urlscan.io logo urlscan.io
SecurityTrails logo

ahsqutes.monster Open in urlscan Pro
91.149.209.42  Public Scan

Go To Rescan Add Verdict Report
URL: http://ahsqutes.monster/
Submission: On November 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 12 countries across 61 domains to perform 472 HTTP transactions. The main IP is 91.149.209.42, located in Zawiercie, Poland and belongs to WAVECOM-AS, EE. The main domain is ahsqutes.monster.
This is the only time ahsqutes.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 91.149.209.42 34702 (WAVECOM-AS)
1 2a00:1450:400... 15169 (GOOGLE)
20 69.16.175.10 20446 (HIGHWINDS3)
1 2 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 29 172.217.22.66 15169 (GOOGLE)
2 178.79.227.76 22822 (LLNW)
1 2600:9000:215... 16509 (AMAZON-02)
42 69.16.175.42 20446 (HIGHWINDS3)
2 4 2a03:2880:f21... 32934 (FACEBOOK)
6 151.139.128.10 20446 (HIGHWINDS3)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 3 2.16.186.80 20940 (AKAMAI-ASN1)
1 91.228.74.134 27281 (QUANTCAST)
1 2600:9000:215... 16509 (AMAZON-02)
10 2606:2800:234... 15133 (EDGECAST)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 143.204.90.242 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:215... 16509 (AMAZON-02)
21 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
1 1 35.236.211.40 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2 2600:9000:215... 16509 (AMAZON-02)
1 13.225.78.126 16509 (AMAZON-02)
8 18.203.21.2 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2 64.202.112.95 22075 (AS-OUTBRAIN)
7 14 185.33.223.210 29990 (ASN-APPNEXUS)
3 3 52.59.13.16 16509 (AMAZON-02)
3 3 18.196.130.47 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 62.149.0.72 15497 (COLOCALL ...)
1 13.224.196.127 16509 (AMAZON-02)
1 1 104.244.42.8 13414 (TWITTER)
5 52.209.131.99 16509 (AMAZON-02)
1 52.222.174.190 16509 (AMAZON-02)
2 151.101.14.217 54113 (FASTLY)
2 2.18.232.7 16625 (AKAMAI-AS)
1 52.58.97.76 16509 (AMAZON-02)
1 72.251.249.13 29791 (VOXEL-DOT...)
13 69.173.144.141 26667 (RUBICONPR...)
11 20 152.199.22.24 15133 (EDGECAST)
6 2a03:2880:f11... 32934 (FACEBOOK)
8 151.101.114.217 54113 (FASTLY)
1 34.195.95.173 14618 (AMAZON-AES)
4 52.86.189.110 14618 (AMAZON-AES)
3 54.175.237.245 14618 (AMAZON-AES)
27 34.95.120.147 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:21f... 16509 (AMAZON-02)
27 37.157.2.235 198622 (ADFORM)
5 69.173.144.153 26667 (RUBICONPR...)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2600:9000:20e... 16509 (AMAZON-02)
18 37.157.5.72 198622 (ADFORM)
3 18.196.104.43 16509 (AMAZON-02)
3 52.4.113.87 14618 (AMAZON-AES)
6 104.16.190.66 13335 (CLOUDFLAR...)
3 74.214.194.133 59940 (PULSEPOIN...)
3 34.198.184.44 14618 (AMAZON-AES)
3 2.18.234.21 16625 (AKAMAI-AS)
3 178.162.133.150 60781 (LEASEWEB-...)
3 12 52.28.69.126 16509 (AMAZON-02)
4 162.210.196.208 30633 (LEASEWEB-...)
1 208.100.17.172 32748 (STEADFAST)
1 2600:9000:215... 16509 (AMAZON-02)
9 23.37.55.184 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
2 52.3.239.25 14618 (AMAZON-AES)
4 151.101.113.194 54113 (FASTLY)
1 185.80.38.195 27381 (CASALE-MEDIA)
1 18.195.61.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 151.101.13.108 54113 (FASTLY)
1 1 13.224.196.3 16509 (AMAZON-02)
1 3.121.172.124 16509 (AMAZON-02)
1 1 91.228.74.168 27281 (QUANTCAST)
3 3 35.156.24.221 16509 (AMAZON-02)
1 3 35.158.167.38 16509 (AMAZON-02)
1 63.32.23.112 16509 (AMAZON-02)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
3 104.17.120.107 13335 (CLOUDFLAR...)
3 151.101.12.166 54113 (FASTLY)
3 2600:9000:215... 16509 (AMAZON-02)
3 3.233.25.159 14618 (AMAZON-AES)
3 143.204.101.31 16509 (AMAZON-02)
1 208.100.17.176 32748 (STEADFAST)
10 10 172.217.18.2 15169 (GOOGLE)
3 18.195.171.24 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
472 88
6    91.149.209.42 (Zawiercie, Poland)

ASN34702 (WAVECOM-AS, EE)
PTR: mail.ahsqutes.monster
ahsqutes.monster
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
20    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net
www.justjared.com
cdn04.cdn.justjared.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjaredjr.com
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
17    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
29    172.217.22.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net
2    178.79.227.76 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-76.vie.llnw.net
tradecraft.s.llnwi.net
1    2600:9000:2156:1400:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
get.s-onetag.com
42    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net
cdn03.cdn.justjared.com
cdn01.cdn.justjared.com
cdn02.cdn.justjared.com
cdn01.cdn.justjaredjr.com
4    2a03:2880:f21c:81e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.instagram.com
6    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
assets.revcontent.com
cdn.revcontent.com
img.revcontent.com
4    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2.16.186.80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
1    91.228.74.134 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
edge.quantserve.com
1    2600:9000:2156:2000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
10    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2600:9000:20eb:ac00:1e:48a3:1500:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
db356nau468gk.cloudfront.net
3    143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net
c.amazon-adsystem.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2600:9000:2156:e800:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
beacon.s-onetag.com
21    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
www.googletagservices.com
2    2600:9000:21f3:200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
1    35.236.211.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 40.211.236.35.bc.googleusercontent.com
i.clean.gg
1    2600:9000:21f3:7600:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dw7nrwnn2bkh1.cloudfront.net
2    2600:9000:2156:4200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    13.225.78.126 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-126.fra2.r.cloudfront.net
js.gumgum.com
8    18.203.21.2 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
trends.revcontent.com
cm.revcontent.com
1    2600:9000:21f3:fc00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
2    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
b1sync.zemanta.com
14    185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    52.59.13.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-13-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    18.196.130.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-130-47.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com
bttrack.com
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.adtelligent3-tmp.cc.colocall.com
sync.adtelligent.com
1    13.224.196.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-127.fra2.r.cloudfront.net
api.quantcast.mgr.consensu.org
1    104.244.42.8 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
5    52.209.131.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    52.222.174.190 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-174-190.fra54.r.cloudfront.net
audit.quantcast.mgr.consensu.org
2    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
2    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
1    52.58.97.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-97-76.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ap.lijit.com
13    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
20    152.199.22.24 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
adserver-us.adtech.advertising.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
8    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
ck.connatix.com
i.connatix.com
1    34.195.95.173 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-95-173.compute-1.amazonaws.com
core.connatix.com
4    52.86.189.110 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-189-110.compute-1.amazonaws.com
rtb.connatix.com
3    54.175.237.245 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-175-237-245.compute-1.amazonaws.com
trk.connatix.com
27    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
connatix-d.openx.net
10    2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
5    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
5    2600:9000:21f3:ca00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3lcz8vpax4lo2.cloudfront.net
27    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
5    69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu2.rubiconproject.com
13    2606:4700:10::6814:180b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geoip.insticator.com
b2c.insticator.com
event.insticator.com
cms.insticator.com
13    2600:9000:20eb:fa00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
df80k0z3fi8zg.cloudfront.net
18    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
3    52.4.113.87 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-113-87.compute-1.amazonaws.com
prebid.technoratimedia.com
6    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
3    74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bid.contextweb.com
3    34.198.184.44 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-184-44.compute-1.amazonaws.com
display.bfmio.com
3    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
3    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
12    52.28.69.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
ice.360yield.com
match.360yield.com
4    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
hb.aralego.com
1    208.100.17.172 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip172.208-100-17.static.steadfastdns.net
ssc.33across.com
1    2600:9000:2156:fe00:0:a223:1e40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
t.ingage.tech
9    23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
2    52.3.239.25 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-239-25.compute-1.amazonaws.com
c.ingage.tech
4    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
clarium.global.ssl.fastly.net
1    185.80.38.195 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)
a3226.casalemedia.com
1    18.195.61.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-61-72.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
1    2a00:1450:4006:802::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
csi.gstatic.com
3    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
7    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
1    13.224.196.3 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-3.fra2.r.cloudfront.net
ib.3lift.com
1    3.121.172.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-121-172-124.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    91.228.74.168 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
3    35.156.24.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-24-221.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    35.158.167.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-167-38.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    63.32.23.112 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-23-112.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:13::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)
aol-match.dotomi.com
3    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
3    151.101.12.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
3    2600:9000:2156:5000:e:e6df:4340:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.aralego.com
3    3.233.25.159 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-233-25-159.compute-1.amazonaws.com
sync.bfmio.com
3    143.204.101.31 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-31.fra50.r.cloudfront.net
ad-cdn.technoratimedia.com
1    208.100.17.176 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip176.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
10    172.217.18.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
3    18.195.171.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    2600:9000:2156:b400:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo.s-onetag.com
Apex Domain
Subdomains		 Transfer
59 justjared.com
www.justjared.com
cdn03.cdn.justjared.com
cdn04.cdn.justjared.com
cdn01.cdn.justjared.com
cdn02.cdn.justjared.com
1 MB
45 adform.net
track.adform.net
s1.adform.net
802 KB
42 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net Failed
410 KB
27 openx.net
connatix-d.openx.net
15 KB
27 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu2.rubiconproject.com
eus.rubiconproject.com
31 KB
23 advertising.com
adserver-us.adtech.advertising.com
pixel.advertising.com
13 KB
21 adnxs.com
ib.adnxs.com
acdn.adnxs.com
15 KB
20 cloudfront.net
db356nau468gk.cloudfront.net
dw7nrwnn2bkh1.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
607 KB
19 googletagservices.com
www.googletagservices.com
504 KB
19 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
239 KB
18 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
1 MB
15 360yield.com
ice.360yield.com
ad.360yield.com
match.360yield.com
12 KB
14 revcontent.com
assets.revcontent.com
trends.revcontent.com
cdn.revcontent.com
cm.revcontent.com
img.revcontent.com
195 KB
13 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
cms.insticator.com
6 KB
11 twitter.com
platform.twitter.com
syndication.twitter.com
32 KB
7 aralego.com
hb.aralego.com
cdn.aralego.com
1 KB
7 facebook.com
staticxx.facebook.com
www.facebook.com
6 bfmio.com
display.bfmio.com
sync.bfmio.com
1 KB
6 contextweb.com
bid.contextweb.com
bh.contextweb.com
821 B
6 districtm.io
dmx.districtm.io
cdn.districtm.io
508 B
6 technoratimedia.com
prebid.technoratimedia.com
ad-cdn.technoratimedia.com
972 B
6 gumgum.com
js.gumgum.com
g2.gumgum.com
35 KB
6 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
133 KB
6 google.com
www.google.com
adservice.google.com
7 KB
6 ahsqutes.monster
ahsqutes.monster
86 KB
5 jsdelivr.net
cdn.jsdelivr.net
40 KB
5 google.de
www.google.de
adservice.google.de
793 B
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
4 gstatic.com
csi.gstatic.com
fonts.gstatic.com
48 KB
4 fastly.net
clarium.global.ssl.fastly.net
92 KB
4 casalemedia.com
as-sec.casalemedia.com
a3226.casalemedia.com
3 KB
4 google-analytics.com
www.google-analytics.com
35 KB
4 instagram.com
www.instagram.com
5 KB
3 brealtime.com
biddr.brealtime.com
3 ingage.tech
t.ingage.tech
c.ingage.tech
4 KB
3 sonobi.com
apex.go.sonobi.com
2 KB
3 emxdgt.com
hb.emxdgt.com
921 B
3 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
29 KB
3 justjaredjr.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjaredjr.com
314 KB
3 scorecardresearch.com
b.scorecardresearch.com
2 KB
3 s-onetag.com
get.s-onetag.com
beacon.s-onetag.com
onetag-geo.s-onetag.com
18 KB
2 fontawesome.com
use.fontawesome.com
85 KB
2 33across.com
ssc.33across.com
ssc-cms.33across.com
390 B
2 teads.tv
a.teads.tv
sync.teads.tv
577 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 quantcount.com
rules.quantcount.com
782 B
2 facebook.net
connect.facebook.net
61 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
25 KB
2 quantserve.com
edge.quantserve.com
pixel.quantserve.com
6 KB
2 llnwi.net
tradecraft.s.llnwi.net
269 KB
1 dotomi.com
aol-match.dotomi.com
104 B
1 adsrvr.org
match.adsrvr.org
264 B
1 clarium.io
protected-by.clarium.io
345 B
1 lijit.com
ap.lijit.com
476 B
1 adtelligent.com
sync.adtelligent.com
384 B
1 bttrack.com
bttrack.com
380 B
1 clean.gg
i.clean.gg
366 B
1 googletagmanager.com
www.googletagmanager.com
27 KB
472 61
Domain Requested by
29 securepubads.g.doubleclick.net 1 redirects ahsqutes.monster
securepubads.g.doubleclick.net
db356nau468gk.cloudfront.net
27 track.adform.net ahsqutes.monster
s1.adform.net
27 connatix-d.openx.net cdns.connatix.com
20 adserver-us.adtech.advertising.com 11 redirects
19 www.googletagservices.com db356nau468gk.cloudfront.net
ahsqutes.monster
18 s1.adform.net ahsqutes.monster
15 cdn03.cdn.justjared.com ahsqutes.monster
14 ib.adnxs.com 7 redirects tradecraft.s.llnwi.net
df80k0z3fi8zg.cloudfront.net
14 cdn02.cdn.justjared.com ahsqutes.monster
13 df80k0z3fi8zg.cloudfront.net ahsqutes.monster
d3lcz8vpax4lo2.cloudfront.net
13 fastlane.rubiconproject.com tradecraft.s.llnwi.net
df80k0z3fi8zg.cloudfront.net
13 cdn04.cdn.justjared.com ahsqutes.monster
12 cdn01.cdn.justjared.com ahsqutes.monster
10 tpc.googlesyndication.com db356nau468gk.cloudfront.net
ahsqutes.monster
10 cm.g.doubleclick.net
10 platform.twitter.com ahsqutes.monster
db356nau468gk.cloudfront.net
9 eus.rubiconproject.com ahsqutes.monster
db356nau468gk.cloudfront.net
9 ice.360yield.com 3 redirects df80k0z3fi8zg.cloudfront.net
9 pagead2.googlesyndication.com ahsqutes.monster
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 acdn.adnxs.com db356nau468gk.cloudfront.net
ahsqutes.monster
7 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
7 i.connatix.com
6 www.facebook.com db356nau468gk.cloudfront.net
6 ahsqutes.monster ahsqutes.monster
d3lcz8vpax4lo2.cloudfront.net
5 beacon-eu2.rubiconproject.com ahsqutes.monster
5 d3lcz8vpax4lo2.cloudfront.net ahsqutes.monster
d3lcz8vpax4lo2.cloudfront.net
5 cdn.jsdelivr.net db356nau468gk.cloudfront.net
5 g2.gumgum.com js.gumgum.com
df80k0z3fi8zg.cloudfront.net
5 cm.revcontent.com ahsqutes.monster
5 www.justjared.com ahsqutes.monster
4 clarium.global.ssl.fastly.net ahsqutes.monster
4 hb.aralego.com df80k0z3fi8zg.cloudfront.net
4 rtb.connatix.com db356nau468gk.cloudfront.net
4 img.revcontent.com ahsqutes.monster
4 adservice.google.com securepubads.g.doubleclick.net
ahsqutes.monster
4 adservice.google.de securepubads.g.doubleclick.net
ahsqutes.monster
4 www.google-analytics.com 1 redirects www.googletagmanager.com
ahsqutes.monster
4 www.instagram.com 2 redirects ahsqutes.monster
db356nau468gk.cloudfront.net
3 match.360yield.com
3 ad.360yield.com
3 ad-cdn.technoratimedia.com ahsqutes.monster
3 sync.bfmio.com ahsqutes.monster
3 cdn.aralego.com ahsqutes.monster
3 bh.contextweb.com ahsqutes.monster
3 biddr.brealtime.com ahsqutes.monster
3 cdn.districtm.io ahsqutes.monster
3 ups.analytics.yahoo.com 1 redirects
3 pixel.advertising.com 3 redirects
3 fonts.gstatic.com d3lcz8vpax4lo2.cloudfront.net
3 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
3 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
3 as-sec.casalemedia.com df80k0z3fi8zg.cloudfront.net
3 display.bfmio.com df80k0z3fi8zg.cloudfront.net
3 bid.contextweb.com df80k0z3fi8zg.cloudfront.net
3 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
3 prebid.technoratimedia.com df80k0z3fi8zg.cloudfront.net
3 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
3 trk.connatix.com
3 rtb.mfadsrvr.com 3 redirects
3 x.bidswitch.net 3 redirects
3 trends.revcontent.com db356nau468gk.cloudfront.net
3 c.amazon-adsystem.com tradecraft.s.llnwi.net
c.amazon-adsystem.com
3 b.scorecardresearch.com 1 redirects ahsqutes.monster
2 c.ingage.tech t.ingage.tech
2 use.fontawesome.com ahsqutes.monster
2 b2c.insticator.com db356nau468gk.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
2 b1sync.zemanta.com 2 redirects
2 rules.quantcount.com 1 redirects ahsqutes.monster
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
db356nau468gk.cloudfront.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
ahsqutes.monster
2 connect.facebook.net ahsqutes.monster
connect.facebook.net
2 tradecraft.s.llnwi.net ahsqutes.monster
tradecraft.s.llnwi.net
2 www.google.com 1 redirects ahsqutes.monster
1 onetag-geo.s-onetag.com beacon.s-onetag.com
1 ssc-cms.33across.com ahsqutes.monster
1 aol-match.dotomi.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org
1 pixel.quantserve.com 1 redirects
1 eb2.3lift.com db356nau468gk.cloudfront.net
1 ib.3lift.com 1 redirects
1 sync.teads.tv db356nau468gk.cloudfront.net
1 cms.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 csi.gstatic.com securepubads.g.doubleclick.net
1 protected-by.clarium.io ahsqutes.monster
1 a3226.casalemedia.com ahsqutes.monster
1 fonts.googleapis.com ahsqutes.monster
1 t.ingage.tech d3lcz8vpax4lo2.cloudfront.net
1 ssc.33across.com df80k0z3fi8zg.cloudfront.net
1 core.connatix.com ahsqutes.monster
1 ck.connatix.com db356nau468gk.cloudfront.net
1 cdns.connatix.com ahsqutes.monster
1 ap.lijit.com tradecraft.s.llnwi.net
1 tlx.3lift.com tradecraft.s.llnwi.net
1 a.teads.tv tradecraft.s.llnwi.net
1 cdn.connatix.com db356nau468gk.cloudfront.net
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 syndication.twitter.com 1 redirects
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 sync.adtelligent.com 1 redirects
1 bttrack.com ahsqutes.monster
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 staticxx.facebook.com db356nau468gk.cloudfront.net
1 cdn.revcontent.com ahsqutes.monster
1 js.gumgum.com db356nau468gk.cloudfront.net
1 dw7nrwnn2bkh1.cloudfront.net ahsqutes.monster
1 i.clean.gg 1 redirects
1 beacon.s-onetag.com get.s-onetag.com
1 db356nau468gk.cloudfront.net tradecraft.s.llnwi.net
1 ajax.googleapis.com www.google.com
1 www.google.de ahsqutes.monster
1 stats.g.doubleclick.net 1 redirects
1 cdn03.cdn.justjaredjr.com ahsqutes.monster
1 cdn02.cdn.justjaredjr.com ahsqutes.monster
1 cdn01.cdn.justjaredjr.com ahsqutes.monster
1 quantcast.mgr.consensu.org ahsqutes.monster
1 edge.quantserve.com ahsqutes.monster
1 assets.revcontent.com ahsqutes.monster
1 get.s-onetag.com ahsqutes.monster
1 www.googletagmanager.com ahsqutes.monster
472 120
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2019-10-09 -
2020-01-07		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.s-onetag.com
Amazon		 2019-06-25 -
2020-07-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.gumgum.com
Amazon		 2019-01-09 -
2020-02-09		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
revcontent.com
Amazon		 2019-09-19 -
2020-10-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
j3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-15 -
2020-09-16		 10 months crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 High Assurance Server CA		 2018-05-22 -
2020-05-26		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.connatix.com
Amazon		 2019-10-19 -
2020-11-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-14 -
2020-03-22		 6 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.insticator.com
COMODO RSA Organization Validation Secure Server CA		 2018-05-25 -
2020-08-26		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
*.bfmio.com
Amazon		 2019-06-19 -
2020-07-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2019-02-01 -
2021-02-04		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2019-07-17 -
2021-07-16		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-02 -
2020-01-03		 a year crt.sh
*.casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2018-10-12 -
2020-12-13		 2 years crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2018-04-26 -
2020-04-26		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-10-30 -
2020-04-27		 6 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 76 frames:

Primary Page: http://ahsqutes.monster/
Frame ID: 301EB71C77E0A2EC3082EB868CC64FEE
Requests: 169 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191112/r20190131/zrt_lookup.html
Frame ID: 7994428640DE780591145B41B167BB17
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v26/cmp-3pc-check.html
Frame ID: CD00BB2CDE406434C84E440BBDFF399A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637254547934685&output=html&adk=1812271804&adf=3025194257&lmt=1573961118&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fahsqutes.monster%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573961118421&bpp=6&bdt=762&fdt=134&idt=135&shv=r20191112&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3406673660160&frm=20&pv=2&ga_vid=1556147499.1573961118&ga_sid=1573961119&ga_hid=491895035&ga_fc=0&iag=0&icsg=2251800881146368&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C410075106&oid=3&pvsid=2434550735028448&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145
Frame ID: A8554BE354FBC11BE891610375B90E0D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Fahsqutes.monster
Frame ID: B5E94D6F513A6D308C00F27048112130
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/p/B48VOjQg-le/embed/?cr=1&v=12&wp=326&rd=http%3A%2F%2Fahsqutes.monster&rp=%2F
Frame ID: 973AAFB1867055CB4C1A37ADD0C67F4C
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 1AA80DB1364EB2840BDCE40728DE0CBD
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: FE60D192BF0FB558CB7F452D03CD308C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: 494402A6D2B261991CABCC709521D9F7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: EEC7745D9C9C489FF9DBAAF1D60DCFF0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: 94F4FD22853F9B778BFEE564E83D4F8C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: D488E827693FCBEA21EC992C63C8A050
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: BBF66624FA89E2BD99A53466AE509046
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 91226BDA912B8E8395BD81AC19179C97
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3c373b68de58a%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Ffelicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: CFA9F9AD587A023059A8FD474125BAE7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2f68f08b488e4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fderek-hough-undergoes-emergency-surgery-to-remove-appendix%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 6773A1611BF6EB30BF466D3554CED8B9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df16dac75faac3c4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fsarah-palin-says-she-found-out-husband-todd-was-divorcing-her-in-an-email%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: ADFF7D7128561CA47D72141C181C7F79
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df356b465553723c%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Folivia-wilde-receives-raymond-vineyards-trailblazer-award-at-napa-valley-film-festival-2019%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 86A25C8783B7A5246E2E5A70DC777C11
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12d73ac69cea7%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fariana-grande-updates-fans-on-health-has-trouble-breathing-during-show%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: A9723D5B9484315F105B7FEF75C72829
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2840ec3157f564%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fhannah-jeter-says-she-went-into-hiding-after-gaining-70lbs-during-first-pregnancy%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 32E473CF4D2630869DF680901AAA8729
Requests: 1 HTTP requests in this frame

