urlscan.io logo urlscan.io
SecurityTrails logo

www.googlem.cf Open in urlscan Pro
2a00:1450:4001:808::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.googlem.cf/
Submission: On March 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2a00:1450:4001:808::2013, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is www.googlem.cf.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 3rd 2019. Valid for: 3 months.
This is the only time www.googlem.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
1 1 176.32.110.204 16509 (AMAZON-02)
1 54.192.201.128 16509 (AMAZON-02)
1 52.95.120.120 16509 (AMAZON-02)
4 143.204.211.231 16509 (AMAZON-02)
12 12 2a00:1450:400... 15169 (GOOGLE)
3 151.101.120.193 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.122.49 54113 (FASTLY)
3 52.94.218.7 16509 (AMAZON-02)
26 12
2    2a00:1450:4001:808::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googlem.cf
1    176.32.110.204 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ws-in.amazon-adsystem.com
1    54.192.201.128 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-201-128.fra50.r.cloudfront.net
images-eu.ssl-images-amazon.com
1    52.95.120.120 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ir-in.amazon-adsystem.com
4    143.204.211.231 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-211-231.fra53.r.cloudfront.net
c.amazon-adsystem.com
12    2a00:1450:4001:806::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
goo.gl
3    151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i.imgur.com
4    2a00:1450:4001:819::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1.bp.blogspot.com
2.bp.blogspot.com
3    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
lh5.googleusercontent.com
lh3.googleusercontent.com
1    2a02:26f0:6c00:190::1931 (European Union)

ASN20940 (AKAMAI-ASN1, US)
i.pinimg.com
1    2a02:26f0:6c00:18d::1931 (European Union)

ASN20940 (AKAMAI-ASN1, US)
i.pinimg.com
1    151.101.122.49 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
media1.tenor.com
3    52.94.218.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax-eu.amazon-adsystem.com
Domain Requested by
12 goo.gl 12 redirects
4 c.amazon-adsystem.com www.googlem.cf
c.amazon-adsystem.com
3 aax-eu.amazon-adsystem.com c.amazon-adsystem.com
3 1.bp.blogspot.com www.googlem.cf
3 i.imgur.com www.googlem.cf
2 i.pinimg.com www.googlem.cf
2 lh5.googleusercontent.com www.googlem.cf
2 www.googlem.cf www.googlem.cf
1 2.bp.blogspot.com www.googlem.cf
1 media1.tenor.com www.googlem.cf
1 lh3.googleusercontent.com www.googlem.cf
1 ir-in.amazon-adsystem.com www.googlem.cf
1 images-eu.ssl-images-amazon.com www.googlem.cf
1 ws-in.amazon-adsystem.com 1 redirects
26 14

This site contains links to these domains. Also see Links.

Domain
www.amazon.in
www.facebook.com
www.blogger.com
Subject Issuer Validity Valid
www.googlem.cf
Let's Encrypt Authority X3		 2019-03-03 -
2019-06-01		 3 months crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2019-02-21 -
2019-07-19		 5 months crt.sh
www.assoc-amazon.fr
Amazon		 2018-06-11 -
2019-06-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-02-12		 a year crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2019-02-13 -
2019-05-08		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-01-10 -
2019-06-26		 6 months crt.sh
q2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-02-19 -
2019-10-11		 8 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2018-12-12 -
2019-12-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.googlem.cf/
Frame ID: 0B2F75676859FE8AFA667C18DC9B10DD
Requests: 23 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Frame ID: F927EEEACE491A1EBCFEFC8C024AA8EA
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Frame ID: 7E1199569F33ADA88D82E7621D110B4D
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Frame ID: 28C082752C144DD561EDA7E39DB4A669
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

