572

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d9dd987cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 9142

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 103 KB
36 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fa9d325558a8c877fe52b509a8dce8cd63107f08617fb9f8e3247be5885df81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Timing-Allow-Origin: *
Date: Sun, 13 Oct 2019 01:55:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10673192029995764333
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36814
X-XSS-Protection: 0
Expires: Sun, 13 Oct 2019 01:55:39 GMT

GET
H/1.1 200
OK catagories.gif
www.evilexposed.org/images/ 26 KB
27 KB 659ms
337ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.evilexposed.org/images/catagories.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 430eb1601d299045147d2bec978a8a9525ddf40ef18cb9465c4f23747281cdd0

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "196a4c7cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 26876

GET
H/1.1 200
OK books.gif
evilexposed.org/images/ 21 KB
21 KB 156ms
156ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/images/books.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f14571276819f869e6dae25e02f839c8876fbb8ce7ad1add56fec53fe2ba1ec4

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "15c8427cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 21676

GET
H/1.1 200
OK hidden.gif
evilexposed.org/Images/ 33 KB
33 KB 151ms
151ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/hidden.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8774f1fa9898e3c0b9e7516740384f8ccf84af03302a4c828f439f4e2b982816

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:31 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f4d11b7db7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 33418

GET
H/1.1 200
OK about.gif
evilexposed.org/images/ 23 KB
23 KB 156ms
154ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/images/about.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4defa861f3a1f0bcd19309491db71761fe3ee782da9faca62cf7259d065a821e

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "fe41267cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 23626

GET
H/1.1 200
OK website.gif
evilexposed.org/images/ 20 KB
20 KB 154ms
152ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/images/website.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7c70eaaf585f324d16690bbc22375523a2b364b90d7fc840275cc9a315f56911

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f941f77db7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 20254

GET
H/1.1 200
OK go.gif
evilexposed.org/Images/ 576 B
853 B 147ms
145ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/go.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a79a00bde36060a6e2d27dc54ae0335a266ce8385b4e38db2ec6bbcf4872c780

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1eafd67cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 576

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Fri, 11 Oct 2019 07:12:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 153780
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 24715
X-XSS-Protection: 0
Expires: Sat, 10 Oct 2020 07:12:39 GMT

GET
H/1.1 200
OK jquery.easing.1.3.js Show response
evilexposed.org/JavaScript/ 8 KB
8 KB 148ms
148ms Script
application/javascript 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://evilexposed.org/JavaScript/jquery.easing.1.3.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:49:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "78b5e0d5b6d8d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8301

GET
H/1.1 200
OK afganopium0001.jpg
evilexposed.org/Images/Puppets/ 27 KB
27 KB 152ms
149ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/afganopium0001.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93d38595033034514f8b36c1e280e3118e9f35df311bdacfd61bb71ae1fe1cd

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Sun, 15 Sep 2019 20:29:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9f57f35646cd51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 27172

GET
H/1.1 200
OK sigularity0002.jpg
evilexposed.org/Images/Puppets/ 45 KB
45 KB 154ms
153ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/sigularity0002.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 53a05bf15dea36f4305dd1984132d801bb427b5a4f6efbc461a6710ec507601d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Wed, 11 Sep 2019 18:11:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e2c7cd44cc68d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 46121

GET
H/1.1 200
OK opiod0001kapoor.jpg
evilexposed.org/Images/Puppets/ 64 KB
64 KB 152ms
152ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/opiod0001kapoor.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb176ffc1151233a6765889b8da129b8f40cbe277b8490cddc79ec921e17381b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "203c3aa8b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 65727

GET
H/1.1 200
OK science0001.jpg
evilexposed.org/Images/Puppets/ 35 KB
36 KB 217ms
216ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/science0001.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 89943a85217d7d2f3fbeeb19b1f276b2e271ae0c3fbc364f31d5fdb102b32cb4

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:54 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "de696eaeb7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 36271

GET
H/1.1 200
OK syriaattack0002.jpg
evilexposed.org/Images/Puppets/ 14 KB
14 KB 217ms
217ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/syriaattack0002.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4f4f982d76f26f242e86fb4d22062b5e3f7687e260b950006e0babcfe5e08fcc

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6122efb1b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 13829

GET
H/1.1 200
OK tonyblairjimmysavaile02.jpg
evilexposed.org/Images/Puppets/ 20 KB
20 KB 215ms
215ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/tonyblairjimmysavaile02.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 70cb6b3c598a779dcc5fe0ca8dadad06d9d32f1694fe56da81c02dad2c0f4595

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:56:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f4f2e6b5b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20511

GET
H/1.1 200
OK populationdecline00003.JPG
evilexposed.org/Images/Puppets/ 23 KB
24 KB 398ms
190ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/populationdecline00003.JPG
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8552cd7159be52b79d24a33f3ca941cbb7cd0ff99dcb9f753a296e0408c57678

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "24d14abb7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 24002

GET
H/1.1 200
OK alijailforwar0001.JPG
evilexposed.org/Images/Puppets/ 28 KB
28 KB 399ms
189ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/alijailforwar0001.JPG
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 02c1a0156c58750c3596e5248047a047e80cbad3906a01a69e400ad50193b15b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "fe676d82b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 28737

GET
H/1.1 200
OK historylies0001.jpg
evilexposed.org/Images/Puppets/ 10 KB
11 KB 399ms
190ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/historylies0001.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 742abb70a9afe309bb5b3e08e95501fb865414f955bea42b4d168bb90a0da9fb

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "99a8c497b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10547

GET
H/1.1 200
OK Rothschild-banks-700x350.jpg
evilexposed.org/Images/Puppets/ 21 KB
21 KB 189ms
189ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/Rothschild-banks-700x350.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 85e78abbd5384c61f14077c90083768afa12648d042077fdd0a6b315a30757a9

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8120a6adb7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 21100

GET
H/1.1 200
OK privateprsiongone0002.png
evilexposed.org/Images/Puppets/ 21 KB
22 KB 153ms
150ms Image
image/png 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/privateprsiongone0002.png
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a5906b5c4863b59fff8d8e2c8825af1b6252f9db1c27ad7fd92ecbf78bdea8f7

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:49 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d61d0abb7d8d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 21974

GET
H/1.1 200
OK gold3.jpg
evilexposed.org/Images/Puppets/ 18 KB
19 KB 152ms
150ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/gold3.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 678abaac78b48f0d8e802bcdf5654e4d887b31e6c91e25b535a37a31e59bd59c

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:13 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f0732a96b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 18910

GET
H/1.1 200
OK vaccinejail01.JPG
evilexposed.org/Images/Puppets/ 18 KB
18 KB 153ms
151ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/vaccinejail01.JPG
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1508d970e4e51e086f493a8a7e6620b87cb4517891c9c5e84c7204cb1d76235f