Frame: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Frame ID: 81BB8EE44373A6F6123BA9262A88C0BA
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJ9STL68_7SFRvvQAHSDjiVdKP_N5NiltBmbi1gLOjir3c6MB5S6DsiHTfVvxkqMxNTJzDpYzIJQyKZIIoEenLooA1nbOReVHPYi6QPQGUO1gvYbVgOGLYCUTq6NOEnPUZiz88LQSnQXOlbPdhoEbHh2YhRAIpdQ9926MwTmpcmg5Qu7zg37X7JnCXXwMG4sCQxi2ZvqBZQNxXZi5Ai0oA_qSprYY_D2p9iU0D7hdbm5pdenN5cD1Okkyd1p8dKUSpbCS51obBK5HtXiEgULUlFrd2nFZ40_GxkzOfmebzXw-UK09gH-bL&sig=Cg0ArKJSzEvUdBSkLkU9EAE&urlfix=1&adurl=
Frame ID: F44C0379CE9E3D7DED53509E71DCEC91
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAppVpJyDBzaal6RmFtRYos_hcj-eSwwuYMaM-KYqtDS6VAsrV9nzUngZtGIIwu-SCUg8ncOUDfcZO959LPixnzNh4EZPjTyYwFVHGGC2Y0nk-nwHw_3Qj-Ed8EXZ4hTzWL_z9-i0ms9N7gY5ZF4PvrHIQepelSArC_9qzAH1wmj15-secuVDjSGp7HuJNs0ZNiiNPEyLiF5B9_jH_iP8Ll8h1IyLNCmAsumKZ5Y4p-llnlf-UWjjcc42hD7LlxrBW65ufz_Mm8tt1nLDkMHxXVc2VBEG7VNzxAO9D6CRGXzQ77XENAYanGw&sig=Cg0ArKJSzN9I3tki-7OxEAE&urlfix=1&adurl=
Frame ID: 56DC34D87686C116A587AA10739D7B20
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBQcuWD7JZCPZzwtJDyb287rjgmXYhOPpnrDvhG3v0rY0MJSpIfZ0HURlLfaZ7jXjEFSU062-1bwpVNih6757J2fKccbKkw-nHER-5f8kusd60sbygRqrmUx4KlCJ6O58nfM6SG4eKr2bjpXjRx81sK1VilJzEfZGOCzHpiRq9X2HJ4tSuyTaJ7jXoW0VpeaAm2zZtVUqBbWGiXDZW1oGNkjzYqQIh4FYzVmIDg--wAh-6oyDOVUBVFZh7HIGIZWpVKeoad-ontVCXAtRL9hQrvt_FiWjL8RacP1rj6zrcahH3rG1FmJW10Q&sig=Cg0ArKJSzDi2zp4uZZwDEAE&urlfix=1&adurl=
Frame ID: 41FD103FD899958C410B2174008519CF
Requests: 37 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBgLTEyukvapAwMigJvxZL2jxyK_i_jKJdmctDGUJgtavBpKBvbGvHA1_GI_cT3pJo5om0GYhcA64l08AU0Hed_b5rfQd5vz_7DXcDOWyGdkcpU5hcpqy5i5FMO0P2_KTG8MFcFL_ooe4kMvq-lUEJMgSzjEGBcBWu9JFEe8E6lAg1MGZ0_cHNGZTVEERD6qBIxVhi5sA4fcNDpWlPm01gKe-4aeVuv52i9Hel70mD2x1GN1jSkHbq9eOxkhuzUiLhUSO3EyCgF2Zszo9-SBxyQXDOJYFmjBfv&sig=Cg0ArKJSzOykxdamYIJIEAE&urlfix=1&adurl=
Frame ID: C5FF10F12BB11887CBD1E5D49D784791
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufnr-m4gI1pzVLD_5Dc96jsBqecBDLFb1DHAhdr2Y-84JiDOKPERbns167rZIxVRr7vgJjpWiSsxabl3v58nmW0PFBWQdA35s2eEljtp2gA1_utrf7eBJ5AFsju9AfP0vCaz0E1Uw6BKtUcq1VZrSETVvr1LAEzjJ1DLZdsaTPUreRwi3jzw1HrVvvoQvK62FPO6l-3s3WqY3uT5tdJB3nj4NmfhzqjafBjWNUCN6arY38uDI3U_cEIbmHK9h7rGFat6QOwxcxZzy4jeUxLETj4DBWHKw7SYXJEIB8WhKr16s0NXBs0rxU&sig=Cg0ArKJSzKBXGm9EjGsrEAE&urlfix=1&adurl=
Frame ID: 53718D8E3897A4063F848CFA8DECCBD2
Requests: 37 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3g4Nh2Ut-tgJIc_VKt_TN1adGpsXNVNq6RQuaFlrzYsMe3I8HtsDWkm88TPHSJQjzJtT89YT7efYx3AxQZrJa3yd9XvnTcnjLTL7rIQAtJaLLDSiCp6188Pvi4Thbo6N5gyrgS1medV-pG8Y60ieV8P3i4S1h-F0N8dRV-VyHqH_XDTi0XEVElzOhYHQtSgQR1tQDacEsHwf9sCLc35IdqXwi56rqsia0UVPt4EwiO469Ky9_xNXiWO1h7iPy7vQKWxz2JrU6nDWjtt1sFlYVepjgDIr3pl8iR8_jKjOLyoOD4DV1dpRbA&sig=Cg0ArKJSzG5KPg2bGaB9EAE&urlfix=1&adurl=
Frame ID: A94E661E3C06FD0B6E49AC97C1700C64
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Frame ID: A5064C100C742B4D07FF3901E586B323
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-4pnS9_8GTsHcKLInGkovoeBXdJ1vOFeUQLS5DK1Ia1w7eBMs5dQmlJ0jlYZLpCRskdOAIBuTz0frW0IyUHFkWROwB9nfaCBv0oKkh47r4g6KT6G0D5jaqPvr_nOnOcE5X7BCKM6d5jp7SjshTAZzEtkqZOlQ7xI9Y3uetm13SxuBxNKRt37PWXPZG04l4pvXNrhAo0f824X56QdNePlHadHT9hKZTJm5d1QZ65qbvNQPmPUUN9K4s8s5ED36u0PTZM5OOtn1pRSaa-FChq01fBJ-69f25w&sig=Cg0ArKJSzDfYrTIti3yNEAE&urlfix=1&adurl=
Frame ID: 3CD30A0071911B64A2F6F8D840334543
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_D9VybglmXfcgEnD_qNa_USokqn6ln7SwABz2Uw2aFbCaWRI-eW35C6idquFpV8RLAzZRBTbn2eNOnxH_a5SVvviOLGn1SbZ80ddid4JV7PllSpmD51SV0VpEfsB5a9c_rSo2NbcRAFBDV4jn8mdFBl4u0GWAQpBYxscaVFe59mvqtAdR61Z_a3QLkj5bsrhZqeq7Y_61AOEDsXuPG_p_J8Cp4ep0EkaqimGzKwJGdcsAwpv5s1drD8TFWLKa8NJPQn_61Pj8LywLvyy1hM_hnIOeLYWDJGlM&sig=Cg0ArKJSzHh0EovMwsHEEAE&urlfix=1&adurl=
Frame ID: AAD426431B03888FB4708D02404EA3A1
Requests: 12 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 910F1B90EA6164EB2D0DD86CF7A63BE5
Requests: 1 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Frame ID: 3C50798FA148229B2B038AA0C8581AF0
Requests: 25 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A948443926C1C3B1FA230E05A5606A33
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 013C3B3559F1591603BA4BD6848C600F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F49341C53B60AC60F5074134BE29B163
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 09F351D8E9556582577298CA9C93CDBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: C0C614EB835DDBA90C652447B29632C6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdxGS9mSIo9EQaYc96cm72zL4kTVNzvzRgio-xbbkY6MU4tYFNtO0898eOLNYPKVSVw0GSSlZ3aZwsQUQqUuBtjwj0vBiLk_hz8XYud6-3su_J6t-uvk66l7QMQmXz_vt5mwNdN9oeUIEOj0VxLkiQm3ThLNYXbtRq5zq1-6Iytx9BdoLdVphKyKIZmfrUVkoB4YGWMK6imDqC5a5-laGaa3huuFJOSuEO0j23d_9n2F6JIRoikRXvsEQg9pTleFj6Juw_BsazG34lfLQO9LpfdZ5USSM_mw&sig=Cg0ArKJSzDYWYq3PHa0pEAE&urlfix=1&adurl=
Frame ID: AD584534D77D9F696CE074DC03B4A3F2
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUttLiS3U8iZrGH1GaYQVAmISyOLxrXyirH3ULCdJZje4sK7Leooan3oXYz1UTsuRrzrSj0DDQdW9p_g_Gh-7kd-7GOFLHyiTI3EvnGdiOs15q95aw8j1h8Y3QO2GM3BUR-37iL2QEyuWxYNmj9bcQvkw8hRJ8ZCUuzfuyQKu_CvkhCvM446j-XXifYqzrKJ17RGBMW2HExR0DRT56DJKeNDepuCOfKVw0XrNa3YAjyahtueds8atNA9HZpbjMgtiCBMAhJDVlQLJzQ5HM-CkHov-A9GqH54w&sig=Cg0ArKJSzFtDwhv4SEXXEAE&urlfix=1&adurl=
Frame ID: 457D92E0B57BB57A325058D66ADA028C
Requests: 5 HTTP requests in this frame

Frame: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=12F69D8&r=79DBD00A&t=5DD0BDA1&u=X29zMDFFdGZvNWNlWDgtX1k1T0lMRHlN&m=748c21a12f3d79b1249233e49e580b95&wp=B&aid=82C898464D3CD423&tid=15B22&s=5BED1&cp=0.11&n=ahsqutes.monster&pr=xx&epr=15e1dcf8b55d10c
Frame ID: F4D0093255874B2685F7EDEEACDA2A80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/204/runner.html
Frame ID: FE95C48628FB1DD7D995FEFA45C60395
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsva0F6bnk_4zawISBFRxrThvKwkR6Tq6LjKhwEaGjo2TaFm3dgu3WdaU0uJFb3BCG9pbyXiWga8fBbKVlNnYpyZljeTOMLDu8-L5xiY5LEEqEQYlYZhY0tw18JiffOoajf5NlIrGPGRMgjyADpJ0oueXacg12nnLrstBR6j7qKN3NgFUGMXvx5FZll5BzB-hmjegDUp8xRWJcR7YjtvRZhfgixQDOmMcD81ItkGG-VQADmfRXZcYJ1edSHbuiFnRR4uKY6MSyviZYc76dvsf3WCLjOgFmRpqEg&sig=Cg0ArKJSzD7X4oSh3p2vEAE&urlfix=1&adurl=
Frame ID: 798577235B197C77E4C6A785EF36D78D
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugo-LNTq8xP72iTKrJ1ZHfB_MSBn3mU4f_o65qRkj6R6zFqgl5JZ6FL3tvYPeyDOWXrz-RmNXL5oBMQDODIW3KHEVxaTzX8OBhO_El-ldNvUPD6a7MtONMl3UTTUjpDtu_CEnoocou1MR59JAeaMaR8R5FVFvqggk5M5EAA1A21O31KMPB2YLekrhTCqTU8Yddrx-CkrQjqGMcYdMcKoAaRlDfEcHoHGEbplZU_5TAIVlTgdlEz5TiWqlyvw8qESKr5gJgM3aUcqsbgCmQw3iCmPtdNEwtwxA&sig=Cg0ArKJSzBkBaGv-ryeiEAE&urlfix=1&adurl=
Frame ID: B0EA0268C8734D75E77BD1FD81E540EC
Requests: 6 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: E4F6885AC50AFF7E6465ACB4B8914CB8
Requests: 1 HTTP requests in this frame

Frame: http://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.38.0&
Frame ID: 93A6C2E1973ECCFB68413CCEBCF2810C
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4884B5D56038D0105F830FF1FF37B8BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B68540A1DF08B83A318D7400C5F098DA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E1DE07B81C4388652C0BB04D3558F881
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FF0CCC589D47A1DC92DAF76A04BFAD86
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 5D15A6690BFDC1DF722A495AA8E48F48
Requests: 1 HTTP requests in this frame

Frame: http://biddr.brealtime.com/check.html
Frame ID: E7EF5BE788313DD8BE67800F7401C59D
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: B2C9DF0EE97F889FD087B8B3145857F0
Requests: 1 HTTP requests in this frame

Frame: http://cdn.aralego.com/ucfad/cookie/sync.html
Frame ID: 4B78448846A012FE7A90BF57AAA2EA3F
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D810B97A9BDD0915AA45E84C848350BA
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8798434FFE3402F0235F2A980FE9737D
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Frame ID: 9ECFC8551DFFF47C61579890514F089C
Requests: 1 HTTP requests in this frame

Frame: http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Frame ID: 5BC987FDFEC278B01A96949FFAA31055
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dIrPkKFyCr6y4SaKkv7mNO&gdpr_consent=undefined
Frame ID: CE8D897548C62F850852BAC221ABEE90
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 21F1772AADF05CD95C3808BDE80AAD23
Requests: 1 HTTP requests in this frame

Frame: http://cdn.aralego.com/ucfad/cookie/sync.html
Frame ID: 5665D77C997DDB01E5738ADAE1B8CEC3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C84C8854A85899C18C7BF0CB2F187B14
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: DD93423B49CAB667B17D34FBE9823F1A
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Frame ID: 4736E3723C02B8BD9A7A6E2ACB8DA59D
Requests: 1 HTTP requests in this frame

Frame: http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Frame ID: 644CE65385F0A13742E137B774C0326C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FB805E013B5C7EDBB6539E5E8127D260
Requests: 1 HTTP requests in this frame

Frame: http://biddr.brealtime.com/check.html
Frame ID: 8DCEF143B44E83D174BD0AB6F933748C
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F3F516EF00EF8A7FABF429C1396F42DA
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 551FEAC03080911D932FE7EEAA73EA87
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A47BED1181421FDC439336183DD1508A
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 092AA10CF3C6FB2D63F7E57E641B44BA
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Frame ID: DC4BD67408AC1ED0E43E7EE2FF2D8CE3
Requests: 1 HTTP requests in this frame

Frame: http://biddr.brealtime.com/check.html
Frame ID: 91C56736538371F8C2DFA8236C961A60
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: CAEE67E3584F79DCA19A1D0DBE425A4F
Requests: 1 HTTP requests in this frame

Frame: http://cdn.aralego.com/ucfad/cookie/sync.html
Frame ID: 1A0ECD66673F79BEA01861B4933C718C
Requests: 1 HTTP requests in this frame

Frame: http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Frame ID: 457700696335D43A4635AA243DEE6FB6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DFCCFFB133EC7273530E90E999635FB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

472
Requests

65 %
HTTPS

33 %
IPv6

61
Domains

120
Subdomains

88
IPs

12
Countries

6535 kB
Transfer

11771 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • http://www.instagram.com/embed.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
Request Chain 78
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=491895035&t=pageview&_s=1&dl=http%3A%2F%2Fahsqutes.monster%2F&ul=en-us&de=UTF-8&dt=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1660482971&gjid=1490964046&cid=1556147499.1573961118&tid=UA-86316-1&_gid=1010882067.1573961118&_r=1&gtm=2ouav3&z=968738196 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_gid=1010882067.1573961118&gjid=1490964046&_v=j79&z=968738196 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196&slf_rd=1&random=119163081
Request Chain 79
  • http://b.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fahsqutes.monster%2F&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fahsqutes.monster%2F&c9=
Request Chain 81
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 95
  • https://i.clean.gg/1a HTTP 302
  • https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Request Chain 96
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js HTTP 301
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Request Chain 109
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1573961118684 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&rev_dt=1573961118684&s=2 HTTP 302
  • https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&bidder=3&bidder_uid=dYDeRjy2R9hCprjF9Bkk
Request Chain 110
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D&geo=35&rev_dt=1573961118684 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%25253D%26geo%3D35%26rev_dt%3D1573961118684 HTTP 302
  • https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=1566499650083963733&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&geo=35&rev_dt=1573961118684
Request Chain 111
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1573961118684 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1573961118684 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3a185f8f-02df-499b-b712-59eb9d7eca86 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fd1ff895-7904-413e-aa89-2f99189be915&ssp=revcontent HTTP 302
  • https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3a185f8f-02df-499b-b712-59eb9d7eca86
Request Chain 113
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D153%26bidder_uid%3D%7Buid%7D%26exchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D&rev_dt=1573961118684 HTTP 302
  • https://cm.revcontent.com/pixel_sync?bidder=153&bidder_uid=ff68917891eca2da&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D
Request Chain 114
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&rev_dt=1573961118684 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&rev_dt=1573961118684 HTTP 302
  • https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk=&bidder=154&bidder_uid=fd1ff895-7904-413e-aa89-2f99189be915
Request Chain 124
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 146
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252
Request Chain 147
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252
Request Chain 148
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252
Request Chain 149
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252
Request Chain 150
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252
Request Chain 151
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252
Request Chain 152
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252
Request Chain 153
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;apid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252
Request Chain 154
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252
Request Chain 176
  • http://connatix-d.openx.net/v/1.0/av?auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=242aad75133faddf72261573961119710&vwd=1584&vht=891&gdpr=1&gdpr_consent=0 HTTP 302
  • http://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=242aad75133faddf72261573961119710&vwd=1584&vht=891&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 266
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223259f30343981fb%22%2C%22pid%22%3A%2222111804%22%2C%22tid%22%3A%22f42adabd-c4dc-42ff-b645-0bd1211e12c8%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22337110ff6fc6a45%22%2C%22pid%22%3A%2222111805%22%2C%22tid%22%3A%22b56fbf69-22dd-4cb4-9dc6-8b3ffb27cab3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223259f30343981fb%22%2C%22pid%22%3A%2222111804%22%2C%22tid%22%3A%22f42adabd-c4dc-42ff-b645-0bd1211e12c8%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22337110ff6fc6a45%22%2C%22pid%22%3A%2222111805%22%2C%22tid%22%3A%22b56fbf69-22dd-4cb4-9dc6-8b3ffb27cab3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 282
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222669192287e42f8%22%2C%22pid%22%3A%2222111803%22%2C%22tid%22%3A%2277379a22-1017-4efc-ab70-56c8760b6fc5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222669192287e42f8%22%2C%22pid%22%3A%2222111803%22%2C%22tid%22%3A%2277379a22-1017-4efc-ab70-56c8760b6fc5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 438
  • http://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 439
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn HTTP 302
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
Request Chain 441
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e?gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
Request Chain 457
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ice.360yield.com/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ice.360yield.com/ul_cb/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&google_tc= HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESELd8oDEl5jz5fGysFIJmkXA&google_cver=1
Request Chain 459
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&google_tc= HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESEK_sH_l_fOgxq94dx6tPfOI&google_cver=1
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESED-uyS04UFlvPywozvc24JQ&google_cver=1
Request Chain 462
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340 HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
Request Chain 473
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESECKTLF5ZTk7exfXL_zedad0&google_cver=1

472 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ahsqutes.monster/ 		84 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache / PHP/5.3.3
Resource Hash
797bf61e6e667253c0bcf851a7e78d831db1391bb867f53e142243dcc1f84235

Request headers

Host
ahsqutes.monster
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:06 GMT
Server
Apache
X-Powered-By
PHP/5.3.3
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
style.css
ahsqutes.monster/wp-content/themes/default/ 		0
227 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ahsqutes.monster/wp-content/themes/default/style.css?v=07312019
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:07 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.3
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30565b1e406c2b5eed69c41d980781dcbcc8373ddb964a86d5a7cd8645f7e370
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:17 GMT
content-encoding
br
last-modified
Sun, 17 Nov 2019 03:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27625
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:17 GMT
wpBannerizeStyleDefault.css
www.justjared.com/wp-content/plugins/wp-bannerize/css/ 		341 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/plugins/wp-bannerize/css/wpBannerizeStyleDefault.css?ver=3.2.1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
2bfd2baed10b43bc72e9f03f83f191a672b21fb77e71b598591426b900c43e76

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-155"
Transfer-Encoding
chunked
X-HW
1573961117.dop018.fr8.t,1573961117.cds110.fr8.sc,1573961117.cds110.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Sun, 24 Nov 2019 03:25:17 GMT
l10n.js
www.justjared.com/wp-includes/js/ 		308 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-includes/js/l10n.js?ver=20101110
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
1ba66173d4190b0bf03a803e28101feefea6db94265794bca3a76fc387b4e402

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-134"
Transfer-Encoding
chunked
X-HW
1573961117.dop018.fr8.t,1573961117.cds070.fr8.sc,1573961117.cds070.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Sun, 24 Nov 2019 03:25:17 GMT
jquery.js
www.justjared.com/wp-includes/js/jquery/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-includes/js/jquery/jquery.js?ver=1.6.1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a97554ecfbdaeeeabbc928f8e242a6b99cecc51be9e3565b8d808e02e226af86