26
Requests

85 %
HTTPS

46 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

4822 kB
Transfer

4839 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ws-in.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=IN&ASIN=B077Q19RF9&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=smartup01-21 HTTP 302
  • https://images-eu.ssl-images-amazon.com/images/I/31u3V5PgS4L._SL250_.jpg
Request Chain 4
  • https://goo.gl/r76nf9 HTTP 302
  • https://i.imgur.com/hZYspPZ.png
Request Chain 5
  • https://goo.gl/21utWa HTTP 302
  • https://i.imgur.com/wvTcj2L.png
Request Chain 6
  • https://goo.gl/k5Y2u9 HTTP 302
  • https://i.imgur.com/Fd7Pn9E.png
Request Chain 7
  • https://goo.gl/LkSuLn HTTP 302
  • http://1.bp.blogspot.com/-Ukqlz_ayZ-M/WwznMjBUGHI/AAAAAAAAnOg/9ph1rS1-X40cMW9W4wyKkffQJLoOGyB7gCK4BGAYYCw/s400/Snow.gif
Request Chain 8
  • https://goo.gl/Zxr4np HTTP 302
  • https://lh5.googleusercontent.com/proxy/JFPi2aKWI2yaz_NgfgFQyXy7gXrP0GTcpiPFYVH7S1ueQs_Sg75w3Wk2MBKuVwp3BP1EOpg_1bb1VzC5vr8rbad3sgdQ_CwEZIEzOA13_6gToxrxxvWg70RlXGMfuSXWLy-gVg=w384-h384-nc
Request Chain 9
  • https://goo.gl/Wd1ZW9 HTTP 302
  • https://i.pinimg.com/originals/70/b9/08/70b908edd4f2284043c4daf32daa2e2d.gif
Request Chain 10
  • https://goo.gl/wPiMnA HTTP 302
  • https://lh3.googleusercontent.com/-LpIaXXBpZNw/VaM4GatWjiI/AAAAAAAD7UQ/khgFxpKCvXk/w506-h690-p-rw/shiv%2Brajesh%2Bdesai.gif
Request Chain 11
  • https://goo.gl/sFvcus HTTP 302
  • https://i.pinimg.com/originals/f4/85/f1/f485f1c9c7095ff778e55679f80a8902.gif
Request Chain 12
  • https://goo.gl/ZEYJ8D HTTP 302
  • https://media1.tenor.com/images/0ac6a42cbb3efac734d61dac10942fe6/tenor.gif?itemid=8761452
Request Chain 13
  • https://goo.gl/woDVuv HTTP 302
  • http://1.bp.blogspot.com/-o9QJSrH55WU/WwznMkVodXI/AAAAAAAAnOs/VQ06MiainS4BDhQsrzDBzsgMFemspGYJwCK4BGAYYCw/s400/c.gif
Request Chain 14
  • https://goo.gl/ReKHXA HTTP 302
  • https://2.bp.blogspot.com/-_u5AYIaCWzk/W0CVKcV0gsI/AAAAAAAAAU8/Aaq43bMsKj8WBzM0cdnN7wVkL84z1h2-QCLcBGAs/s1600/wp.png
Request Chain 15
  • https://goo.gl/aam3wh HTTP 302
  • https://1.bp.blogspot.com/-kSYvwAW8sBk/W3D6T_W2g6I/AAAAAAAAAqw/nZITQws8eHQFFMtzvgdS4SiJ0iDWwehlgCLcBGAs/s1600/facebook_logo.png

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.googlem.cf/ 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
649f302f92445a75cecfc3890566391289ff49fa7de81462402f3d0932ec785d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.googlem.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Sun, 03 Mar 2019 11:40:33 GMT
date
Sun, 03 Mar 2019 11:40:33 GMT
cache-control
private, max-age=0
last-modified
Sun, 03 Mar 2019 11:33:31 GMT
etag
W/"47483d750b22517c5c5a027608da6c6457ce20e09ade5f67bc2fa5cfbb0cb940"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
6484
server
GSE
31u3V5PgS4L._SL250_.jpg
images-eu.ssl-images-amazon.com/images/I/
Redirect Chain
  • https://ws-in.amazon-adsystem.com/widgets/q?_encoding=UTF8&MarketPlace=IN&ASIN=B077Q19RF9&ServiceVersion=20070822&ID=AsinImage&WS=1&Format=_SL250_&tag=smartup01-21
  • https://images-eu.ssl-images-amazon.com/images/I/31u3V5PgS4L._SL250_.jpg
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/I/31u3V5PgS4L._SL250_.jpg
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.201.128 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-201-128.fra50.r.cloudfront.net
Software
Server /
Resource Hash
0aeb36e06ac5850675737b0fc11849e98f887f2c9be07c15131c36f019de0513

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 08 Jan 2019 17:45:19 GMT
via
1.1 1415e6a9d308119037d1fa89386da72a.cloudfront.net (CloudFront)
last-modified
Sat, 15 Sep 2018 06:48:25 GMT
server
Server
age
4747757
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
e9a6aa68-8a83-4144-9db7-6de7833ad77f
timing-allow-origin
https://www.amazon.com
access-control-allow-origin
*
content-length
6389
x-amz-cf-id
vOBS7sU2l20W_SO38DArT1blLUAmzLOSmPb5Wnji8XJp9CSH7ulXXA==
expires
Fri, 22 Oct 2038 00:15:40 GMT