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:56:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d315abb8b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 18523

GET
H/1.1 200
OK govmurders2.jpg
evilexposed.org/Images/Puppets/ 23 KB
24 KB 156ms
155ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/govmurders2.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0fb098939046ccabbe16ce2e1df7a62cfaf1ad2faa3ce553ce2e4c66c84383ec

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f631e996b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23806

GET
H/1.1 200
OK pyramidhome01.jpg
evilexposed.org/Images/Puppets/ 15 KB
15 KB 171ms
171ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/pyramidhome01.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0cc341c8cb262f138fcd7926b9ec6dbe5216bd9207c575ecd4be67128d69e315

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:49 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b8ececabb7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 15503

GET
H/1.1 200
OK aliensdemons1.jpg
evilexposed.org/Images/Puppets/ 18 KB
18 KB 151ms
151ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/aliensdemons1.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b7d90b38af7d02b199154f672dd04a666310f04dbc66e5fb8bf8bac3551f079

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "298fd981b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 18645

GET
H/1.1 200
OK subliminalads7.jpg
evilexposed.org/Images/Puppets/ 11 KB
11 KB 147ms
147ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/subliminalads7.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a7048eff38ea80e01d15290ee8c0990e5a1d7a20abd4a56b1b575f6888655c1a

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "662a0b1b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 11277

GET
H/1.1 200
OK satabicdetroit02.jpg
evilexposed.org/Images/Puppets/ 19 KB
19 KB 148ms
148ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/satabicdetroit02.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3dcd390703a84211059b8337bfd4f335aceda9c5762f75ef5789abddb8f99181

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:53 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6a54aaeb7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19168

GET
H/1.1 200
OK jonesplantation0001.jpg
evilexposed.org/Images/Puppets/ 42 KB
42 KB 159ms
159ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/jonesplantation0001.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d7d27d6f9f1531b1239f15cb86fa96e90d4bc4f87da6c74ad443ea9dfa76ff3e

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "33567f9ab7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 42854

GET
H/1.1 200
OK egyptufo2.jpg
evilexposed.org/Images/Puppets/ 23 KB
23 KB 444ms
441ms Image
image/jpeg 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/Puppets/egyptufo2.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 12177888e1fdacaa78417a5636bbb1cd024e0d126ef8df685c73f4456ffaef6b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:55:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "825b9190b7d8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23098

GET
H/1.1 200
OK facebook_image.png
evilexposed.org/Images/ 2 KB
2 KB 442ms
440ms Image
image/png 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/Images/facebook_image.png
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9d62e0ead87b7432af1765a27fa54709dd243c499f010c20567552ef3e71dcb7

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:49 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2f25ba7cb7d8d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1869

GET
H2 200 flbuttons.min.js Show response
cdn.flipboard.com/web/buttons/js/ 7 KB
4 KB 40ms
6ms Script
application/javascript 2600:9000:200c:ae00:e:5a70:ca47:86e1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:e:5a70:ca47:86e1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Sat, 12 Oct 2019 06:05:35 GMT
content-encoding: gzip
last-modified: Wed, 11 Oct 2017 00:24:00 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:alee/gid:20/mode:33188/mtime:1507680760/atime:1507680783/md5:ec6e4306e5e274d25c4f9afde663da81/ctime:1507680760
age: 83820
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2
x-amz-cf-id: JqOOsOB8yQN_zAqVP8mElLDC06bGq5ITXgQNoDFQ9y29qRu5WBazZw==
via: 1.1 a2289d8b15b881db1c42086062568883.cloudfront.net (CloudFront)

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 7 KB
3 KB 164ms
163ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: 238b7d800f8828811a27a3b976a3df821e9137f9bd9cb621780d969dadb7c643

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H/1.1 200
OK infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
3 KB 51ms
34ms Script
application/javascript 104.20.252.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 104.20.252.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf20253d65d8975f902f855af610293f10d7d4a522f89accb59287c13584a555

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

CF-RAY: 524db14ecbea9d60-AMS
Date: Sun, 13 Oct 2019 01:55:39 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 07:08:38 GMT
Server: cloudflare
Age: 9990
ETag: W/"c9e-59489121e6d2d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 13 Oct 2019 00:09:09 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e4bcee3d08734d393d9e22f2df33bec1b17e8649ac2962c5b09a71e10b686714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E2TAJfUDsod8j6x0vHksTg==
status: 200
content-length: 1779
etag: "4b73b976f362c685b9426fc573aaf1ec"
x-fb-debug: lsPuNp1ej1ag1ENAywuxFf40ql9XnXVFKkAqhnBV7d0RLN3OIHxuuy9Up7SzeOCKsffk2edPKpdW17LqWRe+6A==
x-fb-trip-id: 997090344
x-fb-content-md5: bdf0d54edb844b594c596bdb7b454ef8
x-frame-options: DENY
date: Sun, 13 Oct 2019 01:55:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Oct 2019 02:04:07 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.8&appId=627442307315732
Non-Authoritative-Reason: HSTS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5061
date: Sun, 13 Oct 2019 00:31:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 13 Oct 2019 02:31:19 GMT

GET
H/1.1 200
OK evilback.gif
evilexposed.org/images/ 6 KB
6 KB 285ms
175ms Image
image/gif 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/images/evilback.gif
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d7a4012a468a58e90d98c07bd28cfc6175017752912d976c1563885f3552ea9a

Request headers

Referer: http://evilexposed.org/Styles/Site.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6ac7807cb7d8d31:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6201

GET
H/1.1 200
OK udm-r3_Thu_10_10_9_31_12_2019.js Show response
bid.underdog.media/ 286 KB
88 KB 25ms
6ms Script
application/javascript 2600:9000:21f3:9600:5:c4ab:c3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12679;tid=1;dt=8;
Protocol: HTTP/1.1
Server: 2600:9000:21f3:9600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c03906803787c98c7a57e54ee26eb91927164d5b00493ddb2cdb50d31f0dada

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Thu, 10 Oct 2019 16:32:17 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 10 Oct 2019 16:31:16 GMT
Server: AmazonS3
Age: 206604
ETag: "85bf7215dcad835b622522703bfdc7d3"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 89385
X-Amz-Cf-Id: nYU08chM-RgmIiPq4QnWl9Nbb6R0QFilfXH2_mBkH1GjfuORSHc3AA==

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 652E 0
0 44ms
30ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12679;tid=1;dt=8;
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://evilexposed.org/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer: http://evilexposed.org/

