urlscan.io logo urlscan.io
SecurityTrails logo

peopleslawdaily.info Open in urlscan Pro
132.148.212.87  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Effective URL: http://peopleslawdaily.info/westend/adobe/
Submission: On December 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 14 HTTP transactions. The main IP is 132.148.212.87, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is peopleslawdaily.info.
This is the only time peopleslawdaily.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

IP Address AS Autonomous System
2 2a04:9dc0:c1:... 9009 (M247)
2 35.190.50.89 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 132.148.212.87 26496 (AS-26496-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.108.46.69 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.111.239.74 16625 (AKAMAI-AS)
14 11
2    2a04:9dc0:c1:7::5f27:9684 (Romania)

ASN9009 (M247, GB)
dereferer.me
2    35.190.50.89 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 89.50.190.35.bc.googleusercontent.com
www.predictivdisplay.com
3    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    132.148.212.87 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-212-87.ip.secureserver.net
peopleslawdaily.info
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    104.108.46.69 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-46-69.deploy.static.akamaitechnologies.com
img1.wsimg.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    104.111.239.74 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-74.deploy.static.akamaitechnologies.com
img.secureserver.net
Domain Requested by
3 www.google-analytics.com 2 redirects dereferer.me
2 img.secureserver.net 1 redirects
2 fonts.googleapis.com peopleslawdaily.info
2 peopleslawdaily.info peopleslawdaily.info
2 stats.g.doubleclick.net dereferer.me
2 www.predictivdisplay.com dereferer.me
www.predictivdisplay.com
2 dereferer.me dereferer.me
1 fonts.gstatic.com peopleslawdaily.info
1 img1.wsimg.com peopleslawdaily.info
14 9

This site contains no links.

Subject Issuer Validity Valid
dereferer.me
Let's Encrypt Authority X3		 2019-11-02 -
2020-01-31		 3 months crt.sh
predictivdisplay.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-08 -
2020-03-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2018-09-25 -
2020-09-25		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://peopleslawdaily.info/westend/adobe/
Frame ID: 34295E1F9A239A603782E8DA268D6AA9
Requests: 21 HTTP requests in this frame

Frame: https://www.predictivdisplay.com/a/display.php?r=1881571&treqn=1037833207&runauction=1&crr=adb49634c8c274bdfa6c,EmRyUib98e96e3c3f0e7546f301&rtid=5dfbbcd05edf1&cbrandom=0.8444064867173424&cbtitle=Hide%20referrer%20-%20you%20are%20being%20redirected&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: 922A3F18419414E11CB8F47203AC1A57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0 Page URL
  2. http://peopleslawdaily.info/westend/adobe/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

14
Requests

86 %
HTTPS

60 %
IPv6

9
Domains

9
Subdomains

11
IPs

5
Countries

927 kB
Transfer

1934 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0 Page URL
  2. http://peopleslawdaily.info/westend/adobe/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=841556305&t=pageview&_s=1&dl=https%3A%2F%2Fdereferer.me%2F%3Fohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0&dp=%2Fauto%2Fhttp%3A%2F%2Fpeopleslawdaily.info%2Fwestend%2Fadobe%2F&ul=en-us&de=UTF-8&dt=Hide%20referrer%20-%20you%20are%20being%20redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1900962457&gjid=476388286&cid=459320168.1576778960&tid=UA-46992102-3&_gid=31281259.1576778960&_r=1&z=747281593 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1900962457&_gid=31281259.1576778960&gjid=476388286&_v=j79&z=747281593
Request Chain 6
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=841556305&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdereferer.me%2F%3Fohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0&dp=%2Fauto%2Fhttp%3A%2F%2Fpeopleslawdaily.info%2Fwestend%2Fadobe%2F&ul=en-us&de=UTF-8&dt=Hide%20referrer%20-%20you%20are%20being%20redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Link&ea=2500%20Wait&el=Redirect%20link&_u=aEBAAAAB~&jid=1565385306&gjid=830280448&cid=459320168.1576778960&tid=UA-46992102-3&_gid=31281259.1576778960&_r=1&z=1132944204 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1565385306&_gid=31281259.1576778960&gjid=830280448&_v=j79&z=1132944204
Request Chain 20
  • http://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=1576778963717&tdls=1576778963699&tfs=1576778963698&tns=1576778963696&trqs=1576778963735&tre=1576778964019&trps=1576778964017&tles=1576778965327&tlee=1576778965327&ht=perf&dh=peopleslawdaily.info&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&vci=1855665800&cv=1.0.6&z=687482895&vg=2260f2d6-5528-4b79-8846-06abf1b8bebe&vtg=2260f2d6-5528-4b79-8846-06abf1b8bebe&ap=cpbh&trfd=%7B%22cts%22%3A1576778965260%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpbh%22%2C%22server%22%3A%22p3plvcpnl319894%22%7D&dp=%2Fwestend%2Fadobe HTTP 301
  • https://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=1576778963717&tdls=1576778963699&tfs=1576778963698&tns=1576778963696&trqs=1576778963735&tre=1576778964019&trps=1576778964017&tles=1576778965327&tlee=1576778965327&ht=perf&dh=peopleslawdaily.info&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&vci=1855665800&cv=1.0.6&z=687482895&vg=2260f2d6-5528-4b79-8846-06abf1b8bebe&vtg=2260f2d6-5528-4b79-8846-06abf1b8bebe&ap=cpbh&trfd=%7B%22cts%22%3A1576778965260%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpbh%22%2C%22server%22%3A%22p3plvcpnl319894%22%7D&dp=%2Fwestend%2Fadobe