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-164e3"
Transfer-Encoding
chunked
X-HW
1573961117.dop001.fr8.t,1573961117.cds054.fr8.sc,1573961117.cds054.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Sun, 24 Nov 2019 03:25:17 GMT
pagenavi-css.css
www.justjared.com/wp-content/plugins/pagenavi/ 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/plugins/pagenavi/pagenavi-css.css
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
W/"5dd00ea8-55d"
Transfer-Encoding
chunked
X-HW
1573961117.dop001.fr8.t,1573961117.cds059.fr8.sc,1573961117.cds059.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Expires
Sun, 24 Nov 2019 03:25:17 GMT
jsapi
www.google.com/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/jsapi
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
245133e87c0dfc4594954035be9f206ae3be1fa93df8dbcc37bb179315aa3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
GSE
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, max-age=3600, must-revalidate
Vary
Accept-Encoding
Content-Length
6420
X-XSS-Protection
1; mode=block
Expires
Sun, 17 Nov 2019 03:25:17 GMT
jquery.mobile.custom.swipe.min.js
ahsqutes.monster/wp-content/themes/default/js/ 		0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ahsqutes.monster/wp-content/themes/default/js/jquery.mobile.custom.swipe.min.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:07 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.3
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=UTF-8
jj-mobile.js
ahsqutes.monster/wp-content/themes/default/js/ 		0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ahsqutes.monster/wp-content/themes/default/js/jj-mobile.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:07 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.3
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=UTF-8
target.js
ahsqutes.monster/wp-content/themes/default/ 		0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ahsqutes.monster/wp-content/themes/default/target.js?1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:07 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.3
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
797d081d5d1cf52578e5286bb19c0d62adc09b0556171dcec2003b1e80bee59d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37760
x-xss-protection
0
server
cafe
etag
13760168803934058634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Nov 2019 03:25:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"339 / 741 of 1000 / last-modified: 1573848417"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15660
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:17 GMT
jjh.js
tradecraft.s.llnwi.net/v1/pub/01/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
CloudStorage /
Resource Hash
154eafe1535b25f6276b63d7dcf0c83b74f01ce5e0581909c28dafd1394e70b1

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Fri, 15 Nov 2019 15:48:45 GMT
Server
CloudStorage
Age
19752
Content-Type
application/javascript
X-Agile-Checksum
154eafe1535b25f6276b63d7dcf0c83b74f01ce5e0581909c28dafd1394e70b1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49782
tag.min.js
get.s-onetag.com/47416066-75ac-4502-baa0-de158d16c3ce/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://get.s-onetag.com/47416066-75ac-4502-baa0-de158d16c3ce/tag.min.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:2156:1400:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52eb6f6b1083d8fce690b1bd5bc46fdfaf81bda7c9af91783087bdebee4c9754

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
VXaCXqCmlact2DCzaCa143SkiikdS6W0
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 14 Nov 2019 17:09:07 GMT
Server
AmazonS3
Age
2804
Date
Sun, 17 Nov 2019 02:38:34 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
BVX9syS0QupTXka1oZ22luPlyeZ4a6lBvI4osmh6B7WGSSsqKdE88w==
justjared_circlelogo_2.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/justjared_circlelogo_2.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
cd51eaac7aeea52454c44304b658e9746ffd7695ac761a688651f398e36dad62

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-1239"
X-HW
1573961117.dop138.fr8.t,1573961117.cds006.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4665
jjlogo4.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/jjlogo4.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
563c3112d49170aa9a38e0d1b10a7c0806fffd809bfd87026ff0a3e5b28e89f5

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-a2d"
X-HW
1573961117.dop143.fr8.t,1573961117.cds133.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2605
button_jjj.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/button_jjj.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
88289d80341fe22de81d02e2f0b5dff59b1c4f40f0ad6c4d4084170591fdd68f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-810"
X-HW
1573961117.dop137.fr8.t,1573961117.cds097.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2064
button_feed.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/button_feed.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
970d39cb51862f15dea788a5d3b6f6e47298c62fcbd35005ef45c8396e789ed8

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-9fa"
X-HW
1573961117.dop142.fr8.t,1573961117.cds051.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2554
button_twitter.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/button_twitter.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
d59bcebbf95128efbfab69bf12933eb6c81100763afa15030065050f24d4b6e2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-a21"
X-HW
1573961117.dop138.fr8.t,1573961117.cds005.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2593
button_facebook.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/button_facebook.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
1b66db6bcc390431341efde148bf1e02b15ce688d58bfe04eb698e7d46e06577

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-97a"
X-HW
1573961117.dop143.fr8.t,1573961117.cds133.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2426
button_instagram.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/button_instagram.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
5005093dd543c0df08b89f3df6b83915f511b16c5cfa468cfb4827a7ed23fe90

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-9f3"
X-HW
1573961117.dop137.fr8.t,1573961117.cds130.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2547
shawn-mendes-camila-cabello-sushi-with-a-friend.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/shawn-mendes-camila-cabello-sushi-with-a-friend.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
ec359d16501a10813dd0437da88e04d6c2d564038d047103b00a0c50ee54477c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 22:43:21 GMT
ETag
"1573944201"
X-HW
1573961117.dop142.fr8.t,1573961117.cds052.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=588246
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
34022
patricia-heaton-husband-david-hunt-accused.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/11/patricia-heaton-husband-david-hunt-accused.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
ea11bceb8be1508534e7d4b2226f3d106ad6a9f79bb804580d910fb259981e98

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 20:03:27 GMT
ETag
"1573934607"
X-HW
1573961117.dop138.fr8.t,1573961117.cds015.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=579479
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25998
big-sean-jhene-aiko-new-song.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/big-sean-jhene-aiko-new-song.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
33923fc85a084c0adadf8c9366a6a0694d4c9a9791a30ba9ced8066a7df92b30

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 21:49:03 GMT
ETag
"1573940943"
X-HW
1573961117.dop143.fr8.t,1573961117.cds056.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=584891
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30831
jeff-bezos-says-hes-being-extorted.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/02/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/02/jeff-bezos-says-hes-being-extorted.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
344599193b13fdf1c86eff77ffbf0f77e83e1b70b4d0a4c363eb3b9e94a9bc8c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Thu, 18 Apr 2019 15:38:47 GMT
ETag
"1555601927"
X-HW
1573961117.dop138.fr8.t,1573961117.cds068.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=569328
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68830
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
cf2e4ca46bdbcace5c70c655869f23d3b604bb0d5b6a221265bc21ae18009b49

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:47 GMT
ETag
"1573960547"
X-HW
1573961117.dop142.fr8.t,1573961117.cds057.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604469
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
80955
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-01.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-01.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
236a65b4a1fb3531595836c2d7e456b8e6298c896cebaa7d10dfd4db65392dce

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:20 GMT
ETag
"1573960520"
X-HW
1573961117.dop138.fr8.t,1573961117.cds124.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604454
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4025
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-02.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-02.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
301272b71a2b252dfaaa0e182c5b8a8f8a2807c4d4762d72319fd05e36d15e61

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:20 GMT
ETag
"1573960520"
X-HW
1573961117.dop143.fr8.t,1573961117.cds150.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604457
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3985
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-03.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-03.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
c53869876c6542e83b888f35378793083d7c796ea89be2ba0a8d187bc2d251ef

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:20 GMT
ETag
"1573960520"
X-HW
1573961117.dop137.fr8.t,1573961117.cds009.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604460
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4054
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-04.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-04.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d133fe10f39e3c6af09693ee16cc092246cd602ef89c652f0d9e0aba1a094e22

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:20 GMT
ETag
"1573960520"
X-HW
1573961117.dop142.fr8.t,1573961117.cds002.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604463
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3765
felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-05.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2019/11/huffman-salon/thumbs/felicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills-05.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
ae7776c47f10e298ad0d832f7f47410bc931162fe1e08fc306d89f99908b12f7

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 03:15:20 GMT
ETag
"1573960520"
X-HW
1573961117.dop138.fr8.t,1573961117.cds078.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604465
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3984
derek-hough-undergoes-emergency-surgery-to-have-appendix-removed.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/derek-hough-undergoes-emergency-surgery-to-have-appendix-removed.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
761db9a30319ab01fd0632c495c1a48017e4837081203baf7ce3a9f4fa88b7e4

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 02:48:34 GMT
ETag
"1573958914"
X-HW
1573961117.dop143.fr8.t,1573961117.cds059.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602864
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
54398
2fe3a16f6aeb.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • http://www.instagram.com/embed.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a4ca2aab7f67fff86ca9da7b1c4d717d22f52f9e69efc9f4f10346dfd78eaa3d

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 Nov 2019 18:32:22 GMT
x-fb-trip-id
1679558926
status
200
etag
"2fe3a16f6aeb"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4920

Redirect headers

status
302
date
Sun, 17 Nov 2019 03:25:17 GMT
x-fb-trip-id
1679558926
cache-control
max-age=21600
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
content-type
text/html; charset=utf-8
sarah-palin-divorce-husband-todd-palin-in-an-email.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2019/11/sarah-palin-divorce-husband-todd-palin-in-an-email.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
61af862bc7caf82c938389b9981a642b662811179aadbab8539f74a799e6c6da

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 02:12:33 GMT
ETag
"1573956753"
X-HW
1573961117.dop137.fr8.t,1573961117.cds133.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=600705
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
88424
kylie-mod.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/kylie-mod.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
8a5a107bb79520bfe5cffde58be6791c3f66ce34349d89494b269504c556ea6a

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Mon, 11 Nov 2019 21:25:46 GMT
ETag
"1573507546"
X-HW
1573961117.dop142.fr8.t,1573961117.cds150.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=151256
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33963
tmz.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/featured/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/featured/tmz.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-a0b"
X-HW
1573961117.dop138.fr8.t,1573961117.cds136.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2571
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2019/11/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b393e0b2e78aa7bb6d114f846664ee238e839bcc81c867e501c737edf4e2c8fe

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:38 GMT
ETag
"1573954778"
X-HW
1573961117.dop143.fr8.t,1573961117.cds087.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598955
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
144635
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-01.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-01.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4bf24f49b6bf67beed912087b516b909ec72f0ea400007c84e6077a77e15493d

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:37 GMT
ETag
"1573954777"
X-HW
1573961118.dop137.fr8.t,1573961118.cds123.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598954
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3464
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-02.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-02.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
16673014b568a37171c25bcc56b0fa2187ccd37be6fa65c562c8a5b3708d962a

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:37 GMT
ETag
"1573954777"
X-HW
1573961118.dop142.fr8.t,1573961118.cds104.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598954
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4406
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-03.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-03.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
be40753695f080c20770708e19ce7b074a374e537908bb022b607320f6087c39

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:37 GMT
ETag
"1573954777"
X-HW
1573961118.dop138.fr8.t,1573961118.cds075.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598954
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5141
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-04.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-04.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
865bdf73e082f1b29bb4b03592359e20347175da6a51d336642a0322090d22fe

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:37 GMT
ETag
"1573954777"
X-HW
1573961118.dop143.fr8.t,1573961118.cds135.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598954
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3543
olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-05.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2019/11/wilde-napa/thumbs/olivia-wilde-raymond-vineyards-trailblazer-award-napa-film-fest-05.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d2753cfad04bfad4418623ea7df72fbb8f16df58ce2b8592efcaa3bb60f3b688

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:39:37 GMT
ETag
"1573954777"
X-HW
1573961118.dop137.fr8.t,1573961118.cds085.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=598954
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4398
morebar.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/morebar.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
c499ce33b2a130245a2e37676df8c9197b81c23c90015c00d36aa7d827e5dce2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-9d2"
X-HW
1573961118.dop142.fr8.t,1573961118.cds064.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2514
ariana-grande-updates-fans-on-health-has-trouble-breathing-during-show.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ariana-grande-updates-fans-on-health-has-trouble-breathing-during-show.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e1ff41a8163cc49716cfc902fa3c6aed66351331354569a0c2d44e6122e9efb2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 00:57:49 GMT
ETag
"1573952269"
X-HW
1573961118.dop138.fr8.t,1573961118.cds087.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=597212
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
118853
ariana-grande-warns-fans-she-might-have-to-cancel-a-show-due-to-health-01.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2019/11/ariana-update/thumbs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2019/11/ariana-update/thumbs/ariana-grande-warns-fans-she-might-have-to-cancel-a-show-due-to-health-01.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
785bf2b7e6bfe2cae3f1fddeec51c120acafd3ad398bef078bf631ce91a56e2f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:09:43 GMT
ETag
"1573952983"
X-HW
1573961118.dop143.fr8.t,1573961118.cds128.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=597389
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3192
jane-no-arrest-links.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2019/11/jane-no-arrest-links.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
bb84fcb5f1eb1961ba9120a66f20a59e9b40aada9035dcc59935b69a7d2e2ce0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sat, 16 Nov 2019 01:57:42 GMT
ETag
"1573869462"
X-HW
1573961118.dop137.fr8.t,1573961118.cds120.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=513186
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
31595
hannah-jeter-went-into-hiding-gaining-70lbs-pregnancy.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2019/11/hannah-jeter-went-into-hiding-gaining-70lbs-pregnancy.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
795624f8a6e25872201f4f5d897a6563bc1440bab55802319641a235005fb84e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 01:01:13 GMT
ETag
"1573952473"
X-HW
1573961118.dop142.fr8.t,1573961118.cds134.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=596670
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
75805
delivery.js
assets.revcontent.com/master/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.revcontent.com/master/delivery.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3793848fa6914a0e3ef04f8f03fd38a1445de58703f8d71791515ecb634ef7f3

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 20:08:13 GMT
Server
AmazonS3
x-amz-request-id
4BB4ADF974C161D0
ETag
"5938fc6677179f1776e919d177a38278"
X-HW
1573961118.cds134.fr8.h2,1573961118.cds146.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53157
x-amz-id-2
HHDuS99kMYITrJ0Zaw4V0OhtutiM4hXfAwZXqq1ubgrJcn2xoKxJ7ZWFlMuLGSpC1d2mMWvskzw=
taylor-swift-square.jpg
cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/taylor-swift-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
78ddd0462a3d3522857c98c91600aaaf784b06cb186149c209cabe7bb905756d

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop138.fr8.t,1573961118.cds087.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=227691
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8372
jamie-dornan-square.jpg
cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/jamie-dornan-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
8277e342d4012bb526f8cf283af2a45475212430aa89f426852055bc4ef5bec3

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop143.fr8.t,1573961118.cds131.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=231254
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8192
kim-kardashian-square.jpg
cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/kim-kardashian-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
abe25423757ae3e0539bd655e7c72e5167da865799ebde956c9b4bfb025fd562

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop137.fr8.t,1573961118.cds120.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=236921
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8144
beyonce-knowles-square.jpg
cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/beyonce-knowles-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a0ce4453fa637641e156899aff2045502a8806c0739c1cda4399f6d5c1d2fc07

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop142.fr8.t,1573961118.cds134.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=283491
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7762
dakota-johnson-square.jpg
cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/dakota-johnson-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
f5fa6657656652bb272ae1ebe1cfc93bac1895be065a8598472cd294e5cfa1c5

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop138.fr8.t,1573961118.cds087.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=226536
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8028
leonardo-dicaprio-square.jpg
cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/leonardo-dicaprio-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
8143a28edd6ad544a3dca1fd7ffcf368573fca0922e8e5918aa5d81e88a2aa7e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop143.fr8.t,1573961118.cds131.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=217181
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8159
angelina-jolie-square.jpg
cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/angelina-jolie-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
3d816548b6f66b091ae7c8f1e6b2a2e63bd0e69ee16b3075a38e1ab418e61634

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop137.fr8.t,1573961118.cds120.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=231202
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8305
sam-heughan-square.jpg
cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/sam-heughan-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
23a3d2127e61ed379997613e69a76129edade1c3776382030d68745e6300278c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop142.fr8.t,1573961118.cds082.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=252416
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8037
kylie-jenner-square.jpg
cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/kylie-jenner-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
0306aca6920f514fcc85aa7fa47965f75c5429b19f182276551250c83822aa51

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop138.fr8.t,1573961118.cds014.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=264736
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7740
gerard-butler-square.jpg
cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/gerard-butler-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
eb5ce2ef8ee3581fc1fd45ae3a7088940dd7fad537d7655b04b4f807d5ea7877

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop143.fr8.t,1573961118.cds131.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=215555
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8476
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3101
date
Sun, 17 Nov 2019 02:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 17 Nov 2019 04:33:37 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Mon, 18 Nov 2019 03:25:18 GMT
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
91.228.74.134 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17-Nov-2019 03:25:18 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Sun, 24 Nov 2019 03:25:18 GMT
cmp.js
quantcast.mgr.consensu.org/ 		210 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:2000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e32b1dddc88a316aed9d170f0a7b230ebf796d8a4331898cf990484db8881d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:24:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Oct 2019 20:36:18 GMT
server
AmazonS3
age
184
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
FWlHwFHSFdI6Nz_mOCUvp3MCvrrqJDIv_cQLTqVf-UyLfVNg2SMaRg==
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 23:03:20 GMT
Server
ECS (fcn/41AE)
Etag
"dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28705
bikini-celebs-square.jpg
cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/bikini-celebs-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b8c432a1f6b019a2992d0f34e3a609e613fabc41ca0ed96d8e9bdeb80730da40

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop137.fr8.t,1573961118.cds060.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=252286
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11315
brad-pitt-square.jpg
cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/brad-pitt-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
01e589935d6e8f3e2724760655417aaa35a7e9f8afddd65a5d9b29c9722c43b4

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop142.fr8.t,1573961118.cds140.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=298536
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7906
rihanna-square.jpg
cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/rihanna-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
66cb5ac1be6b22f9b0cb08f85da4571b43f3a671cce1132f420a14a4ccf83769

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop138.fr8.t,1573961118.cds076.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=252031
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8731
jennifer-lawrence-square.jpg
cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/jennifer-lawrence-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
077e59ac722019e0681c687fded5d985dd1e210f41bcebe27ac780a5e7ba719e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop143.fr8.t,1573961118.cds131.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=319482
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7797
kristen-stewart-square.jpg
cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/sidebar/topcelebs/kristen-stewart-square.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a520fde7ce0c5e4cf7107fb585beb21525d9a78713a8f99f2f9ea3b263c7c33d

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:04 GMT
ETag
"1555602184"
X-HW
1573961118.dop137.fr8.t,1573961118.cds147.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=230724
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8838
jjjr_logo_featured.gif
cdn02.cdn.justjared.com/wp-content/uploads/sidebar/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/sidebar/jjjr_logo_featured.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:03 GMT
ETag
"1555602183"
X-HW
1573961118.dop142.fr8.t,1573961118.cds140.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=20808
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5311
ariana-grande-warns-fans-she-might-have-to-cancel-a-show-due-to-health.jpg
cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/ariana-grande-warns-fans-she-might-have-to-cancel-a-show-due-to-health.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9973beab1b7ed34227ff98e41bec0fba5ef4f6dcfb809a9aa683065d2e47f807

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 00:57:44 GMT
ETag
"1573952264"
X-HW
1573961118.dop149.fr8.t,1573961118.cds143.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
89442
gaten-matarazzo-feels-like-hes-in-an-episode-of-black-mirror-sometimes.jpg
cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/gaten-matarazzo-feels-like-hes-in-an-episode-of-black-mirror-sometimes.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
f575381349bcc657b74552561563d7e5361c0f928d9bfaf201914f79244da45c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sun, 17 Nov 2019 00:25:42 GMT
ETag
"1573950342"
X-HW
1573961118.dop147.fr8.t,1573961118.cds124.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
157399
jojo-siwa-totally-transforms-into-a-vsco-girl.jpg
cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2019/11/jojo-siwa-totally-transforms-into-a-vsco-girl.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b900a698a80c18591a6602318e9a5b1401f507e42e412363c88c78f758d4455b

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sat, 16 Nov 2019 22:44:57 GMT
ETag
"1573944297"
X-HW
1573961118.dop147.fr8.t,1573961118.cds001.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
73302
tmz_footer.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/tmz_footer.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-a39"
X-HW
1573961118.dop138.fr8.t,1573961118.cds078.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2617
toofab_footer2.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/toofab_footer2.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-a24"
X-HW
1573961118.dop143.fr8.t,1573961118.cds131.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2596
celebitchy_footer2.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/celebitchy_footer2.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
08133d0ee648738d6facda4033282f85fae771b15960105b196edfbb9af06d8b

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-ab8"
X-HW
1573961118.dop137.fr8.t,1573961118.cds016.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2744
jj-circle-logo.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/jj-circle-logo.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
fd7d56a17cea82187ea278ff309a9f0a5a7df09f43d6e539968369a11f2c458b

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-552"
X-HW
1573961118.dop142.fr8.t,1573961118.cds140.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1362
jr-circle-logo.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/jr-circle-logo.gif
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Fri, 15 Nov 2019 20:52:47 GMT
Server
nginx
ETag
"5dcf101f-5f6"
X-HW
1573961118.dop138.fr8.t,1573961118.cds078.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1526
wpBannerizeFrontend.min.js
www.justjared.com/wp-content/plugins/wp-bannerize/js/ 		170 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/plugins/wp-bannerize/js/wpBannerizeFrontend.min.js?ver=3.0.62
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
62dbe06ef726114e6b863ce5fdde493268e8ad27791fb50ce864395232f68e1a

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 14:58:48 GMT
Server
nginx
ETag
"5dd00ea8-aa"
Transfer-Encoding
chunked
X-HW
1573961117.dop143.fr8.t,1573961117.cds013.fr8.sc,1573961117.cds013.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Sun, 24 Nov 2019 03:25:17 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=491895035&t=pageview&_s=1&dl=http%3A%2F%2Fahsqutes.monster%2F&ul=en-us&de=UTF-8&dt=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Ju...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_gid=1010882067.1573961118&gjid=1490964046&_v=j79&z=968738196
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196&slf_rd=1&random=119163081
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196&slf_rd=1&random=119163081
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86316-1&cid=1556147499.1573961118&jid=1660482971&_v=j79&z=968738196&slf_rd=1&random=119163081
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fah...
  • http://b.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fa...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fahsqutes.monster%2F&c9=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1573961118118&ns_c=UTF-8&cv=3.1&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fahsqutes.monster%2F&c9=
Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: www.google.com
URL: http://www.google.com/jsapi
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Nov 2019 15:25:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
388804
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
24715
X-XSS-Protection
0
Expires
Wed, 11 Nov 2020 15:25:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"339 / 809 of 1000 / last-modified: 1573848417"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15660
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:18 GMT

Redirect headers

Date
Sat, 16 Nov 2019 23:35:50 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
13768
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=86400
Content-Length
249
X-XSS-Protection
0
Expires
Sun, 17 Nov 2019 23:35:50 GMT
script.js
db356nau468gk.cloudfront.net/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://db356nau468gk.cloudfront.net/script.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
HTTP/1.1
Server
2600:9000:20eb:ac00:1e:48a3:1500:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a171b2d0475189232a4c25d13758611a881a455c988ba5f6d39275f042b5ece2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:34:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Oct 2019 10:12:22 GMT
Server
AmazonS3
Age
6674
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
VXON01B_OrH5c8T13k6Fyg4AJ1Nph9pwNXxVv78V4bf_ZbTvL8jqUg==
adap.js
tradecraft.s.llnwi.net/v1/pub/ 		220 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/adap.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
HTTP/1.1
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
CloudStorage /
Resource Hash
ffac40549b8b980033c3720db5b8d58580fc7c87243afdfaacc4b5090195485e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Mon, 04 Nov 2019 19:44:57 GMT
Server
CloudStorage
Age
116043
Content-Type
application/javascript
X-Agile-Checksum
ffac40549b8b980033c3720db5b8d58580fc7c87243afdfaacc4b5090195485e
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
225368
apstag.js
c.amazon-adsystem.com/aax2/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
HTTP/1.1
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
f623e1d423f85d8c36affb7faf68d0b804e0389e2621de2ea9eb97bb0df21c76