Response headers

Last-Modified: Fri, 26 Jul 2019 09:40:01 GMT
ETag: "1300708-26ca-58e92538a370a"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 3860
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29769
Expires: Sun, 13 Oct 2019 10:11:49 GMT
Date: Sun, 13 Oct 2019 01:55:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 54ms
39ms Script
application/x-javascript 91.228.74.252
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12679;tid=1;dt=8;
Protocol: HTTP/1.1
Server: 91.228.74.252 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13-Oct-2019 01:55:40 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, must-revalidate, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Sun, 20 Oct 2019 01:55:40 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

http://ib.adnxs.com/getuid?http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
http://udmserve.net/udm/fetch.pix?dt=1;apnid=4931306887278689889

43 B
496 B

322ms
308ms

Image
image/gif

68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://udmserve.net/udm/fetch.pix?dt=1;apnid=4931306887278689889
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:42 GMT
X-Proxy-Origin: 109.236.94.21; 109.236.94.21; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid: f39f8471-2e80-45bb-a846-dfbe798e7666
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: http://udmserve.net/udm/fetch.pix?dt=1;apnid=4931306887278689889
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

http://sync.1rx.io/usersync2/underdogmedia
http://udmserve.net/udm/fetch.pix?dt=1;roid=OPTOUT

43 B
482 B

169ms
168ms

Image
image/gif

68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://udmserve.net/udm/fetch.pix?dt=1;roid=OPTOUT
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:40 GMT
Server: nginx
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: http://udmserve.net/udm/fetch.pix?dt=1;roid=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

http://sync.search.spotxchange.com/partner?adv_id=8587&redir=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bspotx%3D%24SPOTX_USER_ID
http://sync.search.spotxchange.com/partner?adv_id=8587&redir=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bspotx%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=8ef41c04-ed5c-11e9-814f-16821cb...
http://udmserve.net/udm/fetch.pix?dt=1;spotx=8ef41b95-ed5c-11e9-814f-16821cb21b06

43 B
513 B

363ms
350ms

Image
image/gif

68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://udmserve.net/udm/fetch.pix?dt=1;spotx=8ef41b95-ed5c-11e9-814f-16821cb21b06
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Server: nginx
Location: http://udmserve.net/udm/fetch.pix?dt=1;spotx=8ef41b95-ed5c-11e9-814f-16821cb21b06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 144
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

http://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
https://udmserve.net/udm/fetch.pix?dt=1;sncr=GDPR

43 B
168 B

898ms
163ms

Image
image/gif

68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;sncr=GDPR
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:41 GMT
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Access-Control-Allow-Origin: http://evilexposed.org/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Location: https://udmserve.net/udm/fetch.pix?dt=1;sncr=GDPR
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: text/plain

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
13ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1294779172&t=pageview&_s=1&dl=http%3A%2F%2Fevilexposed.org%2F&ul=en-us&de=UTF-8&dt=Evil%20Exposed%20-%20Truth%20Being%20Told!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=510580708&gjid=2081719134&cid=1886135941.1570931740&tid=UA-92064510-1&_gid=792489369.1570931740&_r=1&z=172048514

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

pragma: no-cache
date: Sun, 13 Oct 2019 01:55:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 199 KB
59 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=525bcc55e8da8faf21d75e07596636cf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

a7cdeada70cf360ba776b54b61c443507c00f2f375493119c31bcc515f204eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://evilexposed.org/
Origin: http://evilexposed.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3Bgm3yTJf83xJhH9b6MGGg==
status: 200
content-length: 60560
etag: "cc7199418299e10324b6288338955a6d"
x-fb-debug: sTyQk3yirdo1RHNdAcsjdhr08NXOWdzmXP56/HPza355T0mkVDEq2dF6I74P3C35mmiiD8i3lKQgW+wI7qBsRA==
x-fb-trip-id: 2125611096
x-fb-content-md5: e6b8b1b4393d7a407e21537249bfbb8c
x-frame-options: DENY
date: Sun, 13 Oct 2019 01:55:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 12 Oct 2020 00:49:56 GMT

GET
H/1.1 200
OK bcv1.js Show response
bid.underdog.media/ 884 B
1 KB 9ms
7ms Script
application/x-javascript 2600:9000:21f3:9600:5:c4ab:c3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 2600:9000:21f3:9600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a474e114b69be56a305547a302e3a3c8b0609c37ac6135543ef6e69365102606

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:36:32 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 13 Oct 2019 01:30:03 GMT
Server: AmazonS3
Age: 1149
ETag: "ba166f092ad5af6300a5dad9e3a881a6"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Cache-Control: max-age=1800
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 500
X-Amz-Cf-Id: aorl7GId1zAXZmbsnSKOYkV-K_3ET6l7Yya9q8-6KHzdiLjFLwNkxg==

GET
H2

200

rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-effSsmMYCbAck.js
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js

3 B
358 B

191ms
5ms

Script
application/x-javascript

2600:9000:2156:1000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:1000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Tue, 25 Jun 2019 09:41:35 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
age: 23563
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: BAjY7hYUSEPVklaDUSKWGmegNTuD_UD_VDn6lttewwacXiHhHL4yNA==

Redirect headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: wmryQ4rtOwh8RS08UOvHh0cNtqRYZxWr-oFSwsiGSUzBQjico3se5A==

GET
H2

200

rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js

3 B
357 B

585ms
399ms

Script
application/x-javascript

2600:9000:2156:1000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:1000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Sun, 13 Oct 2019 01:52:37 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 195
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: WerV5WKGBGP6Qrse1rbBwobmaStVJVChKbIi6BxBDYV-dnC1NTiY6Q==

Redirect headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: SNVSzR_9UAGpolHC0JD7OQAR6ikRXicBtBq29EBmQSiy509BqBjEbA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=evilexposed.org

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin: *
date: Sun, 13 Oct 2019 01:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=evilexposed.org

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

timing-allow-origin: *
date: Sun, 13 Oct 2019 01:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/ 232 KB
85 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Sun, 13 Oct 2019 01:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 87365
x-xss-protection: 0
server: cafe
etag: 4488748446277364222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Oct 2019 01:55:40 GMT

GET
H/1.1 404
Not Found overlay.png
evilexposed.org/images/ 1 KB
1 KB 398ms
189ms Image
text/html 132.148.141.140
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://evilexposed.org/images/overlay.png
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Server: 132.148.141.140 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-132-148-141-140.ip.secureserver.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: http://evilexposed.org/Styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

X-Powered-By-Plesk: PleskWin
Date: Sun, 13 Oct 2019 01:55:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/ Frame A36F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191003/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 10 Oct 2019 01:03:25 GMT
expires: Thu, 24 Oct 2019 01:03:25 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 262335
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK bdvws.js Show response
bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/ 14 KB
4 KB 495ms
306ms Script
application/javascript 2a02:26f0:6c00:181::2bfe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_17706161570931740369&bvlinksownid=1770616&rows=3&cols=3&textpos=below&imagewidth=250&mobilecols=2&cb=1570931740369
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:181::2bfe , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d85aa22d9da98a2cff4b5fa9ff8bc3ea181d129f95cc35e3729b79999329d6ca