Redirect headers

Location
https://images-eu.ssl-images-amazon.com/images/I/31u3V5PgS4L._SL250_.jpg
Date
Sun, 03 Mar 2019 11:40:33 GMT
Server
Server
Content-Length
0
Vary
User-Agent
nnCoection
close
ir
ir-in.amazon-adsystem.com/e/ 		42 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir-in.amazon-adsystem.com/e/ir?t=smartup01-21&l=am2&o=31&a=B077Q19RF9
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.120.120 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache
Connection
close
Content-Length
42
Content-Type
image/gif
assoc.js
c.amazon-adsystem.com/aax2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/assoc.js
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
Server /
Resource Hash
be36e4b70d9c44f1e27c4de7c2b8ba3a2e0084bfcfa8eb8d78ad62819209fac9

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Mar 2019 10:21:04 GMT
Content-Encoding
gzip
Server
Server
Age
4781
ETag
091ad04fb59602dd2dcecfea8b9b4883
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control
public, max-age=3600, s-maxage=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
898
X-Amz-Cf-Id
-BEDXYaa1kXq5E4x4frfWph_L7sfF8ZzG1RYEWEiSmeOADBG_4hb2A==
main.css
www.googlem.cf/ 		0
0
hZYspPZ.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/r76nf9
  • https://i.imgur.com/hZYspPZ.png
465 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/hZYspPZ.png
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
99bd726620138ead54819feb57020c6a53025c590b5d87d027eb670563699dbb

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 11:40:33 GMT
age
438600
x-cache
HIT, HIT
status
200
content-length
476108
x-served-by
cache-bwi5145-BWI, cache-cdg20728-CDG
last-modified
Tue, 26 Feb 2019 09:50:29 GMT
server
cat factory 1.0
x-timer
S1551613234.672905,VS0,VE2
etag
"8a6142b1e6e61933bfac09be62286703"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://i.imgur.com/hZYspPZ.png
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-EydPp3tu7slwQrYNf8+BQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-EydPp3tu7slwQrYNf8+BQQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
wvTcj2L.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/21utWa
  • https://i.imgur.com/wvTcj2L.png
451 KB
451 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/wvTcj2L.png
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1e76e3b4c84984ccefb3480404a7f142be0bc1fa29090e59aa167b5f2803c4f7

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 11:40:33 GMT
age
438590
x-cache
HIT, HIT
status
200
content-length
461727
x-served-by
cache-bwi5133-BWI, cache-cdg20728-CDG
last-modified
Tue, 26 Feb 2019 09:50:41 GMT
server
cat factory 1.0
x-timer
S1551613234.673055,VS0,VE1
etag
"b715bf3c1f3738a948bddff98b770fb9"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://i.imgur.com/wvTcj2L.png
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-R8ahF4rMHzjcbQf2N4kt3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-R8ahF4rMHzjcbQf2N4kt3w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
Fd7Pn9E.png
i.imgur.com/
Redirect Chain
  • https://goo.gl/k5Y2u9
  • https://i.imgur.com/Fd7Pn9E.png
624 KB
625 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Fd7Pn9E.png
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a2d244b21e057cd771234811e1047c3c3a8ed682d9fa7cc8c76a9131adf34307