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 16 Nov 2019 21:29:42 GMT
Content-Encoding
gzip
Connection
keep-alive
Server
Server
Age
21336
ETag
be7f8341d4f7676793a79e413ef9eafd
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
kCRkM2fN2RnP4TP6V3DdsibVOQXxaYcIHJILvD_Mxyc7RrPTpC7TWA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.facebook.net/en_US/sdk.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e49f77ef228b7bf7b27289fbf657c347246d44eb787351b7b2f684f8c680d31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-MD5
G3nE4y6RsVJUtuMFLgtWCg==
Connection
keep-alive
Alt-Svc
h3-23=":443"; ma=3600
Content-Length
1780
ETag
"d25885e10f7851dd83cd50b53f09c029"
X-FB-Debug
vSR7XNuAASzZAxGw8Lx0Ra6WC4EHmdCeZy6BPZAQnCUZG2+4vsrvZ2uA6pmkTq1jvZuyKAvpBdvZ7HxzeEFPtg==
X-FB-TRIP-ID
420120009
x-fb-content-md5
469ef3b2d0967f1d86d0293f55bad968
X-Frame-Options
DENY
Date
Sun, 17 Nov 2019 03:25:18 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-FB-Content-MD5
Cache-Control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
Expires
Sun, 17 Nov 2019 03:31:15 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111201.js
securepubads.g.doubleclick.net/gpt/ 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
6d5783f621f26ce9d9f954568ff21d24e8f6986910c05388a1f0098a939b38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59852
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:18 GMT
beacon.min.js
beacon.s-onetag.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/47416066-75ac-4502-baa0-de158d16c3ce/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:e800:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
QuZjBQ9JYyZaR8wz.Z.0oyNzLjKP2j64
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 16:59:56 GMT
server
AmazonS3
age
1504
date
Sun, 17 Nov 2019 03:00:25 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
bQX8QQbQHK8L_Mk3YrNVDSYZYWFpKcGbvGbueBV-QTTweSaBPtKS7g==
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191112/r20190131/ 		223 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
840eada3a43318aa004a2bd3f766dde2b6870c65dc9850127810ec5bb96a4b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
85961
x-xss-protection
0
server
cafe
etag
3513452791631235882
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Nov 2019 03:25:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191112/r20190131/ Frame 7994 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 12 Nov 2019 15:12:21 GMT
expires
Tue, 26 Nov 2019 15:12:21 GMT
content-type
text/html; charset=UTF-8
etag
17893446177683960593
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7725
x-xss-protection
0
cache-control
public, max-age=1209600
age
389577
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v26/ Frame CD00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v26/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v26/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Mon, 28 Oct 2019 20:36:15 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Sun, 17 Nov 2019 03:17:14 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qIJYyDTAtmQWpr78RM29JISZG7DE7IbheMpSzHyasm7zUc9XV10CcA==
age
1249
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
X-Amz-Cf-Pop
FRA50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 01 Nov 2019 13:46:13 GMT
Server
AmazonS3
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Id
RdJD72Fqj1Ys0ISMS_L3llJ2FHHK5iveeHs_MUXEWqpdUmrVLyMRZw==
sdk.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=da9e6479bf0e410bc39fa59f62134b69&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e6d699e02fef47860c943a5587789cc4a5b5e9174af64048a5cf8214d204e32a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
Origin
http://ahsqutes.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Bs4/HjE7nTj52eu2tj14zA==
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
59476
etag
"d718b2060fb6e509bfc1a4adb10eb4d9"
x-fb-debug
2mJSiUKA2o4elgfKbckRRxK0FK8nP38iNnylMZp7hTFXEPVsUyVuj590AJWmZ3dTgBd4nxu2VXDWUeleIszopA==
x-fb-trip-id
420120009
x-fb-content-md5
cb6322445f3c7080cada3f8f9f8dd70a
x-frame-options
DENY
date
Sun, 17 Nov 2019 03:25:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 16 Nov 2020 01:50:32 GMT
958153f1b8b96ec4c4eb2147429105d9.json
dw7nrwnn2bkh1.cloudfront.net/
Redirect Chain
  • https://i.clean.gg/1a
  • https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:7600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5193ba3a7a6fcf7f829c7c830d5fa6a8b520962c93677386b350fe860bd5e09

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 21:32:55 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
21016
x-cache
Hit from cloudfront
status
200
content-length
1761
last-modified
Wed, 13 Nov 2019 21:32:42 GMT
server
AmazonS3
etag
"3b08f4ccda4b06da8dcaa4c6fa794c1c"
access-control-max-age
600
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
z1lhytkY2kvOmJULonJxvBFBnNClFKYqyPDZjjirqGOIULZ4K9Xz9w==

Redirect headers

date
Sun, 17 Nov 2019 03:25:18 GMT
server
nginx/1.15.10
status
302
location
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Content-Type, Origin, Accept, Referer, Cache-Control, Content-Length, Accept-Language, User-Agent, Pragma, Accept-Encoding, x-api-key
content-length
0
rules-p-2bXhGE9g7fCno.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
3 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 20:18:38 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:48:44 GMT
server
AmazonS3
age
25601
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
l5p9-0otvd8kBdagXbi5uC82N2KAZ7ipJ-SAvaoUcWmVacFaO3MhRA==

Redirect headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
3TjbAbtG0Z5pmJBX-3aFjGWxWY-6xKVExJISLCrwcPo8k7YraBSpcA==
ads
googleads.g.doubleclick.net/pagead/ Frame A855 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637254547934685&output=html&adk=1812271804&adf=3025194257&lmt=1573961118&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fahsqutes.monster%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573961118421&bpp=6&bdt=762&fdt=134&idt=135&shv=r20191112&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3406673660160&frm=20&pv=2&ga_vid=1556147499.1573961118&ga_sid=1573961119&ga_hid=491895035&ga_fc=0&iag=0&icsg=2251800881146368&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C410075106&oid=3&pvsid=2434550735028448&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8637254547934685&output=html&adk=1812271804&adf=3025194257&lmt=1573961118&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fahsqutes.monster%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573961118421&bpp=6&bdt=762&fdt=134&idt=135&shv=r20191112&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3406673660160&frm=20&pv=2&ga_vid=1556147499.1573961118&ga_sid=1573961119&ga_hid=491895035&ga_fc=0&iag=0&icsg=2251800881146368&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126%2C410075106&oid=3&pvsid=2434550735028448&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=145
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 17 Nov 2019 03:25:18 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 17-Nov-2019 03:40:18 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:18 GMT
cmpui-popup.js
static.quantcast.mgr.consensu.org/v26/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v26/cmpui-popup.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2ac79fc7ce0bb7dbc3b62ad03984b830f4d0bdaa003f6a6efb9c948db240552

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:12:25 GMT
content-encoding
gzip
last-modified
Mon, 28 Oct 2019 20:36:14 GMT
server
AmazonS3
age
774
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
SLcuyNVMb04T4nsAaPkxdsr-qPMQnQRmBothE9rTdV6OKbeMuYGltw==
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
services.js
js.gumgum.com/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.126 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-126.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37885904343fccda810a8a5855573c23f422555762998f9d0eb3c0c0e9bebca6

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
status
200
x-amz-meta-version
3.20.2
last-modified
Mon, 11 Nov 2019 23:26:39 GMT
x-amz-meta-access-control-allow-origin
*
x-amz-meta-timing-allow-origin
*
server
AmazonS3
vary
Accept-Encoding
x-amz-version-id
1BY5TqyJrM0wGmYsg0Ocxe_anEDr7wbM
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control
max-age=7200
content-type
application/javascript
x-amz-cf-id
hJUqNOrJoeUPYeeO5-6jfO18uEwo2ZJaXcZbDvFfqvi5UBFUOmqykQ==
/
trends.revcontent.com/api/demand/ 		1 KB
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://trends.revcontent.com/api/demand/?w=115459
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8acd24e3ae1e1cf26fb576067611a78e00643a32f3c9c5810629a88a1412ddfc

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
P3P
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=UTF-8
rc-logo.png
cdn.revcontent.com/assets/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
aa78b2dcd17f734a05acddb454bd496b0e910af5107462b4a1003f8bb3a060de

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Tue, 05 Nov 2019 14:58:13 GMT
ETag
"1572965893"
X-HW
1573961118.cds069.fr8.h2,1573961118.cds053.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=22
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9070
widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame B5E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Fahsqutes.monster
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4185)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
/
www.instagram.com/p/B48VOjQg-le/embed/ Frame 973A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/p/B48VOjQg-le/embed/?cr=1&v=12&wp=326&rd=http%3A%2F%2Fahsqutes.monster&rp=%2F
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/p/B48VOjQg-le/embed/?cr=1&v=12&wp=326&rd=http%3A%2F%2Fahsqutes.monster&rp=%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
429
content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Sun, 17 Nov 2019 03:25:18 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-aed
13
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
20614
x-fb-trip-id
1679558926
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 1AA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 14 Nov 2020 22:29:09 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
3l382fzwg6QFfEoTu550o2H0ChpKrPMH0iM32jqUE4BQLcnvmfLvpCg0tkPKM6lJoiJPSN+pnB2Pmy+NFhmikw==
content-length
12396
x-fb-trip-id
420120009
date
Sun, 17 Nov 2019 03:25:18 GMT
alt-svc
h3-23=":443"; ma=3600
vendorlist.json
vendorlist.consensu.org/ 		90 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fc00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56c5bb68b668e5b4d1f7f18d9dbc060c9de85befbbbf5e797f75a136a48210f8

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 14 Nov 2019 16:00:22 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
CP8lTLg5r5SH0TqZzNcUmewGTJ3LufA5
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control
max-age=259200
content-type
application/json; charset=utf-8
x-amz-cf-id
DC4RdiCyOA0EgRLJzYhtPDwaTHtXhY134kC6QayyPkQnjASc4lYGTg==
button.d941c9a422e2e3faf474b82a1f39e936.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.d941c9a422e2e3faf474b82a1f39e936.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4190) /
Resource Hash
a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 22:27:16 GMT
Server
ECS (fcn/4190)
Etag
"89c7a09d87bdc0f1b87105d8f841b83e+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
/
trends.revcontent.com/api/delivery/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://trends.revcontent.com/api/delivery/?w=115459&width=1600
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e1b370b07a351cece878fa3c19ba8f18d55f7fd74b91dc896518f85297c85860

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
P3P
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=UTF-8
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUy...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fexchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D%26bidder%3D3%26bidder_uid%3D__ZUID_...
  • https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&bidder=3&bidder_uid=dYDeRjy2R9hCprjF9Bkk
35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&bidder=3&bidder_uid=dYDeRjy2R9hCprjF9Bkk
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:19 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&bidder=3&bidder_uid=dYDeRjy2R9hCprjF9Bkk
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
168
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D&geo=35&rev_dt=1573961...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcm.revcontent.com%252Fpixel_sync%253Fbidder%253D115%2526bidder_uid%253D%2524UID%2526exchange_uid%253DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2Zj...
  • https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=1566499650083963733&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&geo=35&rev_dt=1573961118684
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=1566499650083963733&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&geo=35&rev_dt=1573961118684
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:18 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid
23150126-cef0-4e2f-b4ab-ddc9ee0325a8
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.revcontent.com/pixel_sync?bidder=115&bidder_uid=1566499650083963733&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&geo=35&rev_dt=1573961118684
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1573961118684
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1573961118684
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=3a185f8f-02df-499b-b712-59eb9d7eca86
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fd1ff895-7904-413e-aa89-2f99189be915&ssp=revcontent
  • https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3a185f8f-02df-499b-b712-59eb9d7eca86
35 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3a185f8f-02df-499b-b712-59eb9d7eca86
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:18 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

status
302
date
Sun, 17 Nov 2019 03:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//cm.revcontent.com/pixel_sync?bidder=118&bidder_uid=3a185f8f-02df-499b-b712-59eb9d7eca86
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesync
bttrack.com/pixel/ 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D&pushdata=109&secure=1&rev_dt=1573961118684
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:18 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.revcontent.com%2Fpixel_sync%3Fbidder%3D153%26bidder_uid%3D%7Buid%7D%26exchange_uid%3DMjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%253D&rev_d...
  • https://cm.revcontent.com/pixel_sync?bidder=153&bidder_uid=ff68917891eca2da&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D
11 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?bidder=153&bidder_uid=ff68917891eca2da&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
400
date
Sun, 17 Nov 2019 03:25:18 GMT
x-powered-by
Express
etag
W/"b-glZE90e6qywA5CDbvDnksw"
content-length
11
content-type
text/plain; charset=utf-8

Redirect headers

Location
https://cm.revcontent.com/pixel_sync?bidder=153&bidder_uid=ff68917891eca2da&exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D
Date
Sun, 17 Nov 2019 03:25:18 GMT
Server
Adtelligent 1.0
Content-Length
43
Content-Type
image/gif
pixel_sync
cm.revcontent.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&rev_dt=1573961118684
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk%3D&rev_dt=1573961118684
  • https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk=&bidder=154&bidder_uid=fd1ff895-7904-413e-aa89-2f99189be915
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk=&bidder=154&bidder_uid=fd1ff895-7904-413e-aa89-2f99189be915
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:18 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Location
//cm.revcontent.com/pixel_sync?exchange_uid=MjQyNzJmZmFhOWQyN2RlNzkwZDRmNzUyM2ZjMWRjYjk=&bidder=154&bidder_uid=fd1ff895-7904-413e-aa89-2f99189be915
Date
Sun, 17 Nov 2019 03:25:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-127.fra2.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:18 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
25c2f84f-04bd-426c-94b8-75a19f5a04bf
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
DSKQ0EikIAMF5XA=
content-length
50
access-control-allow-origin
http://ahsqutes.monster
x-amzn-trace-id
Root=1-5dd0bd9e-90447eb08ead7b13aa8d83f9;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
lmArfyrKp__-OiUoUOgcdaB35arDpKAkTrXDbwP0AkVYE3joDRtf1A==
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame FE60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B1) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B1)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame 4944 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A8) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A8)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame EEC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E7)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame 94F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A4)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame D488 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DA) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DA)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame BBF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:18 GMT
Etag
"9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified
Tue, 22 Oct 2019 22:27:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D0)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12256
justjared-logo.jpg
cdn02.cdn.justjared.com/wp-content/uploads/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/img/justjared-logo.jpg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9eac52eaa6cb180ed995af876bb5c8eac7f9defeb034b80ba96f7f16b3f3dc86

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Thu, 18 Apr 2019 15:42:33 GMT
ETag
"1555602153"
X-HW
1573961118.dop142.fr8.t,1573961118.cds122.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=561572
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5905
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
jot.html
platform.twitter.com/ Frame 9122
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4187) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
http://ahsqutes.monster
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-control-allow-origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Nov 2019 03:25:19 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Tue, 22 Oct 2019 23:03:20 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4187)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Sun, 17 Nov 2019 03:25:19 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Sun, 17 Nov 2019 03:25:18 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
414cd3e2bc67bf1ca5b54e99bd9f233e
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
110
x-transaction
0097e99600de3230
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
services
g2.gumgum.com/zones/jstjared/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/jstjared/services?dp=http%3A%2F%2Fahsqutes.monster%2F&pu=http%3A%2F%2Fahsqutes.monster%2F&ogu=http%3A%2F%2Fwww.justjared.com&rf=&r=3.20.2&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%7D&ns=9318&bf=dd1425b44f9b167d4d43d2453c479e9a267ee3c8&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1573961118939&to=-60&vpii=false&vph=1200&vpw=1600
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.131.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Sun, 17 Nov 2019 03:25:19 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
http://ahsqutes.monster
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
imp.php
trends.revcontent.com/ 		0
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://trends.revcontent.com/imp.php
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
18.203.21.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-21-2.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
http://ahsqutes.monster
Date
Sun, 17 Nov 2019 03:25:18 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.25 (Debian)
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
img.revcontent.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com//content/images/290410510d63c5e37be1ad0a7eb8153e.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
f84bc7eb245a2964516604e58d37908dec0f39f3dbe0dd03939ced8c07464667

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Fri, 08 Nov 2019 05:52:23 GMT
ETag
"1573192343"
X-HW
1573961118.cds076.fr8.h2,1573961118.cds070.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23872
/
img.revcontent.com/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15705469821901340525.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
5dfc271356691df3f5d00b2a7045abab98b3ef350876d607c9ef21b4c3e9586c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Tue, 08 Oct 2019 15:03:03 GMT
ETag
"1570546983"
X-HW
1573961118.cds100.fr8.h2,1573961118.cds133.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29386
/
img.revcontent.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/15728972191052551982.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
32ec6fa94fb3a73c51265107e5b7b817e59d93c64a82353104823cddce87cf98

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Mon, 04 Nov 2019 19:53:40 GMT
ETag
"1572897220"
X-HW
1573961118.cds093.fr8.h2,1573961118.cds001.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38737
/
img.revcontent.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com//content/images/c3b7a1cdaacc96d3f24d691a2d7ddfaa.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
946dff9524d8dba881422d95271310b42ee3f2b00cd315e588dcfec4f55ca013

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:18 GMT
Last-Modified
Tue, 05 Nov 2019 16:14:23 GMT
ETag
"1572970463"
X-HW
1573961118.cds104.fr8.h2,1573961118.cds060.fr8.c
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33413
/
audit.quantcast.mgr.consensu.org/ 		80 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1573961119077;Just%20Jared;http%3A%2F%2Fahsqutes.monster%2F;;;;;p,off,true,,1,en,26,175,true,false,false;displayConsentUi:mandatory,
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v26/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.174.190 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-174-190.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA54
x-cache
Miss from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
nquyCTe9NnDowQ6ptKBBcR2qovZzF3jxorkvA-lzuj3Y79tym4HlDA==
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		956 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
9e0ff8d9243c4e64b42bd60ac2fd7a32565a785306445beafb808c3a2e4e250b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19134-FRA
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1573961119.245367,VS0,VE0
content-length
956
retry-after
0
x-cache-hits
0
bid-request
a.teads.tv/hb/ 		16 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.teads.tv/hb/bid-request
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
Expires
Sun, 17 Nov 2019 03:25:19 GMT
auction
tlx.3lift.com/header/ 		19 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.38.0&referrer=http%3A%2F%2Fahsqutes.monster%2F&tmax=1000
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.97.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-97-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
x-auction-status
3, 3, 3, 3, 3, 3
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
d8ffd0ea79dd42010226d45e586e5f4283bb59859f9b49fc91533958d0b9f846
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5b0da052-a56e-40cf-a8e6-e05dc1364de7
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ap.lijit.com/rtb/bid?src=prebid_prebid_2.38.0
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
1d1eedbef5e6ed518eba786d6ca7694478879d8e28e705bbe43d3e1162c15ea5

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://ahsqutes.monster
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475124&size_id=15&alt_size_ids=2%2C38%2C40%2C41%2C55%2C57%2C195&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=1e90dc54-e98c-4443-989a-11d502354c3d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5629436692462586
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
339b5f6e0159d92acd1b44aa555713d88ddb802ec9477d3140858185e9196283

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=500
Content-Length
1456
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475126&size_id=15&alt_size_ids=14%2C16%2C19%2C117&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=ea8d8fa4-7309-4466-a3ad-31857961090c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8346055850942191
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
3c0aa1569f7dad78a4052f8f55c985ba84128e2da0d4fdcf38de3ffcbaf230a9

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=462
Content-Length
1453
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475132&size_id=15&alt_size_ids=9%2C5%2C8%2C10%2C13%2C14%2C16%2C17%2C19%2C117&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=e362987a-8040-411d-9ad6-5b3270b30fb2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.015176805826113693
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
a0119b951563ee087c6cf42aee7bc95340a62a6151964e6c9f63b22a7dfbc3ff

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=491
Content-Length
2206
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475134&size_id=15&alt_size_ids=9%2C8%2C10%2C13%2C14%2C16%2C17%2C19%2C54%2C117&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=0b7339b7-b658-4cf1-9b86-c48e44b326d7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.75415218963897
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
63dc8c130dbe500736809bf2da0000f2f841731dddd70db2600af6d33a777fcc

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=448
Content-Length
1461
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475130&size_id=15&alt_size_ids=9%2C5%2C8%2C10%2C13%2C14%2C16%2C17%2C54&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=31678f5b-9837-4de3-901a-48bc7d3d1616&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5222226713135383
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
26a6c30ef7690378bb39ace54ea999fd88a7c70c1ae5f8123c178b239bc06c30

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=498
Content-Length
1462
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475128&size_id=15&alt_size_ids=9%2C5%2C8%2C10%2C13%2C14%2C17%2C54&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=974ae119-2b38-4790-bda6-47b2cf15020b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.301154618020794
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
8074ed012e9e87f16dbfdb1449153c7818c40abd44cf7f2e1a2de23f2802904c

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=420
Content-Length
2207
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475136&size_id=15&alt_size_ids=1%2C14%2C16%2C17&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=8c5d4131-802c-4bf6-a837-da69bb62c035&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.650552562501403
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5395801022f46f8f036a3f6e3b268e8e55f1cd9a4c31dd36962916dd4eb23bc4

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=492
Content-Length
1449
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475138&size_id=15&alt_size_ids=1%2C14%2C16%2C17&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=9b95bb05-7074-45bb-b7f1-a7f46cefdb92&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.15691456372062373
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ea50413d551555b2d2e08a557853c4260e1455e462da28b448ef923e970afb31

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=497
Content-Length
1454
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475140&size_id=15&alt_size_ids=1%2C13%2C14%2C16%2C17&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=8f5df9df-8392-408d-8747-8f4132f11b78&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2028289722762755
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
0286c3340134882bfbe2226f5078e351caa71e9f8884de418f813f8a980b8ba4

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=458
Content-Length
1457
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
dc727331b38651daa020436125bfb412a41d9a27bcf6630279021aa8799ea36a

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158468/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=78bf309d49ef08b;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
4a35763c218b84a555887716ed51b8858b5789fcb632114af526b67964382364

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158472/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=79a201065dba885;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252
944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
cc449a7d8104605978405e5319e5e889e9ef13654e54c1167f188e2fab23572a

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158476/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=80132edc1c3e937;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252
943 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
129f274cc332fcb0d98e538ea908b85819c4688e78de97f2467f633b20b91f6e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
943
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158478/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=8183f2e065bac56;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
cf279bd25bfbaa0d6d6cb41e30293b0bee0ed00f22a7cb8415086133400caa4b

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158475/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=82e2f2cee45d75a;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252
944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
6c230f38f5facfb36110c395d2b47aa3f7240be1d54b9d5d84e49922aafbc5cd

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158479/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=838b79d1d4f39fd;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;cfp=1;rndc=1573961119;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=15...
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
b751924cbced8e390aa395daa8549041ee4e6e9dacc5ad89e26d918c588bbeae