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jun 2019 09:00:22 GMT
Server: Microsoft-IIS/8.5
ETag: "20cbe33f222fd51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3364

GET illuminati-puppet-h9vf8khvy
flipboard.com/cover/@ronforemand57r7/ Frame 8A3D 0
0

GET
H2

200

__fpn.gif
fpn.flipboard.com/tr/
Redirect Chain

https://fpn.flipboard.com/pix/__fpn.gif?utm_source=http%3A%2F%2Fevilexposed.org%2F
https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fevilexposed.org%25252F&rh=http%253A%252F%252Fevilexposed.org%252F

35 B
360 B

6ms
6ms

Image
image/gif

2600:9000:2156:fc00:14:85db:2b40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpn.flipboard.com/tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fevilexposed.org%25252F&rh=http%253A%252F%252Fevilexposed.org%252F
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:fc00:14:85db:2b40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Sat, 12 Oct 2019 19:40:10 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2017 18:19:12 GMT
server: AmazonS3
age: 22929
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 4XfgnAPrf92HyVp6-YEkN0vzHZUXr2WXVMlKhJ0ql-Pr8fIpo76UhA==

Redirect headers

pragma: no-cache
date: Sun, 13 Oct 2019 01:55:40 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
status: 307
x-cache: LambdaGeneratedResponse from cloudfront
location: /tr/__fpn.gif?qs=utm_source%253Dhttp%25253A%25252F%25252Fevilexposed.org%25252F&rh=http%253A%252F%252Fevilexposed.org%252F
cache-control: no-cache, no-store, must-revalidate
content-length: 0
x-amz-cf-id: cida9Cq7y704AnLdp3vhl7TlyRCM_NCp3DrdVB4cSygn44h3BVBU7A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame CCA8 0
0 223ms
223ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=90&slotname=5226932605&adk=1940160681&adf=2534418036&w=728&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&dt=1570931740322&bpp=44&bdt=1472&fdt=344&idt=344&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&correlator=6274180390058&frm=20&pv=2&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=17361331434112&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=44&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&xpc=R9hsc6qLKy&p=http%3A//evilexposed.org&dtd=362

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7043798212798004&output=html&h=90&slotname=5226932605&adk=1940160681&adf=2534418036&w=728&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&dt=1570931740322&bpp=44&bdt=1472&fdt=344&idt=344&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&correlator=6274180390058&frm=20&pv=2&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=17361331434112&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=44&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&xpc=R9hsc6qLKy&p=http%3A//evilexposed.org&dtd=362
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Oct 2019 01:55:40 GMT
server: cafe
content-length: 12419
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Oct-2019 02:10:40 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 13 Oct 2019 01:55:40 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
28 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

128869a25131fc642133dda16f4e88b723e1623e20234a39d260a1f0267c518f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Sun, 13 Oct 2019 01:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570792838566027"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Sun, 13 Oct 2019 01:55:40 GMT

GET
H/1.1 200
OK ice.js Show response
resources.infolinks.com/js/1668.011-2.067/ 888 KB
261 KB 53ms
53ms Script
application/javascript 104.20.252.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/1668.011-2.067/ice.js
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 104.20.252.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4774f849a15ce755bdc4721c10eb47a87cbeeda1ffbf666b7672b6c8edf75910

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

CF-RAY: 524db1536e099d60-AMS
Date: Sun, 13 Oct 2019 01:55:40 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Wed, 02 Oct 2019 16:24:54 GMT
Server: cloudflare
Age: 3403
ETag: W/"de0e0-593efe8bee4f8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 12 Nov 2019 00:58:57 GMT

GET
H2 200 illuminati-puppet-h9vf8khvy
flipboard.com/cover/@ronforemand57r7/ Frame CC96 0
0 1098ms
114ms Document
text/html 54.230.203.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://flipboard.com/cover/@ronforemand57r7/illuminati-puppet-h9vf8khvy

Requested by

Host: evilexposed.org
URL: http://evilexposed.org/Default.aspx?_TSM_HiddenField_=ToolkitScriptManager1_HiddenField&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c+Version%3d3.0.30512.20351%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3ac73b5a33-b750-40f5-8849-44b74757ea70%3ae2e86ef9%3a1df13a87%3a3858419b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.203.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-230-203-68.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https: http: 'self' 'unsafe-inline'; img-src: '*';
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: flipboard.com
:scheme: https
:path: /cover/@ronforemand57r7/illuminati-puppet-h9vf8khvy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
cookie: f=G7kEjXCDR+2PEkGaZrCkEg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 1461
date: Sun, 13 Oct 2019 01:55:41 GMT
cache-control: max-age=10
referrer-policy: unsafe-url
content-security-policy: script-src https: http: 'self' 'unsafe-inline'; img-src: '*';
etag: W/"e36-hQ7LPgPkSczoRxlMI1xlDg"
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
x-varnish: 1103372278 1103372276
via: 1.1 varnish, 1.1 74f98ee8547ec50a6b9a4c3d010e1e0d.cloudfront.net (CloudFront)
x-varnish-cache: HIT
x-xss-protection: 1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA50
x-amz-cf-id: gbIYOKD93it_zRwM0An_y6M-8E-sXBOQPSIIT52kcmpoMXa9dPhIGA==
age: 1

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E90C 0
0 15ms
15ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&adk=1812271804&adf=3025194257&lmt=1570931740&plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fevilexposed.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570931740761&bpp=4&bdt=1911&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=69442104865408&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7043798212798004&output=html&adk=1812271804&adf=3025194257&lmt=1570931740&plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fevilexposed.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1570931740761&bpp=4&bdt=1911&fdt=5&idt=5&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=69442104865408&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=3&uci=a!3&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 13 Oct 2019 01:55:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Oct-2019 02:10:40 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 13 Oct 2019 01:55:40 GMT
cache-control: private

GET
H/1.1 200
OK rrv7.js Show response
bid.underdog.media/ 5 KB
3 KB 8ms
7ms Script
application/x-javascript 2600:9000:21f3:9600:5:c4ab:c3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 2600:9000:21f3:9600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b0d5a0216c8a1cccd0dd8df45828270113266f2c34fb5bd2e17fe0dd8bfa7e4

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:37:09 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 13 Oct 2019 01:30:04 GMT
Server: AmazonS3
Age: 1112
ETag: "9b4c0b666b49cf85afa010f805c3af23"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Cache-Control: max-age=1800
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 2042
X-Amz-Cf-Id: U3zDOv2vs5zoEayoExAHkmQ7a22rUmuU6mLpJAwB3CyHXOTw-xihMg==