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 11:40:33 GMT
age
438536
x-cache
HIT, HIT
status
200
content-length
639331
x-served-by
cache-bwi5147-BWI, cache-cdg20728-CDG
last-modified
Tue, 26 Feb 2019 09:50:52 GMT
server
cat factory 1.0
x-timer
S1551613234.673021,VS0,VE1
etag
"f8a2995ae24ada60faaae54d8fdee86c"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://i.imgur.com/Fd7Pn9E.png
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-aA3C73KYhq+jJfsm6iq0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-aA3C73KYhq+jJfsm6iq0oA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
Snow.gif
1.bp.blogspot.com/-Ukqlz_ayZ-M/WwznMjBUGHI/AAAAAAAAnOg/9ph1rS1-X40cMW9W4wyKkffQJLoOGyB7gCK4BGAYYCw/s400/
Redirect Chain
  • https://goo.gl/LkSuLn
  • http://1.bp.blogspot.com/-Ukqlz_ayZ-M/WwznMjBUGHI/AAAAAAAAnOg/9ph1rS1-X40cMW9W4wyKkffQJLoOGyB7gCK4BGAYYCw/s400/Snow.gif
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.bp.blogspot.com/-Ukqlz_ayZ-M/WwznMjBUGHI/AAAAAAAAnOg/9ph1rS1-X40cMW9W4wyKkffQJLoOGyB7gCK4BGAYYCw/s400/Snow.gif
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
71c394e2d7b9c3dc5d654080613cd6e4facb04fe5d9e53c036192be2258e1003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Mar 2019 09:49:14 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
6679
ETag
"v9cf2"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="Snow.gif"
Timing-Allow-Origin
*
Content-Length
23685
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Feb 2019 20:31:11 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
http://1.bp.blogspot.com/-Ukqlz_ayZ-M/WwznMjBUGHI/AAAAAAAAnOg/9ph1rS1-X40cMW9W4wyKkffQJLoOGyB7gCK4BGAYYCw/s400/Snow.gif
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-gF2SNPIEZVRfBDhD/Eqr0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-gF2SNPIEZVRfBDhD/Eqr0A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
JFPi2aKWI2yaz_NgfgFQyXy7gXrP0GTcpiPFYVH7S1ueQs_Sg75w3Wk2MBKuVwp3BP1EOpg_1bb1VzC5vr8rbad3sgdQ_CwEZIEzOA13_6gToxrxxvWg70RlXGMfuSXWLy-gVg=w384-h384-nc
lh5.googleusercontent.com/proxy/
Redirect Chain
  • https://goo.gl/Zxr4np
  • https://lh5.googleusercontent.com/proxy/JFPi2aKWI2yaz_NgfgFQyXy7gXrP0GTcpiPFYVH7S1ueQs_Sg75w3Wk2MBKuVwp3BP1EOpg_1bb1VzC5vr8rbad3sgdQ_CwEZIEzOA13_6gToxrxxvWg70RlXGMfuSXWLy-gVg=w384-h384-nc
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/JFPi2aKWI2yaz_NgfgFQyXy7gXrP0GTcpiPFYVH7S1ueQs_Sg75w3Wk2MBKuVwp3BP1EOpg_1bb1VzC5vr8rbad3sgdQ_CwEZIEzOA13_6gToxrxxvWg70RlXGMfuSXWLy-gVg=w384-h384-nc
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://lh5.googleusercontent.com/proxy/JFPi2aKWI2yaz_NgfgFQyXy7gXrP0GTcpiPFYVH7S1ueQs_Sg75w3Wk2MBKuVwp3BP1EOpg_1bb1VzC5vr8rbad3sgdQ_CwEZIEzOA13_6gToxrxxvWg70RlXGMfuSXWLy-gVg=w384-h384-nc
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-6WuWLDnXEDGMTIL4y9IoGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-6WuWLDnXEDGMTIL4y9IoGQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
70b908edd4f2284043c4daf32daa2e2d.gif
i.pinimg.com/originals/70/b9/08/
Redirect Chain
  • https://goo.gl/Wd1ZW9
  • https://i.pinimg.com/originals/70/b9/08/70b908edd4f2284043c4daf32daa2e2d.gif
59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/70/b9/08/70b908edd4f2284043c4daf32daa2e2d.gif
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:190::1931 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1b9a96bca79e3d5cfacffae15b8f843ed1bbcdde71860b0984d46bd5f2cc9581

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN
akamai
ETag
"3ba050ed6898f438a0afa1beaf718961"
Vary
Origin
Content-Type
image/gif
Cache-Control
immutable, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60648