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158008/0/0/ADTECH;apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=84fcc4112a9e75f;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;apid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=15...
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;apid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
84dd1148a7e5e102a94668c018e816dea9ab2f97e888b2be61fdc523bad97b5f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158012/0/0/ADTECH;apid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=859686cbc27661b;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252
adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252
945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
b8721fe187922f5982da9ccdf9d9cfcdd2cf6954466d6cdff7abaff43947f207

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:19 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11772.1/5158014/0/0/ADTECH;cfp=1;rndc=1573961118;v=2;cmd=bid;cors=yes;alias=86b7e687bb48d0a;misc=1573961119252
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
share_button.php
www.facebook.com/v3.2/plugins/ Frame CFA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3c373b68de58a%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Ffelicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3c373b68de58a%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Ffelicity-huffman-enjoys-visit-at-the-salon-in-beverly-hills%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
+vYm5BzTXLcw1PxJKk84CS+0c1EdZnPp7fyhYd6Bopjs/PAuAKEUvgbvRwHJi34xIqrWmfc3kAk8Q9ZMG5s75w==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
share_button.php
www.facebook.com/v3.2/plugins/ Frame 6773 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2f68f08b488e4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fderek-hough-undergoes-emergency-surgery-to-remove-appendix%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2f68f08b488e4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fderek-hough-undergoes-emergency-surgery-to-remove-appendix%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
rE75K1xKsTvhjLqTjHlxjqUnbI2vR3z5+AoxEjSpS3NF4fZ8c5CVMCE/du2XnNjtHgmImxvzTmsyhxG04vb7vA==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
share_button.php
www.facebook.com/v3.2/plugins/ Frame ADFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df16dac75faac3c4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fsarah-palin-says-she-found-out-husband-todd-was-divorcing-her-in-an-email%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df16dac75faac3c4%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fsarah-palin-says-she-found-out-husband-todd-was-divorcing-her-in-an-email%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
LDUwlYLEsXvlMRMFh1Iw8ugh8ft55HeTXjG71ocadvO/RaZHil70dEl2wc3BneLMUkrOYElK8likqKCtFdhrLQ==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
share_button.php
www.facebook.com/v3.2/plugins/ Frame 86A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df356b465553723c%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Folivia-wilde-receives-raymond-vineyards-trailblazer-award-at-napa-valley-film-festival-2019%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df356b465553723c%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Folivia-wilde-receives-raymond-vineyards-trailblazer-award-at-napa-valley-film-festival-2019%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
tkGLXwe4W4QkHIiLwsnyw5m1UDyJnEpDPIKiJPajEZxa4xnZ3nXlQ4OH+kL35wwQeWnp5fSCYp8CUlaNBlD3DA==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
share_button.php
www.facebook.com/v3.2/plugins/ Frame A972 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12d73ac69cea7%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fariana-grande-updates-fans-on-health-has-trouble-breathing-during-show%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df12d73ac69cea7%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fariana-grande-updates-fans-on-health-has-trouble-breathing-during-show%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
fVJfgIH0knl+gshWRqU7Vk1PvkBce+2PVkD6ZLrJ2XXU7xn9ZE8lJ/6fBcS7gf5vXyRbNpQCWgJZZLm8CWusuQ==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
share_button.php
www.facebook.com/v3.2/plugins/ Frame 32E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2840ec3157f564%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fhannah-jeter-says-she-went-into-hiding-after-gaining-70lbs-during-first-pregnancy%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=145071315902360&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2840ec3157f564%26domain%3Dahsqutes.monster%26origin%3Dhttp%253A%252F%252Fahsqutes.monster%252Ff1485650d6fb8a%26relation%3Dparent.parent&container_width=95&href=http%3A%2F%2Fwww.justjared.com%2F2019%2F11%2F16%2Fhannah-jeter-says-she-went-into-hiding-after-gaining-70lbs-during-first-pregnancy%2F&layout=button_count&locale=en_US&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v3.2
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
ZzWxltbr6lphyaEXoB9YESwd7prUPeEsONh+AsuyQ2JiDApL+bzu3Mwfk80L24gsDgm3yYz5VYHn0zw4rjDmbw==
date
Sun, 17 Nov 2019 03:25:19 GMT
alt-svc
h3-23=":443"; ma=3600
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fahsqutes.monster%2F&pid=L9hchL3KFljN6&cb=0&ws=1600x1200&v=7.43.01&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-11111111119-0%22%2C%22s%22%3A%5B%221x1%22%2C%22320x100%22%2C%22300x100%22%2C%22250x250%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_right_300x250_innerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-11111111120-0%22%2C%22s%22%3A%5B%22240x400%22%2C%22120x600%22%2C%22200x200%22%2C%22300x600%22%2C%22300x1050%22%2C%22300x100%22%2C%22160x600%22%2C%221x1%22%2C%22300x250%22%2C%22250x250%22%2C%22336x280%22%2C%22234x60%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_bot_right_300xflex_innerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-11111111121-0%22%2C%22s%22%3A%5B%22120x90%22%2C%22250x250%22%2C%22336x280%22%2C%221x1%22%2C%22300x100%22%2C%22160x600%22%2C%22300x600%22%2C%22200x200%22%2C%22120x600%22%2C%22240x400%22%2C%22300x250%22%2C%22120x240%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_mid_right_300xflex_innerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-11111111122-0%22%2C%22s%22%3A%5B%22930x180%22%2C%221x1%22%2C%22300x250%22%2C%22600x300%22%2C%22750x200%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22750x300%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_970xflex%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572102990774-0%22%2C%22s%22%3A%5B%22240x400%22%2C%22250x250%22%2C%22300x250%22%2C%22336x280%22%2C%221x1%22%2C%22550x450%22%2C%22468x60%22%2C%22550x300%22%2C%22550x350%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_incontent1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572103093896-0%22%2C%22s%22%3A%5B%22550x300%22%2C%22240x400%22%2C%22250x250%22%2C%22300x250%22%2C%22336x280%22%2C%22468x60%22%2C%221x1%22%2C%22550x450%22%2C%22550x350%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_incontent2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572368023697-0%22%2C%22s%22%3A%5B%22250x250%22%2C%22336x280%22%2C%22240x400%22%2C%22550x300%22%2C%22468x60%22%2C%22200x200%22%2C%22550x200%22%2C%22550x450%22%2C%22300x250%22%2C%22550x350%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_belowcontent%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572216613288-0%22%2C%22s%22%3A%5B%22120x90%22%2C%22120x600%22%2C%22160x1050%22%2C%22125x125%22%2C%221x1%22%2C%22120x240%22%2C%22120x60%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_left_160x600_outerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572216656419-0%22%2C%22s%22%3A%5B%22120x600%22%2C%22300x1050%22%2C%22240x400%22%2C%22120x60%22%2C%22300x600%22%2C%22160x600%22%2C%22234x60%22%2C%22200x200%22%2C%22336x280%22%2C%22250x250%22%2C%221x1%22%2C%22300x250%22%2C%22120x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_left_300xflex_outerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572216696549-0%22%2C%22s%22%3A%5B%22160x1050%22%2C%22120x90%22%2C%22120x600%22%2C%22180x150%22%2C%221x1%22%2C%22120x60%22%2C%22125x125%22%2C%22160x600%22%2C%22120x240%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_right_160x600_outerrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1572216758066-0%22%2C%22s%22%3A%5B%22120x240%22%2C%22180x150%22%2C%22300x1050%22%2C%22250x250%22%2C%221x1%22%2C%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x90%22%2C%22120x60%22%2C%22120x600%22%2C%22200x200%22%2C%22234x60%22%2C%22240x400%22%5D%2C%22sn%22%3A%22%2F21854935662%2Fjustjared_home_top_right_300xflex_outerrail%22%7D%5D&cfgv=0&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mVRsPe1MGjTH0SEmatQ5yR4lbnyugs3dsn9OEvUQKK4S4EEoHLigZw==
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1806/min/ Frame 81BB 		719 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
47b41d1e7b499d0e79b37b0981ef7191f3b9b5fa95d04c07fbe9a0e796631cd9

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 varnish, 1.1 varnish
Age
34363
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
191022
X-Served-By
cache-dca17724-DCA, cache-fra19161-FRA
Last-Modified
Sat, 16 Nov 2019 17:49:35 GMT
X-Timer
S1573961119.325077,VS0,VE0
ETag
"f0a686fc8e13e6eae7e4bc50bac50e05"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31557600
Accept-Ranges
bytes
X-Cache-Hits
2, 1012
g
ck.connatix.com/ 		46 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_824093174cd082bedc5b1573961119368
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
15813f50bcd9df11643c360765e95947d5e6b5f88ba9ab921bb7adfb43fcbd24

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-hhn4072-HHN
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1573961119.387070,VS0,VE0
content-length
46
retry-after
0
x-cache-hits
0
pls
core.connatix.com/ Frame 81BB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://core.connatix.com/pls?callback=jQuery321030899646666622615_1573961119364&token=eb74249f-f29f-4739-b03f-c5a6fad12677&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&page_guid=ad03d7e5423529f1902a1573961119454&spp=1&_=1573961119365
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
34.195.95.173 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-195-95-173.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
8c8f04a5eeafa8cebb6feeec4cc14f08ac405accb413836d3aaf98bd5e639b25

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:19 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		189 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rtb.connatix.com/g?c_pw=1584&c_ph=891&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=http%3A%2F%2Fahsqutes.monster%2F&c_ivt=0&connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&notServed=false&xplr=true&c_s=false&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&gdpr=1&med_id=930629&req_no=0&v=1&c_pt=1&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1&callback=cnxJSONP_8c6cb11086a3c921bc201573961119709
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
52.86.189.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-189-110.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
52b61ce631146be25679448c127c262a6e59a0f34a2aa5afb7791ec980183890

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:20 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
152
17.jpg
i.connatix.com/s3/connatix-uploads/16d9a644-e627-4d71-aa78-274364cdeff8/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/16d9a644-e627-4d71-aa78-274364cdeff8/17.jpg?mode=stretch&connatiximg=true&scale=both&height=891&width=1584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3ae704991475fe127129855419444420b2126cf88a4b40f4a9c9ef27cdad8911

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3146-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714926,VS0,VE541
content-length
119139
x-cache-hits
0, 0
1.jpg
i.connatix.com/s3/connatix-uploads/52706586-21ca-4f67-9402-b2f05e5936bc/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/52706586-21ca-4f67-9402-b2f05e5936bc/1.jpg?mode=crop&width=1901&height=1069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
159977df8663bca9f6436986c4a88da5314ea841ded4a60cc6bc2bc62931d8d7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3120-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714921,VS0,VE386
content-length
151418
x-cache-hits
0, 0
1.jpg
i.connatix.com/s3/connatix-uploads/338f7cf7-99a0-4a33-bc16-65cc41185492/ 		261 KB
261 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/338f7cf7-99a0-4a33-bc16-65cc41185492/1.jpg?mode=crop&width=1901&height=1069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b5ee08b4eac1dceb5fa255694853ba0f568068a2019d568195229ef15530dabc

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3123-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714925,VS0,VE302
content-length
266774
x-cache-hits
0, 0
1.jpg
i.connatix.com/s3/connatix-uploads/09cd0eda-c69b-4086-8ebb-dd725626cf43/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/09cd0eda-c69b-4086-8ebb-dd725626cf43/1.jpg?mode=crop&width=1901&height=1069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f49c55a38dfcecb625a2bb61a3f892d02308cb392c68ae6606d522a5d148bc16

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:19 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3123-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714942,VS0,VE276
content-length
190503
x-cache-hits
0, 0
1.jpg
i.connatix.com/s3/connatix-uploads/c26ee626-c0a1-4fee-9c1f-6eb02183f338/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/c26ee626-c0a1-4fee-9c1f-6eb02183f338/1.jpg?mode=crop&width=1901&height=1069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3f9f4d384bd881a089b079007ca640162126678ef1e632b37c3e483f51279100

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3147-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714981,VS0,VE345
content-length
155502
x-cache-hits
0, 0
1.jpg
i.connatix.com/s3/connatix-uploads/67b9e1a9-960f-4f07-8070-7a3664173a8e/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/67b9e1a9-960f-4f07-8070-7a3664173a8e/1.jpg?mode=crop&width=1901&height=1069
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
67693018b7f2ef59b1450c65077e9c3680bc6bd8090fd6dd36a3ffb26c03a080

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-served-by
cache-sjc3151-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.714807,VS0,VE511
content-length
223686
x-cache-hits
0, 0
0_th_2.jpg
i.connatix.com/s3/connatix-videos/16d9a644-e627-4d71-aa78-274364cdeff8/ Frame 81BB 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/16d9a644-e627-4d71-aa78-274364cdeff8/0_th_2.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
via
1.1 varnish, 1.1 varnish
age
944722
x-served-by
cache-sjc3125-SJC, cache-hhn4072-HHN
status
200
x-cache
MISS, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1573961120.017310,VS0,VE1
content-length
23507
x-cache-hits
0, 1
pixel
cm.g.doubleclick.net/ Frame 81BB
Redirect Chain
  • http://connatix-d.openx.net/v/1.0/av?auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=242aad75133faddf72261573961119710&vwd=1584&vht=891&gdpr=1&gdpr_consent=0
  • http://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=242aad75133faddf72261573961119710&vwd=1584&vht=891&gdpr=1&gdpr_consent=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
r
trk.connatix.com/ Frame 81BB 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&videoID=930629&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.237.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-175-237-245.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:20 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193949&url=http%3A%2F%2Fahsqutes.monster%2F&cb=521d30baa6c96546f0b61573961119808&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=f8f5c737df07de2353571573961119839&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193960&url=http%3A%2F%2Fahsqutes.monster%2F&cb=b4408d6eeb182a77c1d21573961119872&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193965&url=http%3A%2F%2Fahsqutes.monster%2F&cb=f721a662c146dfad15561573961119901&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
vwt
trk.connatix.com/ Frame 81BB 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/vwt?id_cl=964fac7c7299975fbfc11573961119677&c_vid=930629&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.237.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-175-237-245.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:20 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
vwt
trk.connatix.com/ Frame 81BB 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/vwt?connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&c_vid=930629&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.237.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-175-237-245.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:20 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193964&url=http%3A%2F%2Fahsqutes.monster%2F&cb=fdcc1b38bddb2bf50bc71573961119930&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
g
rtb.connatix.com/ 		189 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rtb.connatix.com/g?c_pw=455&c_ph=256&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=http%3A%2F%2Fahsqutes.monster%2F&c_ivt=0&connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&notServed=false&xplr=true&c_s=false&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&gdpr=1&med_id=930629&req_no=1&v=2&c_pt=1&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1&callback=cnxJSONP_d489758f1ea8334f77cc1573961119950
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
52.86.189.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-189-110.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
6d108f2f78a4142ac3fc3486d7c61f7ebae70fa14583ecb89834664231b55921

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:20 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
151
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=54c7bcc5e6ac1f829d4c1573961119960&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:19 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193949&url=http%3A%2F%2Fahsqutes.monster%2F&cb=b60cfd5a134205ef06601573961119987&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=73648ab43ac97cfdf1901573961120022&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193960&url=http%3A%2F%2Fahsqutes.monster%2F&cb=618fb763292018a4498d1573961120051&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193965&url=http%3A%2F%2Fahsqutes.monster%2F&cb=2b2686663a6ef743aa401573961120077&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2434550735028448&correlator=3414355719317517&output=ldjh&impl=fifs&adsid=NT&eid=21065104&vrg=2019111201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191117&iu_parts=21854935662%2Cjustjared_home_top_right_300x250_innerrail%2Cjustjared_home_bot_right_300xflex_innerrail%2Cjustjared_home_mid_right_300xflex_innerrail%2Cjustjared_home_top_970xflex%2Cjustjared_home_top_left_300xflex_outerrail%2Cjustjared_home_top_right_300xflex_outerrail%2Cjustjared_home_incontent1%2Cjustjared_home_incontent2%2Cjustjared_home_belowcontent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=320x50%7C1x1%7C320x100%7C300x100%7C250x250%7C300x250%7C336x280%2C320x50%7C240x400%7C120x600%7C200x200%7C300x600%7C300x1050%7C300x100%7C160x600%7C1x1%7C300x250%7C250x250%7C336x280%7C234x60%7C320x100%2C320x50%7C120x90%7C250x250%7C336x280%7C1x1%7C300x100%7C160x600%7C300x600%7C200x200%7C120x600%7C240x400%7C300x250%7C120x240%7C320x100%2C320x50%7C930x180%7C1x1%7C300x250%7C600x300%7C750x200%7C728x90%7C970x90%7C970x250%7C750x300%7C980x90%2C320x50%7C120x600%7C300x1050%7C240x400%7C120x60%7C300x600%7C160x600%7C234x60%7C200x200%7C336x280%7C250x250%7C1x1%7C300x250%7C120x90%2C320x50%7C120x240%7C180x150%7C300x1050%7C250x250%7C1x1%7C300x250%7C300x600%7C160x600%7C120x90%7C120x60%7C120x600%7C200x200%7C234x60%7C240x400%2C320x50%7C240x400%7C250x250%7C300x250%7C336x280%7C1x1%7C550x450%7C468x60%7C550x300%7C550x350%2C320x50%7C550x300%7C240x400%7C250x250%7C300x250%7C336x280%7C468x60%7C1x1%7C550x450%7C550x350%2C320x50%7C250x250%7C336x280%7C240x400%7C550x300%7C468x60%7C200x200%7C550x200%7C550x450%7C300x250%7C550x350%7C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.17%26hb_adid_rubicon%3D90afd6f6fcf1f57%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.17%26hb_adid%3D90afd6f6fcf1f57%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D87f3d364590a7e9%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_adid%3D87f3d364590a7e9%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D889a6568c706fd2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D889a6568c706fd2%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.20%26hb_adid_rubicon%3D912cc77f91b5ee1%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.20%26hb_adid%3D912cc77f91b5ee1%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D894bcb0c44fa684%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.12%26hb_adid%3D894bcb0c44fa684%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D92044f110ebdb3c%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D92044f110ebdb3c%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.09%26hb_adid_rubicon%3D94af63e799a68f9%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.09%26hb_adid%3D94af63e799a68f9%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D9367ff809eeff48%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_adid%3D9367ff809eeff48%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.19%26hb_adid_rubicon%3D9594011ab93a33b%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_adid%3D9594011ab93a33b%26hb_bidder%3Drubicon&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1573961120&dt=1573961120098&dlt=1573961117659&idt=824&frm=20&biw=1600&bih=1200&oid=3&adxs=800%2C680%2C740%2C335%2C100%2C1380%2C680%2C525%2C675&adys=12203%2C15443%2C14240%2C8%2C550%2C550%2C5248%2C6435%2C8525&adks=593586411%2C1457925444%2C14972087%2C2153563070%2C2202190646%2C3602213626%2C349765883%2C1902009457%2C846698376&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fahsqutes.monster%2F&dssz=63&icsg=68317511680&std=0&vis=1&scr_x=0&scr_y=0&psz=1584x1%7C1584x400%7C1584x90%7C1584x180%7C300x-1%7C300x-1%7C1584x10385%7C1584x10385%7C1584x10385&msz=1584x1%7C1584x400%7C1584x90%7C1584x180%7C300x-1%7C300x-1%7C1584x420%7C1584x320%7C1584x270&ga_vid=1556147499.1573961118&ga_sid=1573961119&ga_hid=491895035&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1584%2C1584%2C1584%2C1584%2C1584%2C1584%2C1584%2C1584%2C1584
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
219047c6e38f96bdc0fb2fc5655c88bd0ee0b990a08f3874075c719d274121dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12232
x-xss-protection
0
google-lineitem-id
5212669661,5211882180,5213479626,5212669664,5213481543,5214299462,-1,5211882180,5211882180
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138293240554,138293240548,138293402872,138293240527,138293129849,138293403136,-1,138293240533,138293240248
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111201.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111201.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
1f6ba59e0e4b96cbb3e07c3c5d908a62dae632d96714e50c6671cd1df32d1829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25120
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193964&url=http%3A%2F%2Fahsqutes.monster%2F&cb=534da4db31c61d1c46481573961120142&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=dcc8dafbea5ed7ec00ca1573961120175&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193949&url=http%3A%2F%2Fahsqutes.monster%2F&cb=331cbe227b682878afa81573961120203&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=763957a097e7594b6ecc1573961120246&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193960&url=http%3A%2F%2Fahsqutes.monster%2F&cb=c6619dc79c5c26a544911573961120302&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193965&url=http%3A%2F%2Fahsqutes.monster%2F&cb=fb693bc2f9c6de7de2991573961120333&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193964&url=http%3A%2F%2Fahsqutes.monster%2F&cb=7d350d77ed03b62889141573961120380&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193942&url=http%3A%2F%2Fahsqutes.monster%2F&cb=52d195066bf4555e5e871573961120415&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193949&url=http%3A%2F%2Fahsqutes.monster%2F&cb=0deacdca0301952fb1531573961120448&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F44C 		0
75 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJ9STL68_7SFRvvQAHSDjiVdKP_N5NiltBmbi1gLOjir3c6MB5S6DsiHTfVvxkqMxNTJzDpYzIJQyKZIIoEenLooA1nbOReVHPYi6QPQGUO1gvYbVgOGLYCUTq6NOEnPUZiz88LQSnQXOlbPdhoEbHh2YhRAIpdQ9926MwTmpcmg5Qu7zg37X7JnCXXwMG4sCQxi2ZvqBZQNxXZi5Ai0oA_qSprYY_D2p9iU0D7hdbm5pdenN5cD1Okkyd1p8dKUSpbCS51obBK5HtXiEgULUlFrd2nFZ40_GxkzOfmebzXw-UK09gH-bL&sig=Cg0ArKJSzEvUdBSkLkU9EAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F44C 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23085
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21046-AMS, cache-hhn4066-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"60d5-YpW2wnRiQuulguvdZAYQAZe9OMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
536e98cb2dfdcba4-VIE
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F44C 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56DC 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAppVpJyDBzaal6RmFtRYos_hcj-eSwwuYMaM-KYqtDS6VAsrV9nzUngZtGIIwu-SCUg8ncOUDfcZO959LPixnzNh4EZPjTyYwFVHGGC2Y0nk-nwHw_3Qj-Ed8EXZ4hTzWL_z9-i0ms9N7gY5ZF4PvrHIQepelSArC_9qzAH1wmj15-secuVDjSGp7HuJNs0ZNiiNPEyLiF5B9_jH_iP8Ll8h1IyLNCmAsumKZ5Y4p-llnlf-UWjjcc42hD7LlxrBW65ufz_Mm8tt1nLDkMHxXVc2VBEG7VNzxAO9D6CRGXzQ77XENAYanGw&sig=Cg0ArKJSzN9I3tki-7OxEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 56DC 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23085
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21046-AMS, cache-hhn4066-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"60d5-YpW2wnRiQuulguvdZAYQAZe9OMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
536e98cb3e18cba4-VIE
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 56DC 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41FD 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBQcuWD7JZCPZzwtJDyb287rjgmXYhOPpnrDvhG3v0rY0MJSpIfZ0HURlLfaZ7jXjEFSU062-1bwpVNih6757J2fKccbKkw-nHER-5f8kusd60sbygRqrmUx4KlCJ6O58nfM6SG4eKr2bjpXjRx81sK1VilJzEfZGOCzHpiRq9X2HJ4tSuyTaJ7jXoW0VpeaAm2zZtVUqBbWGiXDZW1oGNkjzYqQIh4FYzVmIDg--wAh-6oyDOVUBVFZh7HIGIZWpVKeoad-ontVCXAtRL9hQrvt_FiWjL8RacP1rj6zrcahH3rG1FmJW10Q&sig=Cg0ArKJSzDi2zp4uZZwDEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 41FD 		110 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:21f3:ca00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1268fa59f9a147bb07010999b030e8a7a27ac0bb1abf2760fa1ac5451eb71e31