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E119 0
0 23ms
22ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://evilexposed.org/
Accept-Encoding: gzip, deflate
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156505:2; KADUSERCOOKIE=43EB7A95-5809-4D64-B28B-2A597FA84FD0; chk=1; DPSync3=1573516800%3A102%7C1571011200%3A174%7C1572134400%3A197_201; SyncRTB3=1572134400%3A54_189_64_8_88_170_204_195_3_71_205_99_22_81_166_55_92_21_161_7_13_56_176_104_187%7C1571788800%3A63%7C1571529600%3A2_67_15%7C1573516800%3A203; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:f7ff5da2-7857-4400-9fd5-87db6a8d5bc8&KRTB&16736-uid:f7ff5da2-7857-4400-9fd5-87db6a8d5bc8; PugT=1570931740; KRTBCOOKIE_409=22966-ZYQ8cbv2VDzByPw3HatNTnzz; KRTBCOOKIE_188=3189-no-consent&KRTB&22716-no-consent; KRTBCOOKIE_594=17105-OPTOUT; KRTBCOOKIE_391=22924-2472918998298541739; KRTBCOOKIE_699=22727-AAMX7U67RQgAAD_FBuPw7Q&KRTB&22744-AAMX7U67RQgAAD_FBuPw7Q&KRTB&22745-AAMX7U67RQgAAD_FBuPw7Q; KRTBCOOKIE_336=5844-1125430380164455273; KRTBCOOKIE_1051=22884-18072662388134564448
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer: http://evilexposed.org/

Response headers

Last-Modified: Fri, 26 Jul 2019 09:40:01 GMT
ETag: "1300708-26ca-58e92538a370a"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 3860
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29769
Expires: Sun, 13 Oct 2019 10:11:49 GMT
Date: Sun, 13 Oct 2019 01:55:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 1E63 0
0 6ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=525bcc55e8da8faf21d75e07596636cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 10 Oct 2020 18:31:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: 008x6msfLfbul6gEgNN4m/ebHMclvx05ukASpnf6YS5sMgP5VXkGb/2byXcJAcuZ7eIvW4wIuAcn0Wmhxm3yPA==
content-length: 11778
x-fb-trip-id: 997090344
date: Sun, 13 Oct 2019 01:55:40 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 358B 0
0 229ms
229ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=363934571&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740376&bpp=181&bdt=1526&fdt=474&idt=474&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=402&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&xpc=98gNxvYWbk&p=http%3A//evilexposed.org&dtd=479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=363934571&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740376&bpp=181&bdt=1526&fdt=474&idt=474&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=402&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&xpc=98gNxvYWbk&p=http%3A//evilexposed.org&dtd=479
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Oct 2019 01:55:41 GMT
server: cafe
content-length: 23983
x-xss-protection: 0
set-cookie: IDE=AHWqTUlLAMuDd_vep2vz0qfAxBAobkaaHcP0fa0FhIpk5_FMlBopEcvAayB0N7nb; expires=Fri, 06-Nov-2020 01:55:40 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 13 Oct 2019 01:55:41 GMT
cache-control: private

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame BC26 0
615 B 177ms
177ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=2;dt=7;p=1;mid=43265;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.0958695670453984;session=1;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931740260_434773_109.236.94.21
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:40 GMT
Expires: -1d
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 0
Content-Type: application/x-javascript

GET
H/1.1 200
OK edge-logo-white.png
bid.underdog.media/ 41 KB
42 KB 6ms
6ms Image
image/png 2600:9000:21f3:9600:5:c4ab:c3c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bid.underdog.media/edge-logo-white.png
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 2600:9000:21f3:9600:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a49e266e699fa6dbb051452fc9b87e652f76975140cce9a3a186f278577ef25c

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sat, 13 Jul 2019 03:25:17 GMT
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 19 Jun 2019 19:14:07 GMT
Server: AmazonS3
Age: 167422
ETag: "5bae0786901482395f3cb1d7077d3a19"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 42097
X-Amz-Cf-Id: 0u8hZnFI6RjwEZZQotPTE8g9eke6B8ibKlejlCt6gr1xQtK2R-ABEw==

GET
H2 200 like.php
www.facebook.com/v2.8/plugins/ Frame A4B8 0
0 232ms
232ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=627442307315732&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1668d1bb3bb58%26domain%3Devilexposed.org%26origin%3Dhttp%253A%252F%252Fevilexposed.org%252Ff2cf83d891b6098%26relation%3Dparent.parent&container_width=234&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FEvil-Exposed%2F532812473503324%3Fref%3Dhl&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=525bcc55e8da8faf21d75e07596636cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/like.php?action=like&app_id=627442307315732&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1668d1bb3bb58%26domain%3Devilexposed.org%26origin%3Dhttp%253A%252F%252Fevilexposed.org%252Ff2cf83d891b6098%26relation%3Dparent.parent&container_width=234&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FEvil-Exposed%2F532812473503324%3Fref%3Dhl&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.10
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: K+EPWroX6dANKUyP1YhqS/2PvYe1tA4t/5/fh51IkYcTquXe/pyHg3RAUtYneQ9tZmBPw/4WwJebuK5si5MB7w==
date: Sun, 13 Oct 2019 01:55:41 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 739B 0
0 278ms
277ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=998295998&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740558&bpp=6&bdt=1708&fdt=330&idt=330&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C120x600&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=1022&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&xpc=8bLVPOIAD6&p=http%3A//evilexposed.org&dtd=333

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12496149311019590338/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12496149311019590338/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIitiOOQmOUCFVEEiwodStQMDw&gqi=HISiXa3-Nsnm3wP3mJaYDw&layout=/sadbundle/%24csp%253Der3%24/12496149311019590338/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7043798212798004&output=html&h=600&slotname=3867002481&adk=3413510765&adf=998295998&w=120&lmt=1570931740&guci=1.2.0.0.2.2.0.0&format=120x600&url=http%3A%2F%2Fevilexposed.org%2F&flash=0&wgl=1&adsid=NT&dt=1570931740558&bpp=6&bdt=1708&fdt=330&idt=330&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C120x600&nras=1&correlator=6274180390058&frm=20&pv=1&ga_vid=1886135941.1570931740&ga_sid=1570931741&ga_hid=1294779172&ga_fc=0&iag=0&icsg=277765198590592&dssz=49&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1107&ady=1022&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=104278955662699&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=3&uci=a!3&xpc=8bLVPOIAD6&p=http%3A//evilexposed.org&dtd=333
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12496149311019590338/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12496149311019590338/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIitiOOQmOUCFVEEiwodStQMDw&gqi=HISiXa3-Nsnm3wP3mJaYDw&layout=/sadbundle/%24csp%253Der3%24/12496149311019590338/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Oct 2019 01:55:41 GMT
server: cafe
content-length: 26531
x-xss-protection: 0
set-cookie: IDE=AHWqTUkscVi7Bu30zY3bkZFxE8__TcmQB2AzRWw2hH2c6hV6lrEgCdKZAjLTfk4E; expires=Fri, 06-Nov-2020 01:55:40 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sun, 13 Oct 2019 01:55:41 GMT
cache-control: private