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://i.pinimg.com/originals/70/b9/08/70b908edd4f2284043c4daf32daa2e2d.gif
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-zhQc95AB5v1ZFdLctjwwzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-zhQc95AB5v1ZFdLctjwwzQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
shiv%2Brajesh%2Bdesai.gif
lh3.googleusercontent.com/-LpIaXXBpZNw/VaM4GatWjiI/AAAAAAAD7UQ/khgFxpKCvXk/w506-h690-p-rw/
Redirect Chain
  • https://goo.gl/wPiMnA
  • https://lh3.googleusercontent.com/-LpIaXXBpZNw/VaM4GatWjiI/AAAAAAAD7UQ/khgFxpKCvXk/w506-h690-p-rw/shiv%2Brajesh%2Bdesai.gif
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-LpIaXXBpZNw/VaM4GatWjiI/AAAAAAAD7UQ/khgFxpKCvXk/w506-h690-p-rw/shiv%2Brajesh%2Bdesai.gif
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
fd8e334ebc21968b23b2f84f4bb9d773885b38e85ed2eb4d155ffa52bcc3f340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 10:28:20 GMT
x-content-type-options
nosniff
age
4333
status
200
content-disposition
inline;filename="shiv rajesh desai.gif"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
1562801
x-xss-protection
1; mode=block
server
fife
etag
"v6c109"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Mar 2019 04:58:25 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://lh3.googleusercontent.com/-LpIaXXBpZNw/VaM4GatWjiI/AAAAAAAD7UQ/khgFxpKCvXk/w506-h690-p-rw/shiv%2Brajesh%2Bdesai.gif
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-et6wwXQlHSS1wTSy+K9G6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-et6wwXQlHSS1wTSy+K9G6g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
f485f1c9c7095ff778e55679f80a8902.gif
i.pinimg.com/originals/f4/85/f1/
Redirect Chain
  • https://goo.gl/sFvcus
  • https://i.pinimg.com/originals/f4/85/f1/f485f1c9c7095ff778e55679f80a8902.gif
143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/f4/85/f1/f485f1c9c7095ff778e55679f80a8902.gif
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::1931 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e31d9a14cc2b9a5dd8a69bccd6dd059fa162d37fba5bc6772efac5431b58acd9

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN
akamai
ETag
"92b4171d3dbc232b64c4151420c914fd"
Vary
Origin
Content-Type
image/gif
Cache-Control
immutable, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146417

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://i.pinimg.com/originals/f4/85/f1/f485f1c9c7095ff778e55679f80a8902.gif
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-UTTt7XtXvgBCstnp4aouhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-UTTt7XtXvgBCstnp4aouhw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
tenor.gif
media1.tenor.com/images/0ac6a42cbb3efac734d61dac10942fe6/
Redirect Chain
  • https://goo.gl/ZEYJ8D
  • https://media1.tenor.com/images/0ac6a42cbb3efac734d61dac10942fe6/tenor.gif?itemid=8761452
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1.tenor.com/images/0ac6a42cbb3efac734d61dac10942fe6/tenor.gif?itemid=8761452
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.122.49 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a734fafc318c2157643a26cd52863ca0f043d24663454091bef8404f1296f524

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
age
113041
x-cache
MISS, HIT
status
200
date
Sun, 03 Mar 2019 11:40:33 GMT
content-length
1407096
x-amz-id-2
pjSHEeCZczig+x2+tyroY6XkHcaHp/ASjHce8gOSM8g1W4uZj8nR2IpxXvkl1hstOWNhW8X0yRQ=
x-served-by
cache-sea1031-SEA, cache-cdg20725-CDG
last-modified
Sat, 13 Jan 2018 02:00:58 GMT
server
AmazonS3
x-timer
S1551613234.823681,VS0,VE22
etag
"0ac6a42cbb3efac734d61dac10942fe6"
vary
Accept, Accept
x-amz-request-id
75C8BC846DB1BBC1
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0, 1