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 14:33:25 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 12 Nov 2019 21:41:52 GMT
Server
AmazonS3
Age
305516
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
J4Bi7xedOz2GRXStgeQcb5fs357ShdGU
Via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000,public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
Content-Type
application/javascript
X-Amz-Cf-Id
DS43xzrlUqbKd-DZpEHIAbQyC2G4gGc0w-cXgr1Nx8i5374Q8jTbjA==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 41FD 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5FF 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBgLTEyukvapAwMigJvxZL2jxyK_i_jKJdmctDGUJgtavBpKBvbGvHA1_GI_cT3pJo5om0GYhcA64l08AU0Hed_b5rfQd5vz_7DXcDOWyGdkcpU5hcpqy5i5FMO0P2_KTG8MFcFL_ooe4kMvq-lUEJMgSzjEGBcBWu9JFEe8E6lAg1MGZ0_cHNGZTVEERD6qBIxVhi5sA4fcNDpWlPm01gKe-4aeVuv52i9Hel70mD2x1GN1jSkHbq9eOxkhuzUiLhUSO3EyCgF2Zszo9-SBxyQXDOJYFmjBfv&sig=Cg0ArKJSzOykxdamYIJIEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame C5FF 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23085
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21046-AMS, cache-hhn4066-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"60d5-YpW2wnRiQuulguvdZAYQAZe9OMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
536e98cb6e52cba4-VIE
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C5FF 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5371 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufnr-m4gI1pzVLD_5Dc96jsBqecBDLFb1DHAhdr2Y-84JiDOKPERbns167rZIxVRr7vgJjpWiSsxabl3v58nmW0PFBWQdA35s2eEljtp2gA1_utrf7eBJ5AFsju9AfP0vCaz0E1Uw6BKtUcq1VZrSETVvr1LAEzjJ1DLZdsaTPUreRwi3jzw1HrVvvoQvK62FPO6l-3s3WqY3uT5tdJB3nj4NmfhzqjafBjWNUCN6arY38uDI3U_cEIbmHK9h7rGFat6QOwxcxZzy4jeUxLETj4DBWHKw7SYXJEIB8WhKr16s0NXBs0rxU&sig=Cg0ArKJSzKBXGm9EjGsrEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame 5371 		110 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:21f3:ca00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1268fa59f9a147bb07010999b030e8a7a27ac0bb1abf2760fa1ac5451eb71e31

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 14:33:25 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 12 Nov 2019 21:41:52 GMT
Server
AmazonS3
Age
305516
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
J4Bi7xedOz2GRXStgeQcb5fs357ShdGU
Via
1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000,public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
Content-Type
application/javascript
X-Amz-Cf-Id
FIvKnZ5HglG7S_uAhnPcaQwiQUiRR4PXNfEavMFDfYINcAJhls5gKw==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 5371 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A94E 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3g4Nh2Ut-tgJIc_VKt_TN1adGpsXNVNq6RQuaFlrzYsMe3I8HtsDWkm88TPHSJQjzJtT89YT7efYx3AxQZrJa3yd9XvnTcnjLTL7rIQAtJaLLDSiCp6188Pvi4Thbo6N5gyrgS1medV-pG8Y60ieV8P3i4S1h-F0N8dRV-VyHqH_XDTi0XEVElzOhYHQtSgQR1tQDacEsHwf9sCLc35IdqXwi56rqsia0UVPt4EwiO469Ky9_xNXiWO1h7iPy7vQKWxz2JrU6nDWjtt1sFlYVepjgDIr3pl8iR8_jKjOLyoOD4DV1dpRbA&sig=Cg0ArKJSzG5KPg2bGaB9EAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ Frame A94E 		110 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:21f3:ca00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1268fa59f9a147bb07010999b030e8a7a27ac0bb1abf2760fa1ac5451eb71e31

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 14:33:25 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 12 Nov 2019 21:41:52 GMT
Server
AmazonS3
Age
305516
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
x-amz-version-id
J4Bi7xedOz2GRXStgeQcb5fs357ShdGU
Via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000,public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C2
Content-Type
application/javascript
X-Amz-Cf-Id
-K2t5WKASDfcRWSmyvz3XH32wWKtmpjCiq97WoRJOIua88vkpRWlaA==
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame A94E 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame A506 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-36/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3516
date
Sat, 16 Nov 2019 23:42:10 GMT
expires
Sun, 15 Nov 2020 23:42:10 GMT
last-modified
Wed, 16 Oct 2019 15:42:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
13390
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 3CD3 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-4pnS9_8GTsHcKLInGkovoeBXdJ1vOFeUQLS5DK1Ia1w7eBMs5dQmlJ0jlYZLpCRskdOAIBuTz0frW0IyUHFkWROwB9nfaCBv0oKkh47r4g6KT6G0D5jaqPvr_nOnOcE5X7BCKM6d5jp7SjshTAZzEtkqZOlQ7xI9Y3uetm13SxuBxNKRt37PWXPZG04l4pvXNrhAo0f824X56QdNePlHadHT9hKZTJm5d1QZ65qbvNQPmPUUN9K4s8s5ED36u0PTZM5OOtn1pRSaa-FChq01fBJ-69f25w&sig=Cg0ArKJSzDfYrTIti3yNEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3CD3 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23085
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21046-AMS, cache-hhn4066-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"60d5-YpW2wnRiQuulguvdZAYQAZe9OMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
536e98cbdec0cba4-VIE
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 3CD3 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AAD4 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_D9VybglmXfcgEnD_qNa_USokqn6ln7SwABz2Uw2aFbCaWRI-eW35C6idquFpV8RLAzZRBTbn2eNOnxH_a5SVvviOLGn1SbZ80ddid4JV7PllSpmD51SV0VpEfsB5a9c_rSo2NbcRAFBDV4jn8mdFBl4u0GWAQpBYxscaVFe59mvqtAdR61Z_a3QLkj5bsrhZqeq7Y_61AOEDsXuPG_p_J8Cp4ep0EkaqimGzKwJGdcsAwpv5s1drD8TFWLKa8NJPQn_61Pj8LywLvyy1hM_hnIOeLYWDJGlM&sig=Cg0ArKJSzHh0EovMwsHEEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AAD4 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23085
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-ams21046-AMS, cache-hhn4066-HHN
timing-allow-origin
*
server
cloudflare
etag
W/"60d5-YpW2wnRiQuulguvdZAYQAZe9OMQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
536e98cbeeebcba4-VIE
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame AAD4 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:20 GMT
/
track.adform.net/adfscript/ Frame F44C 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897025;rtbwp=F4AFDE07BAE418C0;rtbdata=nvIpdDUimkLGZcLoiXBanKc5fPfxzgp6od9qRIpXzd8FPUYSw2bZogL9aFJuGtSbjECZZRWHJUBcknEdcvyKb12s6Nkf5nG8xgFML2I8kcikgvNDfjwLxwyKw6sJczvrkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcrGU_4B2pOFwv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7uAiMRMx8y_nw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/c6bc7ef3-b518-4ad0-adce-f2910b07fc09/
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
29905cd4f825966f1add39ce0a8fa9ad17a6d27f7c623b313423aa9406be267a

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9836
expires
-1
c6bc7ef3-b518-4ad0-adce-f2910b07fc09
beacon-eu2.rubiconproject.com/beacon/d/ Frame F44C 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/c6bc7ef3-b518-4ad0-adce-f2910b07fc09?oo=0&accountId=21666&siteId=293666&zoneId=1475126&sizeId=15&e=6A1E40E384DA563B3F3F78E226673E1A4BB19383435D0E903EE4D52A5EC5AD07AC0246E6C02EB67E6CA16C8A3692841AE4A9AFA6E089EF844D6197C58B1BE9AEF2EC6F409B4E7B2DD8678A166594FACB9ECFD2C391BA0C74B543590E11D623B166B351633AF56D3975AF1277563713193224CE0DEC3CE026D5952D9F2F969FE4D71D3BC5615CA53EBBE139EBA95F2B29BCD9AB1B63E0FFBB998234B169F0369250A4FF29D92FD845FC09ECD98E4699A9053960663F856AC23D5A1AADC4975A21F375C6193686929EB89D30344E983078
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
/
track.adform.net/adfscript/ Frame 56DC 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=FgcXV90cdfyrIQhZXqdne7_Tret8OoWtxRye7-_PdpLwP0HRi5ypzeR_hFBJpb0A8StUxy_z8jE4-0iaI6gFzyQgQBuuKBETUkDGj6PHiM1m2mZZq0TpG9I_CrpaRPA_kJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcltUdoPmRN6Mv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/6f0365d1-96b5-43f3-99e8-44bb1d2860f5/
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3f1adb66de76baaca9fd66bd4d6d7e94c3b839f2474a749959efcbac9283227d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9845
expires
-1
6f0365d1-96b5-43f3-99e8-44bb1d2860f5
beacon-eu2.rubiconproject.com/beacon/d/ Frame 56DC 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/6f0365d1-96b5-43f3-99e8-44bb1d2860f5?oo=0&accountId=21666&siteId=293666&zoneId=1475134&sizeId=15&e=6A1E40E384DA563B3CDC0D4227586C031C7E6E58C92F5619BEE4B9BBA6C0A62B422E4117283657EE4F38769F437EF7F1E4A9AFA6E089EF84AD72208534C922EE7191C07C6688A22CFA2F9DA17807F8EECA6BF51C0B6B2F71936D5D35AE1338A47368F76D4CC0CA42308F3FB34B2857830C2B2772AF7EFFB420EA239F6FBEEAA2D37163A111D147E9C8257A5072C0AC52BCD9AB1B63E0FFBB998234B169F03692A8000BB131F2284A46B4B40BA2CECD0A5215BF08868FBBF9F9BB6C8E426B12B0F2F589780459FF906E1518A3F37D0B96
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
/
track.adform.net/adfscript/ Frame C5FF 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897025;rtbwp=97B1513AD7D1F0F6;rtbdata=_MAPmNXtQJlWXT0w81RGkBRICIRurM1RQzG9BI9K8ytGD4dyTmpisAZ8PqFSlFVevegmrA1nYCSrL8-HubREkQz5x7Yf3PT5XvDE02VSXrZnqKPrgGQv8n0b9iomsdUMkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiDhevwPiR9SkHCnbeUpnIV1VdfrmWBpOcr5XAAjC4VxEMBpZ-fI4ywEmD6wnd_qIQl7P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/6ac2725a-514b-4c0b-8b57-312afeb462f8/
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b8669b8330ce63e0efdf086c26862ecac4d65bde8f347b5e9d3b381f4a984835

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9838
expires
-1
6ac2725a-514b-4c0b-8b57-312afeb462f8
beacon-eu2.rubiconproject.com/beacon/d/ Frame C5FF 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/6ac2725a-514b-4c0b-8b57-312afeb462f8?oo=0&accountId=21666&siteId=293666&zoneId=1475124&sizeId=15&e=6A1E40E384DA563B6B4897AD347A085A368977CEC3827BBFC0409C4EBB5DDF83CDA0F17048BED6DE23D7D92C73020810E4A9AFA6E089EF844D6197C58B1BE9AEF2EC6F409B4E7B2DD8678A166594FACB9ECFD2C391BA0C74B543590E11D623B166B351633AF56D3975AF127756371319945019E5E41312F2FFD00A48180B4594D71D3BC5615CA53EB82ECC325FFF161CBCD9AB1B63E0FFBB998234B169F0369234B5A71A80799BFE67E4A013AC5C59B8EA35CDE8A8EA3B44B472B185E6C74E23846E3DE54F1C3EFE78846C3A8905977B
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 41FD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2be404b3844817f6d65735c35cd833dbe16f3f8fb07a80397475ada9d048758

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
geoip.insticator.com/json/ Frame 41FD 		204 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9999
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
10000
cf-ray
536e98cc9dadcbc8-VIE
/
geoip.insticator.com/json/ Frame 41FD 		204 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9998
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98cc9daecbc8-VIE
usertracking
b2c.insticator.com/v3/pages/ Frame 910F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7a69ee748269a95fe63a63cc53e883041573961120; expires=Mon, 16-Nov-20 03:25:20 GMT; path=/; domain=.insticator.com; HttpOnly
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
536e98ccb86059b2-VIE
content-encoding
gzip
instbid_2_38.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 41FD 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d96b094b6fd77ea9bc3cbae1300f943337949916e2270b123def19e80549786c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XfcIPLOjFvS7QpxzJDrTFOLmsG5gR6AU
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:42:38 GMT
server
AmazonS3
age
15584
date
Sat, 16 Nov 2019 23:05:37 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
b5pUN7mGAuWHthmQHEbYpp0yNtaZ__Jh9FjSgtpP5fb6mwtuLloZ5w==
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
truncated
/ Frame 5371 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f155235d32a4748d729c417e3ad869921090f09432e79fa55c0c083c83a800e2

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
geoip.insticator.com/json/ Frame 5371 		204 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9997
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98cdff6fcbc8-VIE
/
geoip.insticator.com/json/ Frame 5371 		204 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9994
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98cdff70cbc8-VIE
instbid_2_38.js
df80k0z3fi8zg.cloudfront.net/files/ Frame 5371 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d96b094b6fd77ea9bc3cbae1300f943337949916e2270b123def19e80549786c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XfcIPLOjFvS7QpxzJDrTFOLmsG5gR6AU
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:42:38 GMT
server
AmazonS3
age
15584
date
Sun, 17 Nov 2019 00:36:51 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lq974pILDS9ajznpjgoHcnbqQCgsnCYgbnqZxH081WprtpM-IlFu2Q==
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
/
geoip.insticator.com/json/ Frame A94E 		204 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9996
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98cdff73cbc8-VIE
/
geoip.insticator.com/json/ Frame A94E 		204 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9995
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98cdff74cbc8-VIE
instbid_2_38.js
df80k0z3fi8zg.cloudfront.net/files/ Frame A94E 		260 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d96b094b6fd77ea9bc3cbae1300f943337949916e2270b123def19e80549786c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XfcIPLOjFvS7QpxzJDrTFOLmsG5gR6AU
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:42:38 GMT
server
AmazonS3
age
15584
date
Sun, 17 Nov 2019 00:36:51 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
poQBpOOnfNWOWZCuhKViA6C-7GVKR5gkWFZ8_L_U0GklRZLDVPt5tg==
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
truncated
/ Frame A94E 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3de8316ce150950ead23dbc3eb1d146eafe1788512acc38c56887e3295a41eab

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame 3CD3 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=TDY4ank4vcSuEXWihoMlCyY6tA4dsFr2mWkXNvB18DCmKFNYG3eQYxHkgc2nSKsrWGl-IC_qRHvPP7_AV3pFTNv0BoMTaMw2XJUDnU7TrrDhBBN_BYnvDNMb4FBcccxIkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOchUPCuNHPgHmv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7uAiMRMx8y_nw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/5a8e5f02-b0e1-4a17-bb4f-e20a922a04cb/
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b11193b4ab434d6679f1f70bb40ce9fe381c758089feea2484bb5081b051df9d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9825
expires
-1
5a8e5f02-b0e1-4a17-bb4f-e20a922a04cb
beacon-eu2.rubiconproject.com/beacon/d/ Frame 3CD3 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/5a8e5f02-b0e1-4a17-bb4f-e20a922a04cb?oo=0&accountId=21666&siteId=293666&zoneId=1475138&sizeId=15&e=6A1E40E384DA563B29D5A3B8512C57D2D87DEA743897E82575198E6F4997F3CA2CFE274374A7FC5CA4F4BA21643054CBE4A9AFA6E089EF84705E31F6280FEBC57191C07C6688A22CFA2F9DA17807F8EECA6BF51C0B6B2F71936D5D35AE1338A47368F76D4CC0CA42308F3FB34B2857830C2B2772AF7EFFB4E0A471A3028F76504C9F4F4A813E26BAEDEA9500BCCDC2B3C906E3D99347F00CE88D14A8E282D0F93FFE70DB15D86789BF8B5FECDDE07314706FF181FBB1243BBBDAF73E68E63176C9BC209FED9F542546E0C338056D8A9A
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
/
track.adform.net/adfscript/ Frame AAD4 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=ToZwLYc-MkbsZsi2M9Z_PKRr9fTz207MKDwN1E5IYNz6aE0fr8K1GC-ol3jKOGS5G1u5e_GkS94oMO_rQZYoIYxxSwbNRmRTaCZC_6VxomkNOpUv3CVAzvUe2P8fgpAFkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcs_trU9k8EI8v5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/6a275e4c-ee6d-4d65-9f0e-cf49f49f251c/
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed9b132bf4cebbf932b36b392883d83d2d9465231e73c5f26e48e9a04282c268

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:20 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9831
expires
-1
6a275e4c-ee6d-4d65-9f0e-cf49f49f251c
beacon-eu2.rubiconproject.com/beacon/d/ Frame AAD4 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/6a275e4c-ee6d-4d65-9f0e-cf49f49f251c?oo=0&accountId=21666&siteId=293666&zoneId=1475140&sizeId=15&e=6A1E40E384DA563B17566227B7F40731348555BFF7F12F4613C4A58D9A74B015A8B2FE5A0A1B886E1D28A609E8DF6C09E4A9AFA6E089EF84AB973B2683D0403B7191C07C6688A22CFA2F9DA17807F8EECA6BF51C0B6B2F71936D5D35AE1338A47368F76D4CC0CA42308F3FB34B2857830C2B2772AF7EFFB420EA239F6FBEEAA293D9553E52C19AC1916175F4F08DEF75C906E3D99347F00CE88D14A8E282D0F97E699E1D3590197AE894C5992DD64D846F93BD17BCCB1B41B32CDB84561A5C4D68FCB6F8F35AB95342584CA04B63589D
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:20 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame F44C 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame 56DC 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame C5FF 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
/
hb.emxdgt.com/ Frame 41FD 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.emxdgt.com/?t=3000&ts=1573961121053&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 17 Nov 2019 03:25:20 GMT
Content-Type
text/html
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
imp
g2.gumgum.com/hbid/ Frame 41FD 		123 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=49925&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fahsqutes.monster%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9318&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.131.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
def0ea10291898d75772c0910e300cf1c0076ce35f2620bf1c45d39c01c9fe7f

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://ahsqutes.monster
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ Frame 41FD 		123 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=49932&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fahsqutes.monster%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9318&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.131.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc8d9849df9745be6cc4664c239c518cd5ea1504d96087bf02b095136c61bbed

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://ahsqutes.monster
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 41FD 		22 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_2.38.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
52.4.113.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-113-87.compute-1.amazonaws.com
Software
/
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
http://ahsqutes.monster
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
text/plain
v1
dmx.districtm.io/b/ Frame 41FD 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
536e98ced94b274e-FRA
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ Frame 41FD 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
9ee5de0ddc6aa830699d8db573c6c35cd5adb33908941ceb5d52d18361db4b1e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
36a291a6-12cc-4bfb-a253-ead795e1861e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
262
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ortb
bid.contextweb.com/header/ Frame 41FD 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
server
envoy
status
204
cwdl
22/139,22/139
access-control-allow-origin
http://ahsqutes.monster
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
cw-server
bid-deployment-56cd49665b-l4k2w
content-length
0
prebid_display
display.bfmio.com/ Frame 41FD 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.184.44 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-184-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://ahsqutes.monster
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
cygnus
as-sec.casalemedia.com/ Frame 41FD 		25 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=370031&v=7.2&r=%7B%22id%22%3A%222225d61772459f9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22230f9538a4a4212%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22370031%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2224e6d17f99248ad%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22370035%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ea611760b8561eb6138a9053f715036c4a5a4424d0cc1246efa8ce02e8dd0f9

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Sun, 17 Nov 2019 03:25:21 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41FD 		283 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=15&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=f42adabd-c4dc-42ff-b645-0bd1211e12c8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.13483123987285595
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7f4d78e76dd38e365b4b83b21628eb99f574f50f93b40b611fa861f3f03bca86

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=484
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 41FD 		283 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771342&size_id=15&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=b56fbf69-22dd-4cb4-9dc6-8b3ffb27cab3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6882228898192795
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
1fe3c7d6d5c3c9f69c850cf082eff60c6d44421b86199eaf35ea5e2564e0b30b

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=486
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 41FD 		72 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22294c9d89ac2a596%22%3A%2259426f787ebe1e9e70c9%7C300x250%22%2C%2230673fbdcaafb8b%22%3A%2285a034148190101f18fb%7C300x250%22%7D&ref=http%3A%2F%2Fahsqutes.monster%2F&s=3465f859-607e-4123-b8cd-c7e110c78a8d&pv=3f3ba197-2336-4d92-88a3-b7bffad14b65&vp=mobile&lib_name=prebid&lib_v=2.38.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
0ee850e2f2c57427277b5565f2431698985d60b2775962f314f1cac3de1c77fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
95
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ice.360yield.com/ul_cb/ Frame 41FD
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.mon...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqut...
6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223259f30343981fb%22%2C%22pid%22%3A%2222111804%22%2C%22tid%22%3A%22f42adabd-c4dc-42ff-b645-0bd1211e12c8%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22337110ff6fc6a45%22%2C%22pid%22%3A%2222111805%22%2C%22tid%22%3A%22b56fbf69-22dd-4cb4-9dc6-8b3ffb27cab3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b10acc371fbd1064b9d2ff742238edb026c6588da9cb9c07d0592f1edbc2f74f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
2656