GET
H/1.1 200
OK gsd Show response
router.infolinks.com/ 0
192 B 1145ms
125ms Script
text/plain 104.20.252.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://router.infolinks.com/gsd?evt=afterGSD&pid=3078329&wsid=1&pdom=evilexposed.org&purl=http%3A%2F%2Fevilexposed.org%2F&jsv=1668.011-2.067&_cb=15709317410610
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1668.011-2.067/ice.js
Protocol: HTTP/1.1
Server: 104.20.252.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:42 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
Connection: keep-alive
CF-RAY: 524db15c1ea2725d-AMS
Content-Length: 0

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 133 B
224 B 588ms
323ms Script
application/json 216.200.199.154
Zayo Bandwidth

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=668894&bid=1970117&cip=101.131.121.141&kterm=%20wes%20penre&maxcount=15&bvref=http%3A%2F%2Fevilexposed.org%2F&xml=1&u_agnt=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A69.0)%20Gecko%2F20100101%20Firefox%2F69.0&ownid=1770616&format=jsonp&callback=kk&bvwidgetid=ntv_17706161570931740369&cb=1570931740369&rows=3&cols=3&textpos=below&imagewidth=250&mobilecols=2&bvlang=en-US
Requested by: Host: bvadtgs.scdn1.secure.raxcdn.com
URL: http://bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_17706161570931740369&bvlinksownid=1770616&rows=3&cols=3&textpos=below&imagewidth=250&mobilecols=2&cb=1570931740369
Protocol: HTTP/1.1
Server: 216.200.199.154 , United States, ASN6461 (ZAYO-6461 - Zayo Bandwidth, US),
Reverse DNS: 216.200.199.154.bpath.com
Software: /
Resource Hash: b95bb292b53a6f179df359a34f677c5b85be1415ee0756d59d7649bf29fbb156

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Connection: close
Content-Length: 133
Content-Type: application/json

GET
H/1.1 200
OK pixel;r=30066642;rf=0;a=p-Pz67dCqdsHfxh;url=http%3A%2F%2Fevilexposed.org%2F;fpan=1;fpa=P0-509860984-1570931741101;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1...
pixel.quantserve.com/ 35 B
479 B 1109ms
25ms Image
image/gif 91.228.74.179
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=30066642;rf=0;a=p-Pz67dCqdsHfxh;url=http%3A%2F%2Fevilexposed.org%2F;fpan=1;fpa=P0-509860984-1570931741101;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1570931741101;tzo=-120;ogl=title.The%20Afghanistan%20Deception%20-%20Fighting%20for%20Opium%20%2Cimage.http%3A%2F%2Fevilexposed%252Eorg%2FImages%2FPuppets%2Fafganopium0001%252Ejpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 91.228.74.179 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:42 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK pixel;r=105322804;labels=edge.0%2Csid.12679;rf=0;a=p-effSsmMYCbAck;url=http%3A%2F%2Fevilexposed.org%2F;fpan=0;fpa=P0-509860984-1570931741101;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;...
pixel.quantserve.com/ 35 B
479 B 1136ms
24ms Image
image/gif 91.228.74.179
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=105322804;labels=edge.0%2Csid.12679;rf=0;a=p-effSsmMYCbAck;url=http%3A%2F%2Fevilexposed.org%2F;fpan=0;fpa=P0-509860984-1570931741101;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1570931741102;tzo=-120;ogl=title.The%20Afghanistan%20Deception%20-%20Fighting%20for%20Opium%20%2Cimage.http%3A%2F%2Fevilexposed%252Eorg%2FImages%2FPuppets%2Fafganopium0001%252Ejpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 91.228.74.179 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:42 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 manage
router.infolinks.com/usync/ Frame 5563 0
0 159ms
119ms Document
text/plain 104.20.252.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.252.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://evilexposed.org/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d62bd032f408268d230b609dfff24eb0f1570931739
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Sec-Fetch-Mode: nested-navigate
Referer: http://evilexposed.org/

Response headers

status: 200
date: Sun, 13 Oct 2019 01:55:41 GMT
content-length: 0
via: 1.1 google
alt-svc: clear
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 524db1571b9f72ed-AMS

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 1338ms
304ms XHR
application/json 68.71.249.120
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.120 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Oct 2019 01:55:42 GMT
Content-Length: 20
Content-Type: application/json

GET
H/1.1 200
OK bdvw.html Show response
bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/ 7 KB
1 KB 180ms
174ms XHR
text/html 2a02:26f0:6c00:181::2bfe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/bdvw.html?cb=1570931740369
Requested by: Host: bvadtgs.scdn1.secure.raxcdn.com
URL: http://bvadtgs.scdn1.secure.raxcdn.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_17706161570931740369&bvlinksownid=1770616&rows=3&cols=3&textpos=below&imagewidth=250&mobilecols=2&cb=1570931740369
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:181::2bfe , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 481b667ef8bbecb921a75a87ac44db8475b715c4c88e1037b5dc1a5ef349391d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Nov 2018 07:27:22 GMT
Server: Microsoft-IIS/8.5
ETag: "2c36c67beb7bd41:0"
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 937

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 5 KB
2 KB 167ms
165ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=5e398fbf1e6c67;refresh=2;
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: 624fa26a476605a2e7057f7a5d31d21b750cbf621948709805cd50d8ec4fa469

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:42 GMT
Content-Encoding: gzip
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Length: 1836
Expires: 0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 28ms
27ms Script
application/x-javascript 91.228.74.252
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=5e398fbf1e6c67;refresh=2;
Protocol: HTTP/1.1
Server: 91.228.74.252 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:43 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13-Oct-2019 01:55:43 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, must-revalidate, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Sun, 20 Oct 2019 01:55:43 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 717F 0
437 B 166ms
166ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=4;dt=7;p=1;mid=43266;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.9860955400352021;refresh=2;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931742958_552531_109.236.94.21
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:43 GMT
Expires: -1d
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 0
Content-Type: application/x-javascript

GET
H2 200 160.jpg
d1lax2pddqj38d.cloudfront.net/mid45170/ Frame 717F 16 KB
16 KB 114ms
39ms Image
image/jpeg 52.85.182.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lax2pddqj38d.cloudfront.net/mid45170/160.jpg
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.182.99 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d17b73b49ce578f5e3f1877c8cba6f1645d7443b9da80fa8aebd0980c5d1f24a