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dereferer.me/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9dc0:c1:7::5f27:9684 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software
Dereferer.me / Layer7 Cache
Resource Hash
448399328bf98653f37068eed4bfce936b1c8ad090239d5a50c60249e3a6772d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dereferer.me
:scheme
https
:path
/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 19 Dec 2019 18:09:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Dereferer.me
x-powered-by
Layer7 Cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-encoding
gzip
display.php
www.predictivdisplay.com/a/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.predictivdisplay.com/a/display.php?r=1881571
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
c8259bf61a4fe2dd966aee83c29e0a923aeb74b22fb0b5f4b90713a06a26920c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 18:09:20 GMT
content-encoding
gzip
referrer-policy
no-referrer
alt-svc
clear
server
openresty
content-type
application/javascript; charset=utf-8
status
200
link
<//www.predictivdisplay.com>; rel=dns-prefetch,<//www.predictivdisplay.com>; rel=preconnect
via
1.1 google
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
538
date
Thu, 19 Dec 2019 18:00:22 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 19 Dec 2019 20:00:22 GMT
bg19.jpg
dereferer.me/static/images/backgrounds/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dereferer.me/static/images/backgrounds/bg19.jpg
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a04:9dc0:c1:7::5f27:9684 , Romania, ASN9009 (M247, GB),
Reverse DNS
Software
Dereferer.me / Layer7 Cache
Resource Hash
f4e407e7695b058455d93b41c4fd9d6465318b745a3d79cf19f769ce13764535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 18:09:20 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Nov 2016 15:11:42 GMT
server
Dereferer.me
x-powered-by
Layer7 Cache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
172416
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=841556305&t=pageview&_s=1&dl=https%3A%2F%2Fdereferer.me%2F%3Fohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0&dp=%2Fauto%2Fh...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1900962457&_gid=31281259.1576778960&gjid=476388286&_v=j79&z=747281593
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1900962457&_gid=31281259.1576778960&gjid=476388286&_v=j79&z=747281593
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 19 Dec 2019 18:09:20 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Dec 2019 18:09:20 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1900962457&_gid=31281259.1576778960&gjid=476388286&_v=j79&z=747281593
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
415
expires
Fri, 01 Jan 1990 00:00:00 GMT
display.php
www.predictivdisplay.com/a/ Frame 922A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.predictivdisplay.com/a/display.php?r=1881571&treqn=1037833207&runauction=1&crr=adb49634c8c274bdfa6c,EmRyUib98e96e3c3f0e7546f301&rtid=5dfbbcd05edf1&cbrandom=0.8444064867173424&cbtitle=Hide%20referrer%20-%20you%20are%20being%20redirected&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by
Host: www.predictivdisplay.com
URL: https://www.predictivdisplay.com/a/display.php?r=1881571
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.50.89 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
89.50.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.predictivdisplay.com
:scheme
https
:path
/a/display.php?r=1881571&treqn=1037833207&runauction=1&crr=adb49634c8c274bdfa6c,EmRyUib98e96e3c3f0e7546f301&rtid=5dfbbcd05edf1&cbrandom=0.8444064867173424&cbtitle=Hide%20referrer%20-%20you%20are%20being%20redirected&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
openresty
date
Thu, 19 Dec 2019 18:09:20 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
link
<//www.predictivdisplay.com>; rel=dns-prefetch,<//www.predictivdisplay.com>; rel=preconnect,<//rdtrck2.com>; rel=dns-prefetch,<//rdtrck2.com>; rel=preconnect
set-cookie
acnetwork=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
referrer-policy
no-referrer
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-encoding
gzip
via
1.1 google
alt-svc
clear
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=841556305&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdereferer.me%2F%3Fohj_bjmGjP0nZ36WopERBZwedAWmjn_w8OW2z7B-oe3gk_eyz2oNBJDRk4D-g2W_0&dp=%2Fauto%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1565385306&_gid=31281259.1576778960&gjid=830280448&_v=j79&z=1132944204
35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1565385306&_gid=31281259.1576778960&gjid=830280448&_v=j79&z=1132944204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 19 Dec 2019 18:09:23 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Dec 2019 18:09:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46992102-3&cid=459320168.1576778960&jid=1565385306&_gid=31281259.1576778960&gjid=830280448&_v=j79&z=1132944204
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
peopleslawdaily.info/westend/adobe/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://peopleslawdaily.info/westend/adobe/
Protocol
HTTP/1.1
Server
132.148.212.87 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-132-148-212-87.ip.secureserver.net
Software
Apache / PHP/7.3.8
Resource Hash
9c44483359d2713ec5e1c95000202940e473258196ea2e5b66f9b6d959183c91