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://media1.tenor.com/images/0ac6a42cbb3efac734d61dac10942fe6/tenor.gif?itemid=8761452
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-mxlqT/1ZwUOIQ2pBhRwnRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-mxlqT/1ZwUOIQ2pBhRwnRA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
c.gif
1.bp.blogspot.com/-o9QJSrH55WU/WwznMkVodXI/AAAAAAAAnOs/VQ06MiainS4BDhQsrzDBzsgMFemspGYJwCK4BGAYYCw/s400/
Redirect Chain
  • https://goo.gl/woDVuv
  • http://1.bp.blogspot.com/-o9QJSrH55WU/WwznMkVodXI/AAAAAAAAnOs/VQ06MiainS4BDhQsrzDBzsgMFemspGYJwCK4BGAYYCw/s400/c.gif
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.bp.blogspot.com/-o9QJSrH55WU/WwznMkVodXI/AAAAAAAAnOs/VQ06MiainS4BDhQsrzDBzsgMFemspGYJwCK4BGAYYCw/s400/c.gif
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Mar 2019 08:03:00 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
13053
ETag
"v9cf3"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="c.gif"
Timing-Allow-Origin
*
Content-Length
26849
X-XSS-Protection
1; mode=block
Expires
Sat, 23 Feb 2019 16:18:05 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
http://1.bp.blogspot.com/-o9QJSrH55WU/WwznMkVodXI/AAAAAAAAnOs/VQ06MiainS4BDhQsrzDBzsgMFemspGYJwCK4BGAYYCw/s400/c.gif
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-ktmMbd/JnQfxPc1dmFcJFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-ktmMbd/JnQfxPc1dmFcJFw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
wp.png
2.bp.blogspot.com/-_u5AYIaCWzk/W0CVKcV0gsI/AAAAAAAAAU8/Aaq43bMsKj8WBzM0cdnN7wVkL84z1h2-QCLcBGAs/s1600/
Redirect Chain
  • https://goo.gl/ReKHXA
  • https://2.bp.blogspot.com/-_u5AYIaCWzk/W0CVKcV0gsI/AAAAAAAAAU8/Aaq43bMsKj8WBzM0cdnN7wVkL84z1h2-QCLcBGAs/s1600/wp.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-_u5AYIaCWzk/W0CVKcV0gsI/AAAAAAAAAU8/Aaq43bMsKj8WBzM0cdnN7wVkL84z1h2-QCLcBGAs/s1600/wp.png
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
17f3f0f474eb23143eaa753171a5a2b96693eca972610c9646fbc953e4e80992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 10:02:05 GMT
x-content-type-options
nosniff
age
5908
status
200
content-disposition
inline;filename="wp.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2700
x-xss-protection
1; mode=block
server
fife
etag
"v150"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 02 Mar 2019 04:52:11 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://2.bp.blogspot.com/-_u5AYIaCWzk/W0CVKcV0gsI/AAAAAAAAAU8/Aaq43bMsKj8WBzM0cdnN7wVkL84z1h2-QCLcBGAs/s1600/wp.png
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-HrDB1EcJ7KiPC26IosepNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-HrDB1EcJ7KiPC26IosepNg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
facebook_logo.png
1.bp.blogspot.com/-kSYvwAW8sBk/W3D6T_W2g6I/AAAAAAAAAqw/nZITQws8eHQFFMtzvgdS4SiJ0iDWwehlgCLcBGAs/s1600/
Redirect Chain
  • https://goo.gl/aam3wh
  • https://1.bp.blogspot.com/-kSYvwAW8sBk/W3D6T_W2g6I/AAAAAAAAAqw/nZITQws8eHQFFMtzvgdS4SiJ0iDWwehlgCLcBGAs/s1600/facebook_logo.png
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kSYvwAW8sBk/W3D6T_W2g6I/AAAAAAAAAqw/nZITQws8eHQFFMtzvgdS4SiJ0iDWwehlgCLcBGAs/s1600/facebook_logo.png
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
5d9d373face27b27193271d6616178c41794cedae741a5ff22b758edabb3a681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 09:03:20 GMT
x-content-type-options
nosniff
age
9433
status
200
content-disposition
inline;filename="facebook_logo.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
35100
x-xss-protection
1; mode=block
server
fife
etag
"v2ad"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Mar 2019 20:41:38 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
location
https://1.bp.blogspot.com/-kSYvwAW8sBk/W3D6T_W2g6I/AAAAAAAAAqw/nZITQws8eHQFFMtzvgdS4SiJ0iDWwehlgCLcBGAs/s1600/facebook_logo.png
date
Sun, 03 Mar 2019 11:40:33 GMT
x-frame-options
SAMEORIGIN
content-type
application/binary
status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-L8TK/Y8VLhqvErNJglv3/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-L8TK/Y8VLhqvErNJglv3/Q' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookienotice.js
www.googlem.cf/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googlem.cf/js/cookienotice.js
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/cookienotice.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googlem.cf
referer
https://www.googlem.cf/
:scheme
https
:method
GET
Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 11:40:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 03 Mar 2019 07:07:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
1; mode=block
expires
Sun, 10 Mar 2019 11:40:33 GMT
getad
aax-eu.amazon-adsystem.com/x/ 		29 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/x/getad?jsd=1&src=302&c=100&sz=300x250&ec=0&u=https%3A%2F%2Fwww.googlem.cf%2F&cup=%7BlinkCode%3A%22ax1%22%2Ctag%3A%22smartup01-21%22%7D&pub=smartup01-21&rnd=169783
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
d3c287d0c893aad65841033b771f7f3dc407ddca55446f14dbf5dc2c6468d960

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 03 Mar 2019 11:40:33 GMT
Server
Server
Connection
keep-alive
Content-Length
29
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
assoc_lra.html
c.amazon-adsystem.com/aax2/ Frame F927 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
c.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.googlem.cf/
Accept-Encoding
gzip, deflate, br
Cookie
ad-id=Ayrf9S5lBUpRrQc8IBY5LZA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.googlem.cf/