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

date: Fri, 16 Aug 2019 21:16:31 GMT
via: 1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jul 2019 22:54:04 GMT
server: AmazonS3
age: 805066
etag: "8fcc74ba220a936c6f0e7714ad160984"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=864000
x-amz-cf-pop: FRA50
accept-ranges: bytes
content-length: 15940
x-amz-cf-id: hgjkne5_pc_8Th5h9U0wR1G91lHLkabNv5DWxP61lTbdJhVEctW8jg==

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 161ms
160ms XHR
application/json 68.71.249.120
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.120 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Oct 2019 01:55:43 GMT
Content-Length: 20
Content-Type: application/json

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 7 KB
3 KB 169ms
167ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=10bba559b92bd11;refresh=2;
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: 6914824b0b11d29fb75ed78df20d4a6e10d381ca0c6ca53e4cc04dc29f2799e3

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FF6 0
0 22ms
22ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=10bba559b92bd11;refresh=2;
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://evilexposed.org/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer: http://evilexposed.org/

Response headers

Last-Modified: Fri, 26 Jul 2019 09:40:01 GMT
ETag: "1300708-26ca-58e92538a370a"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 3860
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29764
Expires: Sun, 13 Oct 2019 10:11:49 GMT
Date: Sun, 13 Oct 2019 01:55:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ Frame 880D 0
615 B 174ms
173ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=11;dt=7;p=1;mid=43267;zzz=1;version=Thu_10_10_9_31_12_2019;cb=0.2603699093999692;refresh=2;session=1;style=slider;vis=visible;traffic_info=%7B%7D;radid=1570931745176_768230_109.236.94.21
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:45 GMT
Expires: -1d
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 0
Content-Type: application/x-javascript

GET
H/1.1 200
OK 300x600.png
s3.amazonaws.com/udmimg/mid45171/ Frame 880D 53 KB
53 KB 276ms
262ms Image
image/png 54.231.120.186
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3.amazonaws.com/udmimg/mid45171/300x600.png
Requested by: Host: evilexposed.org
URL: http://evilexposed.org/
Protocol: HTTP/1.1
Server: 54.231.120.186 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8da59e02f6ae1cb5e8f36dd21dda9b4f03838c9f408d772d4006d7fe947f385

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Date: Sun, 13 Oct 2019 01:55:46 GMT
Last-Modified: Wed, 24 Jul 2019 17:52:14 GMT
Server: AmazonS3
x-amz-request-id: E91FB0477050D757
ETag: "fdefa2a49882aaf456f625bc68075d82"
Content-Type
Cache-Control: max-age=864000
Accept-Ranges: bytes
Content-Length: 54339
x-amz-id-2: wBOgpSsV9H2sofeidRw0kAi/wg7HXrkML1/qcl0J5K5qgGDyOx7nVSHN3txTPBZQ3ygfeubwb2k=

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 159ms
159ms XHR
application/json 68.71.249.120
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.120 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Oct 2019 01:55:45 GMT
Content-Length: 20
Content-Type: application/json

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 7 KB
3 KB 167ms
166ms Script
application/x-javascript 68.71.249.118
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=157447a2e5dd69a;refresh=2;
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS
Software: /
Resource Hash: 1b6605cebd8eaf93129f01d36681d337f8581ba43452e9b4f8dad13ae1be7507

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Response headers

Pragma: no-cache
Date: Sun, 13 Oct 2019 01:55:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 72B0 0
0 22ms
22ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/user_sync.html?p=156505&predirect=http%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bpmid%3D
Requested by: Host: udmserve.net
URL: http://udmserve.net/udm/img.fetch?sid=12680;tid=1;dt=6;cb=157447a2e5dd69a;refresh=2;
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://evilexposed.org/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Referer: http://evilexposed.org/

Response headers

Last-Modified: Fri, 26 Jul 2019 09:40:01 GMT
ETag: "1300708-26ca-58e92538a370a"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 3860
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29762
Expires: Sun, 13 Oct 2019 10:11:49 GMT
Date: Sun, 13 Oct 2019 01:55:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK radApi Show response
edge.udmserve.net/ 20 B
160 B 190ms
185ms XHR
application/json 68.71.249.120
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.udmserve.net/radApi
Requested by: Host: bid.underdog.media
URL: http://bid.underdog.media/udm-r3_Thu_10_10_9_31_12_2019.js
Protocol: HTTP/1.1
Server: 68.71.249.120 Atlanta, United States, ASN20093 (ZEROLAG - Total Server Solutions L.L.C., US),
Reverse DNS: underdogmedia.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://evilexposed.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Oct 2019 01:55:48 GMT
Content-Length: 20
Content-Type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: flipboard.com
URL: https://flipboard.com/cover/@ronforemand57r7/illuminati-puppet-h9vf8khvy