Redirect headers

date
Sun, 17 Nov 2019 03:25:21 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22408cfac03ca34b%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223259f30343981fb%22%2C%22pid%22%3A%2222111804%22%2C%22tid%22%3A%22f42adabd-c4dc-42ff-b645-0bd1211e12c8%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22337110ff6fc6a45%22%2C%22pid%22%3A%2222111805%22%2C%22tid%22%3A%22b56fbf69-22dd-4cb4-9dc6-8b3ffb27cab3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
content-type
text/plain
content-length
0
header
hb.aralego.com/ Frame 41FD 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=ahsqutes.monster&u=http%3A%2F%2Fahsqutes.monster%2F&ru=&adid=ad-77279BE8BDEE272AFBB39AA837947EAA&w=300&h=250&tdid=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ahsqutes.monster
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ Frame 41FD 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=ahsqutes.monster&u=http%3A%2F%2Fahsqutes.monster%2F&ru=&adid=ad-77279BE8BDEE272AFBB39AA837947EAA&w=300&h=250&tdid=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ahsqutes.monster
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
connection
close
prebid
ib.adnxs.com/ut/v3/ Frame 41FD 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
11172accb43b9305b4b01813d553a2a83b69708e455ef48d9f2b8be727636a0b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.86:80
AN-X-Request-Uuid
71783928-0692-45c5-bd5d-d9b7fef9eee2
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ Frame 5371 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
536e98cee950274e-FRA
access-control-allow-headers
origin, content-type
hb
ssc.33across.com/api/v1/ Frame 5371 		117 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
/ 33Across
Resource Hash
936ab34ec189e627fc7fe38d68af412e29637e155c85d6cf98781e9fc1f9fc56

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
prebid_display
display.bfmio.com/ Frame 5371 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.184.44 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-184-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://ahsqutes.monster
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
imp
g2.gumgum.com/hbid/ Frame 5371 		123 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=49919&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fahsqutes.monster%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9318&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.131.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c68cf9d88340ab0640a8f517e1bddf8f40ce385e2a5832411d6ef16e72645fd4

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://ahsqutes.monster
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 5371 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2b82183f3748b9f54971c0488f332ae90f67050f675a747eb765461d15c0108b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.187:80
AN-X-Request-Uuid
ef9d499b-51fb-4680-8513-0d0873991d4c
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5371 		282 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=9&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=77379a22-1017-4efc-ab70-56c8760b6fc5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6506263817358766
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
0f4bdf81adeb6ac5b68e736f54aa530b775b8c035fadfa625f34735c4c2278d6

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=500
Content-Length
282
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 5371 		51 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22149af0ad984ac68%22%3A%22ab4c034432e8586d5e86%7C160x600%22%7D&ref=http%3A%2F%2Fahsqutes.monster%2F&s=24afd0e8-5c7e-4e66-84f5-b01e8d99323e&pv=9f0f1474-0bd5-4ade-b9d9-c6726291b45e&vp=mobile&lib_name=prebid&lib_v=2.38.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
23d93d49db0d1774338ed86db0e1b54c964c3fe4f223d4b2004cc7134694fff1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
79
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 5371 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=376529&v=7.2&r=%7B%22id%22%3A%2215e1dcf8b55d10c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22164b8b3c614ea9c%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22376529%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc44f46e7d2dee40ffc82428e5057057416ebd92fa027b81da30e73c18155276

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
798
Expires
Sun, 17 Nov 2019 03:25:21 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5371 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
122a3f8200b30e31f7a4991e0f4e4e980c6c8609b2c4cda7f43a66f9734cdfd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid
60610f97-ab43-47bf-b652-dafc9ba98317
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ Frame 5371 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.emxdgt.com/?t=3000&ts=1573961121103&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 17 Nov 2019 03:25:20 GMT
Content-Type
text/html
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
ortb
bid.contextweb.com/header/ Frame 5371 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
server
envoy
status
204
cwdl
22/139
access-control-allow-origin
http://ahsqutes.monster
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
cw-server
bid-deployment-stage-0
content-length
0
header
hb.aralego.com/ Frame 5371 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=ahsqutes.monster&u=http%3A%2F%2Fahsqutes.monster%2F&ru=&adid=ad-6272B3AD36A64BE6F26868BA6D84D7E&w=160&h=600&tdid=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ahsqutes.monster
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
connection
close
hb
ice.360yield.com/ul_cb/ Frame 5371
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.mo...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqu...
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222669192287e42f8%22%2C%22pid%22%3A%2222111803%22%2C%22tid%22%3A%2277379a22-1017-4efc-ab70-56c8760b6fc5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cedaf4be904319bbecc4dfbe8463788d5c184bb64aa1a5f3d9469b406462f830

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1736

Redirect headers

date
Sun, 17 Nov 2019 03:25:21 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2229ab74f0006f902%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222669192287e42f8%22%2C%22pid%22%3A%2222111803%22%2C%22tid%22%3A%2277379a22-1017-4efc-ab70-56c8760b6fc5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
content-type
text/plain
content-length
0
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 5371 		22 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_2.38.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
52.4.113.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-113-87.compute-1.amazonaws.com
Software
/
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
http://ahsqutes.monster
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
text/plain
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=ca48d3094eddc5346ca81573961120960&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ Frame A94E 		123 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=49942&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fahsqutes.monster%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9318&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.131.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-209-131-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9d403c131afb3bc2d19ad15c63c049b5b1381efd75015fcfcfb3c6d2489d6ab1

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://ahsqutes.monster
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
dmx.districtm.io/b/ Frame A94E 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
536e98cef95e274e-FRA
access-control-allow-headers
origin, content-type
ortb
bid.contextweb.com/header/ Frame A94E 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:20 GMT
server
envoy
status
204
cwdl
22/139
access-control-allow-origin
http://ahsqutes.monster
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cw-server
bid-deployment-56cd49665b-64l8c
content-length
0
/
hb.emxdgt.com/ Frame A94E 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.emxdgt.com/?t=3000&ts=1573961121115&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 17 Nov 2019 03:25:20 GMT
Content-Type
text/html
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ Frame A94E 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
6e4d9bbd321a8300bc12abb7e6b5bdab1870893c0bb4128874d5666da6012753
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid
5d2e2a33-8062-4e82-92fe-9d72236dd0d7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame A94E 		22 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_2.38.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
52.4.113.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-113-87.compute-1.amazonaws.com
Software
/
Resource Hash
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
http://ahsqutes.monster
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
text/plain
header
hb.aralego.com/ Frame A94E 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&host=ahsqutes.monster&u=http%3A%2F%2Fahsqutes.monster%2F&ru=&adid=ad-77279BE8BDEE272AFBB39AA837947EAA&w=300&h=250&tdid=&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://ahsqutes.monster
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
connection
close
prebid_display
display.bfmio.com/ Frame A94E 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bfmio.com/prebid_display
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.184.44 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-198-184-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Type
text/plain;charset=iso-8859-1
Access-Control-Allow-Origin
http://ahsqutes.monster
Access-Control-Expose-Headers
location
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
cygnus
as-sec.casalemedia.com/ Frame A94E 		25 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=370040&v=7.2&r=%7B%22id%22%3A%2217f55956f823006%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221882579a448f61f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22370040%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
10e1119592f35f71fd1e6697049e714b31ac02d9ece240a50801b54397683699

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Sun, 17 Nov 2019 03:25:21 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A94E 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Server
185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0ee0c4c88d6852a101cfed63a9c40d37258bfc4c457330809d39571d6b025e42
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid
f5c43733-3ab8-4e71-948c-9830d294d888
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame A94E 		51 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22228a4ae67774a4e%22%3A%227ae64792559ccec02f40%7C300x250%22%7D&ref=http%3A%2F%2Fahsqutes.monster%2F&s=2d68f39f-36a1-413a-9e6a-6af48156a5d5&pv=da6f29d5-9d32-45c7-9630-fc6194b548a0&vp=mobile&lib_name=prebid&lib_v=2.38.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
290f076a9ff4ac0105f7f0e93cd652ab25ce71b4eec181714180874323a90697
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
79
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ice.360yield.com/ Frame A94E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22277f77c2a84d633%22%2C%22version%22%3A%226.0.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Fahsqutes.monster%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2224b8c37c6fbe769%22%2C%22pid%22%3A%2222111806%22%2C%22tid%22%3A%22f6460989-6770-45e7-911a-ae27256bcec8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
324c98482ded981ea3d16b227efc6866e4df648cb21abab4eb51a1928b5b857a

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1725
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A94E 		283 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771344&size_id=15&rf=http%3A%2F%2Fahsqutes.monster%2F&tk_flint=pbjs_lite_v2.38.0&x_source.tid=f6460989-6770-45e7-911a-ae27256bcec8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.88826153980217
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2c386f50d2a4ba8976deff1b7e651e89cb22ee0f46410ed77581236744ec8527

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=453
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame 3CD3 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame AAD4 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
/
track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame F44C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDLxajhB65RxJ_a2YSxUC56MnGWpwoNSUC550iakHGOg4C9bg.dKFxikQ_i.uJtHoqvynx9MsFyxYM914Ve_clr2U.0Y.KI0Hb4_DJFvQj1zJOye6sZPuVr914VecL57GY5BNv_uY5BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc1KelF1VLf4.ATjV.CDs/adfserve/?CC=1&bn=33897025;rtbwp=F4AFDE07BAE418C0;rtbdata=nvIpdDUimkLGZcLoiXBanKc5fPfxzgp6od9qRIpXzd8FPUYSw2bZogL9aFJuGtSbjECZZRWHJUBcknEdcvyKb12s6Nkf5nG8xgFML2I8kcikgvNDfjwLxwyKw6sJczvrkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcrGU_4B2pOFwv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7uAiMRMx8y_nw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fc6bc7ef3-b518-4ad0-adce-f2910b07fc09%2f;js=1;adfxid=1x;6646;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e576b8eb88078186ed0a915b66a94b59200637709d07af8991576bed91ef91ab

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2484
expires
-1
/
track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame 56DC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDLxajhB65RxJ_a2YSxUC56MnGWpwoNSUC550iakHGOg4C9bg.dK4LeiLs2dI_AIQjvEodUW2vqCRc7L1eLY6RCw.5B0KB49RLJtG2hiwAxGbucUXGfe2Rc7L1eWNNW5BNlYiMeBNlY0bAQk45BPQkYjSXu_XVA4.L9.gJ0Nc1lF4XV4L9.J1pNc0KAKXVPyPDI_XVPyPDI_XV8Lf4.90PgJ.huy.6IX/adfserve/?CC=1&bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=FgcXV90cdfyrIQhZXqdne7_Tret8OoWtxRye7-_PdpLwP0HRi5ypzeR_hFBJpb0A8StUxy_z8jE4-0iaI6gFzyQgQBuuKBETUkDGj6PHiM1m2mZZq0TpG9I_CrpaRPA_kJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcltUdoPmRN6Mv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f6f0365d1-96b5-43f3-99e8-44bb1d2860f5%2f;js=1;adfxid=2x;5086;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bdf4c71c4527c8079d18e9697897b36bf4458acfa39198be73f6d6fac95a6476

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2488
expires
-1
/
track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame C5FF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDLxajhB65RxJ_a2YSxUC56MnGWpwoNSUC550iakHGOg4C9bg.dK4LxQ_i.uJtHoqvynx9MsFyxYM914Ve_clr2U.0Y.KI0Hb4_DJFvQj1zJOycjl7pp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF3fKXV4.hL9.LxU..8F2/adfserve/?CC=1&bn=33897025;rtbwp=97B1513AD7D1F0F6;rtbdata=_MAPmNXtQJlWXT0w81RGkBRICIRurM1RQzG9BI9K8ytGD4dyTmpisAZ8PqFSlFVevegmrA1nYCSrL8-HubREkQz5x7Yf3PT5XvDE02VSXrZnqKPrgGQv8n0b9iomsdUMkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiDhevwPiR9SkHCnbeUpnIV1VdfrmWBpOcr5XAAjC4VxEMBpZ-fI4ywEmD6wnd_qIQl7P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f6ac2725a-514b-4c0b-8b57-312afeb462f8%2f;js=1;adfxid=3x;10543;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ed44c5efb052c83135aaa8c8f5a4129a4f7539fecc10c363e3a6df6b1d7cc28

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2494
expires
-1
/
track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame 3CD3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDLxajhB65RxJ_a2YSxUC56MnGWpwoNSUC550iakHGOg4C9bg.dK491LtQVD_DJhCizgzH_y3EjNpmVWN9dPBSkrk.Nk4JkJdlOI_3Dqvkjp5UeAwHCSFQ_01kKJA237lY5BSmxGY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ09pNc0FAKXV4jMk.4PC/adfserve/?bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=TDY4ank4vcSuEXWihoMlCyY6tA4dsFr2mWkXNvB18DCmKFNYG3eQYxHkgc2nSKsrWGl-IC_qRHvPP7_AV3pFTNv0BoMTaMw2XJUDnU7TrrDhBBN_BYnvDNMb4FBcccxIkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOchUPCuNHPgHmv5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7uAiMRMx8y_nw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f5a8e5f02-b0e1-4a17-bb4f-e20a922a04cb%2f;js=1;adfxid=4x;4864;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
23422371c84b69ab4fc65df7b894095cd372f06ff836c4ed4d623bbb475eb248

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2489
expires
-1
/
track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame AAD4 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/cla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBDLxajhB65RxJ_a2YSxUC56MnGWpwoNSUC550iakHGOg4C9bg.dK4A9PtQVD_DJhCizgzH_y3EjNpmVWN9dPBSnMk.Nk4JkJdlOI_3Dqvkjp5UeAwHCSFQ_01kKJA237lY5BSmxGY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ09pNc0FAKXV4jMk.3fG/adfserve/?bn=33897025;rtbwp=26C1E2AF3D280101;rtbdata=ToZwLYc-MkbsZsi2M9Z_PKRr9fTz207MKDwN1E5IYNz6aE0fr8K1GC-ol3jKOGS5G1u5e_GkS94oMO_rQZYoIYxxSwbNRmRTaCZC_6VxomkNOpUv3CVAzvUe2P8fgpAFkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiKtM-d9YnTOIHCnbeUpnIV1VdfrmWBpOcs_trU9k8EI8v5NjCfD5_89YFcsNyJWkr17P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f6a275e4c-ee6d-4d65-9f0e-cf49f49f251c%2f;js=1;adfxid=5x;9235;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d76c575c05f0bcb7ff6929fb9fa82069954ca4f9f12444df519b31a8bddf4625

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2497
expires
-1
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193960&url=http%3A%2F%2Fahsqutes.monster%2F&cb=d3a1e3e1a45000d64f921573961121204&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
4d333009-52e2-4de9-974f-654573ecd838.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame 3C50 		352 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ca00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6ee1c2908434856508d72c8c8da1e9454b82c57d95425362786bd6ba0c9b091

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 16:36:10 GMT
content-encoding
gzip
last-modified
Thu, 07 Nov 2019 15:25:58 GMT
server
AmazonS3
age
816552
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
O.hl0gpGqmBEKRhyPLafUhVtEbq2CDT0
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
goByqK3qD8c5zk_m43QYiUKBwNkXd0pryBxpTsCG0QXYBH1MsjLd0w==
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
sdk.js
t.ingage.tech/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ingage.tech/sdk.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:fe00:0:a223:1e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
844469e59d0b4b70c9b1a84660a58fe9debbce237b19c741b86550d848dc2e91

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 02:37:54 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 08:36:10 GMT
server
AmazonS3
age
5272
etag
"27a865ae52196dece68d4d2ed1842d93"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2742
x-amz-cf-id
BO9qfUciLyew6w_bDRFkaASB8gy7XxgbrfI6vaFO5461YLTlEyy9_w==
/
track.adform.net/jsmetrics/ Frame F44C 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=41&asset=100&sid=276&rid=10436&cid=42476
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 28 Jul 2016 13:29:37 GMT
server
nginx
etag
"579a08c1-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
usync.html
eus.rubiconproject.com/ Frame A948 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67897
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
track.adform.net/jsmetrics/ Frame 56DC 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=41&asset=103&sid=276&rid=10436&cid=42476
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 28 Jul 2016 13:29:37 GMT
server
nginx
etag
"579a08c1-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
usync.html
eus.rubiconproject.com/ Frame 013C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67897
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F493 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67897
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame F44C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ac0089c9d43fa7a8e50879435db5c6b51c79041841ddb5f44a820a077aafe4

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 09F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67897
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 56DC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1201cd72de246ce922d28aac47a1676abb5a6b7dba0cc179b0d095b1aa9715c

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C5FF 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23a2ef2fe9a33e76e365bf3e2210e376800da8b466828481fb1726bc9b4c859d

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame C0C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67897
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 3CD3 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aca1dbd1d993891da4b29813478d5c88f22aff7cdab776c8730211b6f4a9971e

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AAD4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a6dd567e0b6781f2c1c56c8045dcb8063d70820bdeb297628225b5b048e92e5

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame F44C 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame 56DC 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame C5FF 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
css
fonts.googleapis.com/ Frame 3C50 		3 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 17 Nov 2019 03:25:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Sun, 17 Nov 2019 03:25:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 3C50 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
analytics.js
www.google-analytics.com/ Frame 3C50 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3104
date
Sun, 17 Nov 2019 02:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 17 Nov 2019 04:33:37 GMT
/
geoip.insticator.com/json/ Frame 3C50 		204 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
via
1.1 vegur
vary
Origin
cf-cache-status
DYNAMIC
status
200
x-database-date
Sat, 16 Nov 2019 05:07:32 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
9993
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
x-ratelimit-reset
3599
x-ratelimit-limit
10000
cf-ray
536e98d0db1fcbc8-VIE
event
event.insticator.com/v1/ Frame 3C50 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
cf-ray
536e98d1ac44cbc8-VIE
content-length
0
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15597
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:25 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
21163
x-amz-cf-id
kNhvys1tyJyPg-k9uX63emWKXe-2CqzGPxco5McmMz_CSiYVecBRhA==
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
15597
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Sat, 16 Nov 2019 23:05:25 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4769
x-amz-cf-id
xbvr-2UvNEaPqSbS8luT9Ycr11EvJnedIWPKjvZI-_9Qdz_mic_0QA==
logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15597
etag
"60b5cab66c2ac82262a0da5346037875"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:25 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
20991
x-amz-cf-id
1zxXIgKMPshTTjTaX3jG0IxL9MVGVB0cd8dQoavqeGNI_tlWHmuC7g==
logo-facebook-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
iVGTFYl9UoOIsb_VjgmcCUFWcozgxrNA
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15597
etag
"1aa9c1ee9848a890aac9ed2e662345b8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:25 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
21054
x-amz-cf-id
DoKPua9Uq7Vz8bf8CS4Us9hnWrFp6rnjlNpcgn5ogvAHj960lJiSJQ==
logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
PabYyULYcagrrnl5_VBagXR6.2QcHh82
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15578
etag
"8e6f619e7da6deedeb066c522967841e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:44 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
21925
x-amz-cf-id
wakaujO7X83zZRx00akgSFX-Ct8dBJAeY1DiMqQsbz68_4KCOJ4xdg==
logo-twitter-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
qL1Phj4H.8a2GAJwlw0J623oQlDV0Krh
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15578
etag
"27f2f41e838101e82a68c5d8a255f0f8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:44 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
21920
x-amz-cf-id
itWZq0fkjmI7OjJEgtlLaKNHDBUD1Ogzew6vGzy8w-C0M37ArSh23Q==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		649 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
15564
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:58 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
2Dx_Titvi4wLB45ExFWtXVPjtD-XQiOv6J12WGX36jvMte3nrQJCbg==
graphic-ooc.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
h4Ib2m7Gg.0JamqBIDYCvhEivLLP.vl4
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 22:29:18 GMT
server
AmazonS3
age
15597
etag
"9e51f7cb70aed79b30392a1909d568ab"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sat, 16 Nov 2019 23:05:25 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
11480
x-amz-cf-id
rf7RrleU2ocFOgA--TSqib38-k3XMqTM5nDStpsW1xzAt_UIW_Camg==
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame 3CD3 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame AAD4 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
/
c.ingage.tech/ 		0
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.ingage.tech/
Requested by
Host: t.ingage.tech
URL: https://t.ingage.tech/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.239.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-3-239-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
nstctr-cid
01DSVP9FWMC2QJ9NMCTARMBCJQ
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-methods
GET
access-control-expose-headers
NSTCTR-Cid
/
c.ingage.tech/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.ingage.tech/
Requested by
Host: t.ingage.tech
URL: https://t.ingage.tech/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.239.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-3-239-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
nstctr-cid
01DSVP9FWNP6Q2WGJ0M87C9SYK
date
Sun, 17 Nov 2019 03:25:21 GMT
access-control-allow-credentials
true
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-methods
GET
access-control-expose-headers
NSTCTR-Cid
/
track.adform.net/csimpr/ Frame F44C 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897025&csi=X0NkOVZ3CoPL9TO26NVvuHWtYAHFNzZTYP5X1hnnqcRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
29567937.gif
s1.adform.net/Banners/29567937/ Frame F44C 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567937/29567937.gif?bv=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b7040f8ffb6dafdd20542d7eb3b3de6f80569650267673831a686baf4ea480d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 03 Jan 2019 07:09:05 GMT
server
nginx
status
200
etag
"5c2db511-1216e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
74094
/
track.adform.net/csimpr/ Frame 56DC 		35 B
414 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897025&csi=5H0WjrEtFL0GqoQa07VdvPp5OlbnMu7jYP5X1hnnqcRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
29567938.gif
s1.adform.net/Banners/29567938/ Frame 56DC 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567938/29567938.gif?bv=4
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7f4bdcf0639118e0a2deeb6191af9c6e63925ba192d1ac669ebcbdbba06c8e2d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 03 Jan 2019 07:09:06 GMT
server
nginx
status
200
etag
"5c2db512-155d2"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
87506
29567937.gif
s1.adform.net/Banners/29567937/ Frame C5FF 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567937/29567937.gif?bv=4
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b7040f8ffb6dafdd20542d7eb3b3de6f80569650267673831a686baf4ea480d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 03 Jan 2019 07:09:05 GMT
server
nginx
status
200
etag
"5c2db511-1216e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
74094
/
track.adform.net/csimpr/ Frame C5FF 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897025&csi=S-GAKV_bkChXH0tZt7vgFsJKFpRqrbyFYP5X1hnnqcRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
collect
www.google-analytics.com/r/ Frame 3C50 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2003672200&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dr=http%3A%2F%2Fahsqutes.monster%2F&dp=%2F2cdf4c71-ad6c-487e-b43a-8f1af912284a&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x350&je=0&_u=QACAAGAB~&jid=379001147&gjid=2061874485&cid=1556147499.1573961118&tid=UA-123718506-7&_gid=1010882067.1573961118&_r=1&z=1689072130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5371 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"339 / 646 of 1000 / last-modified: 1573848417"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15660
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ Frame 5371 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0dd6a4cef855e1aabc211227702ca1fbf63d113858cd808fb569932aa0ba71

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Age
1865
X-Cache
HIT
Connection
keep-alive
Content-Length
22863
X-Served-By
cache-hhn4082-HHN
Last-Modified
Tue, 12 Nov 2019 18:35:26 GMT
Server
nginx
X-Timer
S1573961122.503110,VS0,VE0
ETag
"5dcafb6e-10789"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
488
gpt.js
www.googletagservices.com/tag/js/ Frame A94E 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"339 / 74 of 1000 / last-modified: 1573848417"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15660
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ Frame A94E 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0dd6a4cef855e1aabc211227702ca1fbf63d113858cd808fb569932aa0ba71