Request headers

Host
peopleslawdaily.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Dec 2019 18:09:23 GMT
Server
Apache
X-Powered-By
PHP/7.3.8
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
1505
Keep-Alive
timeout=5
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		2 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: peopleslawdaily.info
URL: http://peopleslawdaily.info/westend/adobe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
55f0b93449e3b2e4e5ad6538104f0753b0d4903fc38e6f12db26325f4e40d83a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 19 Dec 2019 18:09:24 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 19 Dec 2019 18:09:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 19 Dec 2019 18:09:24 GMT
style.css
peopleslawdaily.info/westend/adobe/css/ 		966 KB
718 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://peopleslawdaily.info/westend/adobe/css/style.css
Requested by
Host: peopleslawdaily.info
URL: http://peopleslawdaily.info/westend/adobe/
Protocol
HTTP/1.1
Server
132.148.212.87 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-132-148-212-87.ip.secureserver.net
Software
Apache /
Resource Hash
5f05e34713bc756ca443576ccc75bc9cd5b92ed3b7303aa9aadea8ace9f1ae17

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Dec 2019 18:09:24 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Jan 2019 05:08:22 GMT
Server
Apache
ETag
"a3c27-f189a-57eaefc11fd80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by
Host: peopleslawdaily.info
URL: http://peopleslawdaily.info/westend/adobe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.46.69 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-46-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 18:09:24 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 16:26:41 GMT
access-control-allow-origin
*
etag
"52ef5c943baad21:0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
4564
expires
Fri, 18 Dec 2020 18:09:24 GMT
css
fonts.googleapis.com/ 		0
559 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: peopleslawdaily.info
URL: http://peopleslawdaily.info/westend/adobe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 19 Dec 2019 18:09:24 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 19 Dec 2019 18:09:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 19 Dec 2019 18:09:24 GMT
truncated
/ 		693 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29af1538e8e76ea4999023fcc047561177af89ff1b9ba021668044dea47f4611

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
028851bdb881c7f0851ccceeba93f94b77edf707ac1e8e1a94cf6106a11b249b

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5abe79538714148a390de1c7d7d568746510a32e14b37feacc4812155825558

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
685f77342ca77f562bb319cf666966ebd283ba9ad568148bf4d6f66d5fa08eb5

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a108a7df48da361bd9f5217fd4fd21a70888d5b324b4e13ab80370804cd3b7d

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ebb311bb3652ddc5c78025cef665618b0c979098c9f5eacb9c452a5fdceb3c9

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
baad0cc991ef1ca7a4405615b827746e6a97dc6cb7045b544118c874ff1760ff