Response headers

Content-Type
text/html
Content-Length
3858
Connection
keep-alive
x-amz-id-2
iECySV1xdgIlXgUPc73G2LTS0nFoSWJ+i4CPPnNF3/srBoNKBwNKpuK5KlL5MEdwFGW2RpOKR5c=
x-amz-request-id
4CDA4D9E91CD8DC3
Last-Modified
Mon, 11 Jul 2016 15:40:57 GMT
Accept-Ranges
bytes
Server
AmazonS3
Date
Sun, 03 Mar 2019 08:17:16 GMT
ETag
"89b3869c44a37fc7985a72324cb2c2f5"
Age
12198
X-Cache
Hit from cloudfront
Via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dNjyNSIhBTditqmueMJq7_E7s46GF7rsHmXCFCTsGeQt6sPyG2ryOA==
main.css
www.googlem.cf/ 		0
0
froQ3lIZeMyAdph--wlVirBh7CiJaTN7o2stIeEOevDY6AkJ0XT6Zy2319deSSOMIq7y7ybw63eRCWEwdBeWIMb8PawmPGZuSHlGPOsbNF2PR-6Gu4UON7ommb_OEFLf30y9NyzPuw9MCelK3JNXCzfCleMdudRaSEEiFoKbIHK6=s0-d
lh5.googleusercontent.com/proxy/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/froQ3lIZeMyAdph--wlVirBh7CiJaTN7o2stIeEOevDY6AkJ0XT6Zy2319deSSOMIq7y7ybw63eRCWEwdBeWIMb8PawmPGZuSHlGPOsbNF2PR-6Gu4UON7ommb_OEFLf30y9NyzPuw9MCelK3JNXCzfCleMdudRaSEEiFoKbIHK6=s0-d
Requested by
Host: www.googlem.cf
URL: https://www.googlem.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
e7c6cf13b32c422d571e4cc86beb52f17d963df049bef2732201614c94ea0fc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Mar 2019 11:02:28 GMT
x-content-type-options
nosniff
age
2285
status
200
content-disposition
attachment;filename="unnamed.gif"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
70722
x-xss-protection
1; mode=block
server
fife
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 04 Mar 2019 11:02:28 GMT
getad
aax-eu.amazon-adsystem.com/x/ 		29 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/x/getad?jsd=1&src=302&c=100&sz=300x250&ec=0&u=https%3A%2F%2Fwww.googlem.cf%2F&cup=%7BlinkCode%3A%22ax1%22%2Ctag%3A%22smartup01-21%22%7D&pub=smartup01-21&rnd=863414
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
d3c287d0c893aad65841033b771f7f3dc407ddca55446f14dbf5dc2c6468d960

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 03 Mar 2019 11:40:33 GMT
Server
Server
Connection
keep-alive
Content-Length
29
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
assoc_lra.html
c.amazon-adsystem.com/aax2/ Frame 7E11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
c.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.googlem.cf/
Accept-Encoding
gzip, deflate, br
Cookie
ad-id=Ayrf9S5lBUpRrQc8IBY5LZA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.googlem.cf/

Response headers

Content-Type
text/html
Content-Length
3858
Connection
keep-alive
x-amz-id-2
iECySV1xdgIlXgUPc73G2LTS0nFoSWJ+i4CPPnNF3/srBoNKBwNKpuK5KlL5MEdwFGW2RpOKR5c=
x-amz-request-id
4CDA4D9E91CD8DC3
Last-Modified
Mon, 11 Jul 2016 15:40:57 GMT
Accept-Ranges
bytes
Server
AmazonS3
Date
Sun, 03 Mar 2019 08:17:16 GMT
ETag
"89b3869c44a37fc7985a72324cb2c2f5"
Age
12198
X-Cache
Hit from cloudfront
Via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
X-Amz-Cf-Id
VBSWSwLnFEcExVStKNxbTdGPWzByvIkfGcHl52e83g7337QHwJsNtQ==
getad
aax-eu.amazon-adsystem.com/x/ 		29 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/x/getad?jsd=1&src=302&c=100&sz=300x250&ec=0&u=https%3A%2F%2Fwww.googlem.cf%2F&cup=%7BlinkCode%3A%22ax1%22%2Ctag%3A%22smartup01-21%22%7D&pub=smartup01-21&rnd=696715
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
d3c287d0c893aad65841033b771f7f3dc407ddca55446f14dbf5dc2c6468d960