Verdicts & Comments Add Verdict or Comment

503 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adsby.bidtheatre.com/	1970-01-19 04:32:16	Name: __kuid Value: 6a0db376-41be-4cf2-973a-00786573bd6b.340145757
			.pubmatic.com/	1970-01-19 06:31:47	Name: PUBMDCID Value: 3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bdv.bidvertiser.com
bid.underdog.media
bvadtgs.scdn1.secure.raxcdn.com
cdn.flipboard.com
connect.facebook.net
d1lax2pddqj38d.cloudfront.net
edge.quantserve.com
edge.udmserve.net
evilexposed.org
flipboard.com
fpn.flipboard.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
resources.infolinks.com
router.infolinks.com
rules.quantcount.com
s3.amazonaws.com
staticxx.facebook.com
sync.1rx.io
sync.search.spotxchange.com
sync.technoratimedia.com
udmserve.net
www.evilexposed.org
www.facebook.com
www.google-analytics.com
www.googletagservices.com
flipboard.com
104.20.252.85
132.148.141.140
185.94.180.125
2.18.233.180
216.200.199.154
2600:9000:200c:ae00:e:5a70:ca47:86e1
2600:9000:2156:1000:6:44e3:f8c0:93a1
2600:9000:2156:fc00:14:85db:2b40:93a1
2600:9000:21f3:9600:5:c4ab:c3c0:93a1
2a00:1450:4001:814::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:820::200a
2a02:26f0:6c00:181::2bfe
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.222.241.144
37.252.173.22
52.85.182.99
54.230.203.68
54.231.120.186
68.71.249.118
68.71.249.120
8.41.222.152
91.228.74.179
91.228.74.252
02c1a0156c58750c3596e5248047a047e80cbad3906a01a69e400ad50193b15b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cc341c8cb262f138fcd7926b9ec6dbe5216bd9207c575ecd4be67128d69e315
0fb098939046ccabbe16ce2e1df7a62cfaf1ad2faa3ce553ce2e4c66c84383ec
11b7d9deb71801d4777db85b9da02fc747e733e90f59b3302ecbca1f50e3c314
12177888e1fdacaa78417a5636bbb1cd024e0d126ef8df685c73f4456ffaef6b
128869a25131fc642133dda16f4e88b723e1623e20234a39d260a1f0267c518f
1508d970e4e51e086f493a8a7e6620b87cb4517891c9c5e84c7204cb1d76235f
1b0d5a0216c8a1cccd0dd8df45828270113266f2c34fb5bd2e17fe0dd8bfa7e4
1b6605cebd8eaf93129f01d36681d337f8581ba43452e9b4f8dad13ae1be7507
238b7d800f8828811a27a3b976a3df821e9137f9bd9cb621780d969dadb7c643
2b7d90b38af7d02b199154f672dd04a666310f04dbc66e5fb8bf8bac3551f079
3c03906803787c98c7a57e54ee26eb91927164d5b00493ddb2cdb50d31f0dada
3dcd390703a84211059b8337bfd4f335aceda9c5762f75ef5789abddb8f99181
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
430eb1601d299045147d2bec978a8a9525ddf40ef18cb9465c4f23747281cdd0
4774f849a15ce755bdc4721c10eb47a87cbeeda1ffbf666b7672b6c8edf75910
481b667ef8bbecb921a75a87ac44db8475b715c4c88e1037b5dc1a5ef349391d
4c6ebc58d3cf8c131d99dd1adfd0c09ae67731226711fbe83132e17e8c2f6233
4defa861f3a1f0bcd19309491db71761fe3ee782da9faca62cf7259d065a821e
4f4f982d76f26f242e86fb4d22062b5e3f7687e260b950006e0babcfe5e08fcc
5370433ee2bffd2ae12b033a997343d094b5c853b09243a06f4850a13bc0e5aa
53a05bf15dea36f4305dd1984132d801bb427b5a4f6efbc461a6710ec507601d
584561ca290d7684423ec493fab310e18508afd456e860ce1a30d85dfcade6a2
624fa26a476605a2e7057f7a5d31d21b750cbf621948709805cd50d8ec4fa469
62888019486c1502dd5465f4dfb2976f12623392655c4391e2ec1516b1c57dbe
662f45a282070612f3c12f8ac58e16da5644c667ed5fc8c3e62094920475984e
678abaac78b48f0d8e802bcdf5654e4d887b31e6c91e25b535a37a31e59bd59c
6914824b0b11d29fb75ed78df20d4a6e10d381ca0c6ca53e4cc04dc29f2799e3
6c16f999c2279e02e8d82d7bc30ea3be48fb3add8cbe000be39fbc4dc927020d
6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e
70cb6b3c598a779dcc5fe0ca8dadad06d9d32f1694fe56da81c02dad2c0f4595
742abb70a9afe309bb5b3e08e95501fb865414f955bea42b4d168bb90a0da9fb
7c70eaaf585f324d16690bbc22375523a2b364b90d7fc840275cc9a315f56911
7fa9d325558a8c877fe52b509a8dce8cd63107f08617fb9f8e3247be5885df81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8552cd7159be52b79d24a33f3ca941cbb7cd0ff99dcb9f753a296e0408c57678
85e78abbd5384c61f14077c90083768afa12648d042077fdd0a6b315a30757a9
8774f1fa9898e3c0b9e7516740384f8ccf84af03302a4c828f439f4e2b982816
89943a85217d7d2f3fbeeb19b1f276b2e271ae0c3fbc364f31d5fdb102b32cb4
8e7ad8de87781f6ad65b36a7d3243b44d80dc182df6af076484a2bec85051550
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9d62e0ead87b7432af1765a27fa54709dd243c499f010c20567552ef3e71dcb7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a474e114b69be56a305547a302e3a3c8b0609c37ac6135543ef6e69365102606
a49e266e699fa6dbb051452fc9b87e652f76975140cce9a3a186f278577ef25c
a5906b5c4863b59fff8d8e2c8825af1b6252f9db1c27ad7fd92ecbf78bdea8f7
a7048eff38ea80e01d15290ee8c0990e5a1d7a20abd4a56b1b575f6888655c1a
a79a00bde36060a6e2d27dc54ae0335a266ce8385b4e38db2ec6bbcf4872c780
a7cdeada70cf360ba776b54b61c443507c00f2f375493119c31bcc515f204eb6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43da5502aac63efbd55aa91dd808b99b0ab74944b64d5d1d67a4680a5b62e21
b95bb292b53a6f179df359a34f677c5b85be1415ee0756d59d7649bf29fbb156
ba7b53edf5072224bd1b80c763da7486901f8d9b2735baf749f3076d2eebb7c6
c66f15f3f62139ddbb522bf8d66f8e9dd51aa40611fffa59e8de423596cfeaff
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb176ffc1151233a6765889b8da129b8f40cbe277b8490cddc79ec921e17381b
cf20253d65d8975f902f855af610293f10d7d4a522f89accb59287c13584a555
d17b73b49ce578f5e3f1877c8cba6f1645d7443b9da80fa8aebd0980c5d1f24a
d7a4012a468a58e90d98c07bd28cfc6175017752912d976c1563885f3552ea9a
d7d27d6f9f1531b1239f15cb86fa96e90d4bc4f87da6c74ad443ea9dfa76ff3e
d85aa22d9da98a2cff4b5fa9ff8bc3ea181d129f95cc35e3729b79999329d6ca
d8da59e02f6ae1cb5e8f36dd21dda9b4f03838c9f408d772d4006d7fe947f385
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
e4bcee3d08734d393d9e22f2df33bec1b17e8649ac2962c5b09a71e10b686714
e69c559710aee763765953f58d1814b2f2617557acf3050e63a593d9d00a81c7
e93d38595033034514f8b36c1e280e3118e9f35df311bdacfd61bb71ae1fe1cd
ea851ab367bde9266526c1ea520e0b0d78af395f0eaacd1ab4d7b3821011d572
f14571276819f869e6dae25e02f839c8876fbb8ce7ad1add56fec53fe2ba1ec4

evilexposed.org Open in urlscan Pro 132.148.141.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

22 %HTTPS

44 %IPv6

25 Domains

32 Subdomains

24 IPs

6 Countries

2549 kBTransfer

4267 kBSize

2 Cookies

1 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

evilexposed.org Open in urlscan Pro
132.148.141.140 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

22 %
HTTPS

44 %
IPv6

25
Domains

32
Subdomains

24
IPs

6
Countries

2549 kB
Transfer

4267 kB
Size

2
Cookies

103 HTTP transactions
0 data transactions