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2b00dc7e4ff8539cf742bf8d295c111dea08acf46328483d68640135887e70a

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: peopleslawdaily.info
URL: http://peopleslawdaily.info/westend/adobe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:600
Origin
http://peopleslawdaily.info

Response headers

date
Thu, 21 Nov 2019 07:11:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
2458647
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Fri, 20 Nov 2020 07:11:58 GMT
event
img.secureserver.net/t/1/tl/
Redirect Chain
  • http://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=1...
  • https://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=...
43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=1576778963717&tdls=1576778963699&tfs=1576778963698&tns=1576778963696&trqs=1576778963735&tre=1576778964019&trps=1576778964017&tles=1576778965327&tlee=1576778965327&ht=perf&dh=peopleslawdaily.info&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&vci=1855665800&cv=1.0.6&z=687482895&vg=2260f2d6-5528-4b79-8846-06abf1b8bebe&vtg=2260f2d6-5528-4b79-8846-06abf1b8bebe&ap=cpbh&trfd=%7B%22cts%22%3A1576778965260%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpbh%22%2C%22server%22%3A%22p3plvcpnl319894%22%7D&dp=%2Fwestend%2Fadobe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.74 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-239-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://peopleslawdaily.info/westend/adobe/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 19 Dec 2019 18:09:25 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://peopleslawdaily.info, *
Access-Control-Max-Age
1000
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://img.secureserver.net/t/1/tl/event?cts=1576778965527&tce=1576778963735&tcs=1576778963717&tdc=1576778965327&tdclee=1576778965261&tdcles=1576778965261&tdi=1576778965261&tdl=1576778964021&tdle=1576778963717&tdls=1576778963699&tfs=1576778963698&tns=1576778963696&trqs=1576778963735&tre=1576778964019&trps=1576778964017&tles=1576778965327&tlee=1576778965327&ht=perf&dh=peopleslawdaily.info&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&vci=1855665800&cv=1.0.6&z=687482895&vg=2260f2d6-5528-4b79-8846-06abf1b8bebe&vtg=2260f2d6-5528-4b79-8846-06abf1b8bebe&ap=cpbh&trfd=%7B%22cts%22%3A1576778965260%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpbh%22%2C%22server%22%3A%22p3plvcpnl319894%22%7D&dp=%2Fwestend%2Fadobe
Date
Thu, 19 Dec 2019 18:09:25 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| popupwnd object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dereferer.me
fonts.googleapis.com
fonts.gstatic.com
img.secureserver.net
img1.wsimg.com
peopleslawdaily.info
stats.g.doubleclick.net
www.google-analytics.com
www.predictivdisplay.com
104.108.46.69
104.111.239.74
132.148.212.87
2a00:1450:4001:809::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81e::200e
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9d
2a04:9dc0:c1:7::5f27:9684
35.190.50.89
028851bdb881c7f0851ccceeba93f94b77edf707ac1e8e1a94cf6106a11b249b
29af1538e8e76ea4999023fcc047561177af89ff1b9ba021668044dea47f4611
3a108a7df48da361bd9f5217fd4fd21a70888d5b324b4e13ab80370804cd3b7d
448399328bf98653f37068eed4bfce936b1c8ad090239d5a50c60249e3a6772d
55f0b93449e3b2e4e5ad6538104f0753b0d4903fc38e6f12db26325f4e40d83a
5f05e34713bc756ca443576ccc75bc9cd5b92ed3b7303aa9aadea8ace9f1ae17
685f77342ca77f562bb319cf666966ebd283ba9ad568148bf4d6f66d5fa08eb5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ebb311bb3652ddc5c78025cef665618b0c979098c9f5eacb9c452a5fdceb3c9
9c44483359d2713ec5e1c95000202940e473258196ea2e5b66f9b6d959183c91
a2b00dc7e4ff8539cf742bf8d295c111dea08acf46328483d68640135887e70a
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
baad0cc991ef1ca7a4405615b827746e6a97dc6cb7045b544118c874ff1760ff
c8259bf61a4fe2dd966aee83c29e0a923aeb74b22fb0b5f4b90713a06a26920c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e407e7695b058455d93b41c4fd9d6465318b745a3d79cf19f769ce13764535
f5abe79538714148a390de1c7d7d568746510a32e14b37feacc4812155825558