Request headers

Referer
https://www.googlem.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sun, 03 Mar 2019 11:40:33 GMT
Server
Server
Connection
keep-alive
Content-Length
29
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
assoc_lra.html
c.amazon-adsystem.com/aax2/ Frame 28C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/assoc_lra.html?tag=smartup01-21&c=100&src=302&sz=300x250
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/assoc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.211.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-211-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
c.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.googlem.cf/
Accept-Encoding
gzip, deflate, br
Cookie
ad-id=Ayrf9S5lBUpRrQc8IBY5LZA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.googlem.cf/

Response headers

Content-Type
text/html
Content-Length
3858
Connection
keep-alive
x-amz-id-2
iECySV1xdgIlXgUPc73G2LTS0nFoSWJ+i4CPPnNF3/srBoNKBwNKpuK5KlL5MEdwFGW2RpOKR5c=
x-amz-request-id
4CDA4D9E91CD8DC3
Last-Modified
Mon, 11 Jul 2016 15:40:57 GMT
Accept-Ranges
bytes
Server
AmazonS3
Date
Sun, 03 Mar 2019 08:17:16 GMT
ETag
"89b3869c44a37fc7985a72324cb2c2f5"
Age
12198
X-Cache
Hit from cloudfront
Via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
X-Amz-Cf-Id
D2ul0rCcnO1HXkvMdITs6q8HzPL4I6UQrmQvl7nfH5DXwgWAiPMQLA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googlem.cf
URL
https://www.googlem.cf/main.css
Domain
www.googlem.cf
URL
https://www.googlem.cf/main.css

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| aax_size string| aax_pubname string| aax_src function| aax_punt function| aax_write function| aax_render_ad object| params string| href string| key string| aaxserver number| aax_channel string| html object| adsbygoogle object| a number| countDownDate number| x object| cookieChoices

1 Cookies

Domain/Path Name / Value
.amazon-adsystem.com/ Name: ad-id
Value: Ayrf9S5lBUpRrQc8IBY5LZA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
aax-eu.amazon-adsystem.com
c.amazon-adsystem.com
goo.gl
i.imgur.com
i.pinimg.com
images-eu.ssl-images-amazon.com
ir-in.amazon-adsystem.com
lh3.googleusercontent.com
lh5.googleusercontent.com
media1.tenor.com
ws-in.amazon-adsystem.com
www.googlem.cf
www.googlem.cf
143.204.211.231
151.101.120.193
151.101.122.49
176.32.110.204
2a00:1450:4001:806::200e
2a00:1450:4001:808::2013
2a00:1450:4001:819::2001
2a00:1450:4001:821::2001
2a02:26f0:6c00:18d::1931
2a02:26f0:6c00:190::1931
52.94.218.7
52.95.120.120
54.192.201.128
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0aeb36e06ac5850675737b0fc11849e98f887f2c9be07c15131c36f019de0513
17f3f0f474eb23143eaa753171a5a2b96693eca972610c9646fbc953e4e80992
1b9a96bca79e3d5cfacffae15b8f843ed1bbcdde71860b0984d46bd5f2cc9581
1e76e3b4c84984ccefb3480404a7f142be0bc1fa29090e59aa167b5f2803c4f7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5d9d373face27b27193271d6616178c41794cedae741a5ff22b758edabb3a681
649f302f92445a75cecfc3890566391289ff49fa7de81462402f3d0932ec785d
71c394e2d7b9c3dc5d654080613cd6e4facb04fe5d9e53c036192be2258e1003
99bd726620138ead54819feb57020c6a53025c590b5d87d027eb670563699dbb
a2d244b21e057cd771234811e1047c3c3a8ed682d9fa7cc8c76a9131adf34307
a734fafc318c2157643a26cd52863ca0f043d24663454091bef8404f1296f524
be36e4b70d9c44f1e27c4de7c2b8ba3a2e0084bfcfa8eb8d78ad62819209fac9
d3c287d0c893aad65841033b771f7f3dc407ddca55446f14dbf5dc2c6468d960
e31d9a14cc2b9a5dd8a69bccd6dd059fa162d37fba5bc6772efac5431b58acd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c6cf13b32c422d571e4cc86beb52f17d963df049bef2732201614c94ea0fc0
e954b4587a76d6b3ea2f52056e19d269e02487579702569f6443ad2eb526c692
fd8e334ebc21968b23b2f84f4bb9d773885b38e85ed2eb4d155ffa52bcc3f340