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Age
1866
X-Cache
HIT
Connection
keep-alive
Content-Length
22863
X-Served-By
cache-hhn4035-HHN
Last-Modified
Tue, 12 Nov 2019 18:35:26 GMT
Server
nginx
X-Timer
S1573961122.506524,VS0,VE0
ETag
"5dcafb6e-10789"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
576
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193965&url=http%3A%2F%2Fahsqutes.monster%2F&cb=a89eb2b97c13f9181e081573961121429&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
29567937.gif
s1.adform.net/Banners/29567937/ Frame 3CD3 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567937/29567937.gif?bv=4
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b7040f8ffb6dafdd20542d7eb3b3de6f80569650267673831a686baf4ea480d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 03 Jan 2019 07:09:05 GMT
server
nginx
status
200
etag
"5c2db511-1216e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
74094
/
track.adform.net/csimpr/ Frame 3CD3 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897025&csi=IRjGAT2BJvL8ESm0IneEyCz0F7Kzdr9JYP5X1hnnqcRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
29567937.gif
s1.adform.net/Banners/29567937/ Frame AAD4 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567937/29567937.gif?bv=4
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9b7040f8ffb6dafdd20542d7eb3b3de6f80569650267673831a686baf4ea480d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 03 Jan 2019 07:09:05 GMT
server
nginx
status
200
etag
"5c2db511-1216e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
74094
/
track.adform.net/csimpr/ Frame AAD4 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897025&csi=VKATUNVU29C8hhr6Al309JLxPZmu3lqrYP5X1hnnqcRNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
integrator.js
adservice.google.de/adsid/ Frame 5371 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5371 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame 5371 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
6d5783f621f26ce9d9f954568ff21d24e8f6986910c05388a1f0098a939b38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59852
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
integrator.js
adservice.google.de/adsid/ Frame A94E 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A94E 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame A94E 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
6d5783f621f26ce9d9f954568ff21d24e8f6986910c05388a1f0098a939b38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59852
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5371 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=663369535265985&correlator=147020986650617&output=ldjh&impl=fif&eid=21064709&vrg=2019111201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191117&iu=%2F27794161%2Fjustjared.com_Web_160x600_1&sz=160x600&scp=refurl%3Djustjared.com%26floor_group%3Dctrl_group%26hour%3D3%26instBid_size%3D160x600%26instBid_pb%3D8%26instBid_adid%3D31de2464d6be14b%26instBid_bidder%3DindexExchange%26adx_floor%3D8%26Exclude_Adx%3DN%26impression_type%3Dinitial_load&cookie=ID%3D54698dd7e98ccc73%3AT%3D1573961120%3AS%3DALNI_MYR-Epk9uH6_DQArms9Fqongs5HbA&cdm=ahsqutes.monster&bc=23&abxe=1&lmt=1573961121&dt=1573961121587&dlt=1573961120542&idt=1037&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adx=80&ady=550&adk=1078271786&uci=adk65mffne9c&ifi=1&ifk=2491199349&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fahsqutes.monster%2F&top=http%3A%2F%2Fahsqutes.monster%2F&dssz=16&icsg=8362&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1556147499.1573961118&ga_sid=1573961122&ga_hid=2000690007&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
024a91c385ab0cd81ae0a56df5867f302494beddd2d3c26be281d324a6f3e67c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1944
x-xss-protection
0
google-lineitem-id
4659454025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138232013958
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame 5371 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
1f6ba59e0e4b96cbb3e07c3c5d908a62dae632d96714e50c6671cd1df32d1829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25120
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 5371 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193964&url=http%3A%2F%2Fahsqutes.monster%2F&cb=394ef2db521b9ba84c461573961121566&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A94E 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=574691408747853&correlator=3671111894811353&output=ldjh&impl=fif&eid=21062452%2C21064367%2C370204053&vrg=2019111201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191117&iu=%2F27794161%2Fjustjared.com_Web_300x250_3&sz=300x250&scp=refurl%3Djustjared.com%26floor_group%3Dctrl_group%26hour%3D3%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cookie=ID%3D54698dd7e98ccc73%3AT%3D1573961120%3AS%3DALNI_MYR-Epk9uH6_DQArms9Fqongs5HbA&cdm=ahsqutes.monster&bc=23&abxe=1&lmt=1573961121&dt=1573961121602&dlt=1573961120555&idt=1040&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adx=1290&ady=550&adk=1472740992&uci=6t7c7rg5mlvd&ifi=1&ifk=3073387536&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fahsqutes.monster%2F&top=http%3A%2F%2Fahsqutes.monster%2F&dssz=16&icsg=8362&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1556147499.1573961118&ga_sid=1573961122&ga_hid=1713558540&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
4c691c9188bf02eaedbe67013b3a713ffb9ac29edfda799eee41ccc671799ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2344
x-xss-protection
0
google-lineitem-id
5211243328
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138292734021
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame A94E 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
1f6ba59e0e4b96cbb3e07c3c5d908a62dae632d96714e50c6671cd1df32d1829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25120
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame A94E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5371 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2019111201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a129b9fd8dfefc6acbd30835543cf9c3648cc2dd60cdeb2c07d62831b3adecb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5149
x-xss-protection
0
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=b1f8a3ccf1799154b31f1573961121624&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5371 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae091d6b529a28c0080dd4e376a97d1c246a0d9187095ef0242168b5d09d74b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1570551776720363"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5395
X-XSS-Protection
0
Expires
Sun, 17 Nov 2019 03:25:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AD58 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdxGS9mSIo9EQaYc96cm72zL4kTVNzvzRgio-xbbkY6MU4tYFNtO0898eOLNYPKVSVw0GSSlZ3aZwsQUQqUuBtjwj0vBiLk_hz8XYud6-3su_J6t-uvk66l7QMQmXz_vt5mwNdN9oeUIEOj0VxLkiQm3ThLNYXbtRq5zq1-6Iytx9BdoLdVphKyKIZmfrUVkoB4YGWMK6imDqC5a5-laGaa3huuFJOSuEO0j23d_9n2F6JIRoikRXvsEQg9pTleFj6Juw_BsazG34lfLQO9LpfdZ5USSM_mw&sig=Cg0ArKJSzDYWYq3PHa0pEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
clarium.global.ssl.fastly.net/ Frame AD58 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=Fseez_-nDyWQXIJsbnoKkKTHXC4&tpid=RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L2l4OjE2MHg2MDA%3D&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwybDRPakUyTUhnMk1EQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjE2MHg2MDAiXX19LCJ3ciI6MH0=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
ffeff26be90a30b3cc2a91bc275a68369e8fbfcc01b5611aec64531dc5cced2f

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Age
178
X-Cache-Status
hit
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Content-Length
23733
X-Served-By
cache-hhn4026-HHN
Pragma
no-cache
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1573961122.745900,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 05:00:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame AD58 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5371 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 457D 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUttLiS3U8iZrGH1GaYQVAmISyOLxrXyirH3ULCdJZje4sK7Leooan3oXYz1UTsuRrzrSj0DDQdW9p_g_Gh-7kd-7GOFLHyiTI3EvnGdiOs15q95aw8j1h8Y3QO2GM3BUR-37iL2QEyuWxYNmj9bcQvkw8hRJ8ZCUuzfuyQKu_CvkhCvM446j-XXifYqzrKJ17RGBMW2HExR0DRT56DJKeNDepuCOfKVw0XrNa3YAjyahtueds8atNA9HZpbjMgtiCBMAhJDVlQLJzQ5HM-CkHov-A9GqH54w&sig=Cg0ArKJSzFtDwhv4SEXXEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 457D 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame 457D 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 Nov 2019 21:55:49 GMT
x-content-type-options
nosniff
server
cafe
age
192572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 21 Nov 2019 21:55:49 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame A94E 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
event
event.insticator.com/v1/ Frame 41FD 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
cf-ray
536e98d51924cbc8-VIE
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 41FD 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"339 / 341 of 1000 / last-modified: 1573848417"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15660
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
wrap.js
clarium.global.ssl.fastly.net/gpt/a/ Frame 41FD 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0dd6a4cef855e1aabc211227702ca1fbf63d113858cd808fb569932aa0ba71

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Content-Encoding
gzip
Age
1866
X-Cache
HIT
Connection
keep-alive
Content-Length
22863
X-Served-By
cache-hhn4035-HHN
Last-Modified
Tue, 12 Nov 2019 18:35:26 GMT
Server
nginx
X-Timer
S1573961122.776604,VS0,VE0
ETag
"5dcafb6e-10789"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
577
ifnotify
a3226.casalemedia.com/ Frame F4D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=12F69D8&r=79DBD00A&t=5DD0BDA1&u=X29zMDFFdGZvNWNlWDgtX1k1T0lMRHlN&m=748c21a12f3d79b1249233e49e580b95&wp=B&aid=82C898464D3CD423&tid=15B22&s=5BED1&cp=0.11&n=ahsqutes.monster&pr=xx&epr=15e1dcf8b55d10c
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3226.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3226; CMST=XdC9oV3QvaEB; CMID=XdC9oblQJsMAADnPQjYAAAAA; CMDD=AAWgnwE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
/
track.adform.net/adfscript/ Frame AD58 		915 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33897026;rtbwp=XdC9oQAAAAAxVhNDbsDBCfJFi35doDgkXXL9mA;rtbdata=B8QJFj_s5v7j02oVE6Bj8i3YDqaJ9wignjySi_tRYIm9VXO31WDM0fY8IUCZ5qHyyaHE_Jro9uTH4R9EvCb-wa8WDP7Sr35zir-9eh14Yi1eMxMJQhNNW-YCL_CEaWymwfXG6yMx_JrmZ2SlhWZswdDgQjnc4YMX9albwwLI3d8ob9Jgjihn5QWEU34tRho3ikKpBI440-HCSiYAjfTKocAw9nV-VpOComN1-c6UvUo1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
50ddbd84eacd8251e8b7c6510735b9bcc7631931b836bd66af79d9c0fae34c9c

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
772
expires
-1
pixel
protected-by.clarium.io/ Frame AD58 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L2l4OjE2MHg2MDA=&v=5&s=ae6e8fb6bccfa65b24f118f894267d9dce3b63b1&id=eyJwcmViaWQiOnsiYWRJZCI6IjMxZGUyNDY0ZDZiZTE0YiIsImNwbSI6MC4wOH19&sb=1&cb=9000673&h=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.61.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-61-72.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/204/ Frame FE95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/204/runner.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/204/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4595
date
Sat, 16 Nov 2019 18:29:04 GMT
expires
Sun, 15 Nov 2020 18:29:04 GMT
last-modified
Tue, 08 Oct 2019 15:04:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32177
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 457D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2afb6347d51f4151b9bf64f1f0eb86d00129f6aac8b560320fb2a3da6aa449fe

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame AD58 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:28:42 GMT
integrator.js
adservice.google.de/adsid/ Frame 41FD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 41FD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ahsqutes.monster
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame 41FD 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
6d5783f621f26ce9d9f954568ff21d24e8f6986910c05388a1f0098a939b38d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59852
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=3794d9b87d9375db485a1573961121856&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/adfserve/ Frame AD58 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=33897026;rtbwp=XdC9oQAAAAAxVhNDbsDBCfJFi35doDgkXXL9mA;rtbdata=B8QJFj_s5v7j02oVE6Bj8i3YDqaJ9wignjySi_tRYIm9VXO31WDM0fY8IUCZ5qHyyaHE_Jro9uTH4R9EvCb-wa8WDP7Sr35zir-9eh14Yi1eMxMJQhNNW-YCL_CEaWymwfXG6yMx_JrmZ2SlhWZswdDgQjnc4YMX9albwwLI3d8ob9Jgjihn5QWEU34tRho3ikKpBI440-HCSiYAjfTKocAw9nV-VpOComN1-c6UvUo1;js=1;adfxid=6x;2483;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|0;fd=2|2&CREFURL=http%3A%2F%2Fahsqutes.monster%2F
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ffc3471acfff80133f89ef7fbdc1456429c99db49c74f971b253f612d0364072

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2077
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ Frame 41FD 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2655407236160968&correlator=3126932866798428&output=ldjh&impl=fif&adsid=NT&eid=21064708&vrg=2019111201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191117&iu=%2F27794161%2Fjustjared.com_Web_300x250_1&sz=300x250&scp=refurl%3Djustjared.com%26floor_group%3Dctrl_group%26hour%3D3%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cookie=ID%3D54698dd7e98ccc73%3AT%3D1573961120%3AS%3DALNI_MYR-Epk9uH6_DQArms9Fqongs5HbA&cdm=ahsqutes.monster&bc=23&abxe=1&lmt=1573961121&dt=1573961121889&dlt=1573961120514&idt=1367&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adx=650&ady=14389&adk=4122931064&uci=hbdfvg4g4kma&ifi=1&ifk=1966766137&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fahsqutes.monster%2F&top=http%3A%2F%2Fahsqutes.monster%2F&dssz=16&icsg=8362&std=0&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1556147499.1573961118&ga_sid=1573961122&ga_hid=1212713640&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
917f5841c0ce31e14f68cae29e9f4d02a5b2cd996a284d83df33c6ef46c6a067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2328
x-xss-protection
0
google-lineitem-id
5211243328
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138292734021
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111201.js
securepubads.g.doubleclick.net/gpt/ Frame 41FD 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111201.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
1f6ba59e0e4b96cbb3e07c3c5d908a62dae632d96714e50c6671cd1df32d1829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Nov 2019 18:33:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25120
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 41FD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame 41FD 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2655407236160968&correlator=3126932866798428&output=ldjh&impl=fif&adsid=NT&eid=21064708&vrg=2019111201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191117&iu=%2F27794161%2Fjustjared.com_Web_300x250_2&sz=300x250&scp=refurl%3Djustjared.com%26floor_group%3Dctrl_group%26hour%3D3%26adx_floor%3D1%26Exclude_Adx%3DN%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D300x250%26impression_type%3Dinitial_load&cookie=ID%3D54698dd7e98ccc73%3AT%3D1573961120%3AS%3DALNI_MYR-Epk9uH6_DQArms9Fqongs5HbA&cdm=ahsqutes.monster&bc=23&abxe=1&lmt=1573961121&dt=1573961121893&dlt=1573961120514&idt=1367&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adx=650&ady=14689&adk=577452479&uci=152h46odxt4s&ifi=2&ifk=1966766137&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fahsqutes.monster%2F&top=http%3A%2F%2Fahsqutes.monster%2F&dssz=17&icsg=139434&std=0&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1556147499.1573961118&ga_sid=1573961122&ga_hid=1212713640&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
feb64e8abe2accaacb76f21425ffd91952bcff2f7da2a0da532061ebd1ce22ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3562
x-xss-protection
0
google-lineitem-id
5211243328
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138294090669
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/jsmetrics/ Frame AD58 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=26&asset=20&sid=276&rid=10436&cid=42476
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
last-modified
Thu, 28 Jul 2016 13:29:37 GMT
server
nginx
etag
"579a08c1-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
truncated
/ Frame AD58 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79af106adfb6f9119e4ae8ac1d87745c935a07db6eb04916f71aa4f1f5029f51

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=482f4984555898fd51bf1573961121907&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
av
connatix-d.openx.net/v/1.0/ Frame 81BB 		48 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://connatix-d.openx.net/v/1.0/av?auid=540193947&url=http%3A%2F%2Fahsqutes.monster%2F&cb=ea5ad5e1633933af1bc21573961121938&vwd=455&vht=256&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: http://cdns.connatix.com/p/1806/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:21 GMT
Via
1.1 google
Server
OXGW/16.167.1
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://ahsqutes.monster
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Content-Type
text/xml
Content-Length
48
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5371 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=204&t=2&li=gpt_2019111201&jk=663369535265985&bg=!REelR19YOzd-AswxauICAAAAQVIAAAAOmQFhYOxZa3jOUUxJFxI5ldIzP_4aECUrOUXFBYNl_9Faaqz9lDqapTVUK-Dbfv3zu4x1KdiSZcv574_WuCD_CJOBBdsAojICAjqohzSi5XqCRgoYH2Dpzslq8PDDfGNDtJRTKU34-LVjnhPwan8zYP9JkZsYK_F0I5Kfx0RQGCNJV01GnrII2Pacn1ETNVVqaSbx8of2SSNAuuGYZjVeZNCvmevka9-lVAPb6aTrMTg1t6iRVztNUWdtFWtX6IX5-ySDI588fglkMLMgQs4Zi1HPVEesYjWPltih6QSYeElte_yD-OJ37DYQpPWrca-6kGUcFRysOZTribFwRUpLPtt6Y6pS1OMFIMsFirYdc3WvTKZ1ai1bBlUxdkBrSvhKgzzKpFktQ8zWZTUkTTA59Cn7zPHsmTgPG3fK8a6AXCNEcnDnj8DzzThYx56BDVVWf0Vw25aHeawS9BLJAwEB7nRzAbI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7985 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsva0F6bnk_4zawISBFRxrThvKwkR6Tq6LjKhwEaGjo2TaFm3dgu3WdaU0uJFb3BCG9pbyXiWga8fBbKVlNnYpyZljeTOMLDu8-L5xiY5LEEqEQYlYZhY0tw18JiffOoajf5NlIrGPGRMgjyADpJ0oueXacg12nnLrstBR6j7qKN3NgFUGMXvx5FZll5BzB-hmjegDUp8xRWJcR7YjtvRZhfgixQDOmMcD81ItkGG-VQADmfRXZcYJ1edSHbuiFnRR4uKY6MSyviZYc76dvsf3WCLjOgFmRpqEg&sig=Cg0ArKJSzD7X4oSh3p2vEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:21 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
imgad
tpc.googlesyndication.com/pagead/ Frame 7985 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7aahtAEQARgBMgjXDi0KeZe8gg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 Nov 2019 21:55:49 GMT
x-content-type-options
nosniff
server
cafe
age
192572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33958
x-xss-protection
0
expires
Thu, 21 Nov 2019 21:55:49 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7985 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 41FD 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:21 GMT
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame AD58 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:21 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Nov 2019 06:31:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B0EA 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugo-LNTq8xP72iTKrJ1ZHfB_MSBn3mU4f_o65qRkj6R6zFqgl5JZ6FL3tvYPeyDOWXrz-RmNXL5oBMQDODIW3KHEVxaTzX8OBhO_El-ldNvUPD6a7MtONMl3UTTUjpDtu_CEnoocou1MR59JAeaMaR8R5FVFvqggk5M5EAA1A21O31KMPB2YLekrhTCqTU8Yddrx-CkrQjqGMcYdMcKoAaRlDfEcHoHGEbplZU_5TAIVlTgdlEz5TiWqlyvw8qESKr5gJgM3aUcqsbgCmQw3iCmPtdNEwtwxA&sig=Cg0ArKJSzBkBaGv-ryeiEAE&urlfix=1&adurl=
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Nov 2019 03:25:22 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B0EA 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Sun, 17 Nov 2019 03:25:22 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame B0EA 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb7Yb1lgEQARgBMginzBoRNrzgRg
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
353cb80b6329eafa244b4a723090f422c14ec61c5a44e999843aa30748ed33dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 15:24:03 GMT
x-content-type-options
nosniff
server
cafe
age
388879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
status
200
cache-control
public, max-age=604800
content-disposition
attachment; filename="image.png"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39730
x-xss-protection
0
expires
Tue, 19 Nov 2019 15:24:03 GMT
truncated
/ Frame 7985 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e11ca9ed502c1dc7449e761b37f5768d6c20ddab1c014f40e3ae6953d82f1e62

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
usertracking
b2c.insticator.com/v3/pages/ Frame E4F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
cookie
userId=ea8a2508-00e8-c5ed-e8b9-6a2a2fc1f3df; __cfduid=d7a69ee748269a95fe63a63cc53e883041573961120
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
536e98d4cadc59b2-VIE
content-encoding
gzip
/
track.adform.net/csimpr/ Frame AD58 		35 B
414 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33897026&csi=cckiVjMENFScy_KC6zBKOkUz_jjKUF7kYP5X1hnnqcRNBB91lsK-cdvKu1BAT_uG0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
29567951.gif
s1.adform.net/Banners/29567951/ Frame AD58 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/29567951/29567951.gif?bv=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae1d335558df5188d04d58d4597c45c7ded211555293c7a912c3facfb421d847
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
last-modified
Thu, 03 Jan 2019 07:09:06 GMT
server
nginx
status
200
etag
"5c2db512-b509"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
46345
truncated
/ Frame B0EA 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a619552f529900f0c98a10775397188dceb9de77feec7c232ef0669c83cdf11

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 5371 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteVgh6D5DQsVtm_EnFAxlrQNFwIenaF17yebbUDGaMMdZSE579ZT3dSX1LrTHmuU6NFRTaNaywIoIXDHbWyM9fEF26hbe9lGhpTTn7Up8&sig=Cg0ArKJSzJ-adKCYuzMjEAE&adk=2202190646&tt=-1&bs=1600%2C1200&mtos=1100,1100,1100,1100,1100&tos=1100,0,0,0,0&p=550,80,1150,240&mcvt=1100&rs=0&ht=0&tfs=259&tls=1359&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&lm=2&rst=1573961120553&dlt&rpt=415&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C17553&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-2-10-3-9-9-0-0-0&tvt=1357&is=160%2C600&iframe_loc=http%3A%2F%2Fahsqutes.monster%2F&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame B0EA 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
841fdab7f32afcfead28e8e8041bcca501737464f8b359ddcf3d4ba12cb121b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 02:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3091
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19298
x-xss-protection
0
server
cafe
etag
2436006143369225866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Nov 2019 03:33:51 GMT
csi
csi.gstatic.com/ Frame B0EA 		0
304 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~k32ftagh&chm=1&ctx=2&gqid=ob3QXdC2OZv03wO3nYzoCA&qqid=CNnAwYym8OUCFdWXdwodbukAfg&met.4=fb.j~lb.20~ol.21~idt.ys~dt.-37&met.3=197.1y~123.1y_2~117.21~118.26~118.26~118.28~113.2i_2~112.2h_3&met.1=1.k32ftae0~14.0~15.0~16.0~17.0~18.0~19.0~20.20~21.20~22.15~23.15&met.7=CCIQBBgBIBMoEzAlOBJoE3AkeDmwAQG4AQM~CCoQChgBIBMoEzAjOA8~CAQQBhgBIBQoFDAdOAloFHAaeKG3AoABsrYCiAGytgKwAQG4AQM~CCgQChgBIE8oTzBWOAdoT3BVeJaYAYAB4pYBiAHgjQOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A94E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOTRkqBlrzOuPYBlHCkvBfe5mlaOK7ApHPB2AAD3a-wCdNFWuX4JJa7eCVBQzgPL_--P5On8xpGipkTD-YTnw0jben44IoEyPfqkL9IPo&sig=Cg0ArKJSzJtkU4SoUXXMEAE&adk=3602213626&tt=-1&bs=1600%2C1200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&p=550,1290,800,1590&mcvt=1025&rs=0&ht=0&tfs=200&tls=1225&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&lm=2&rst=1573961120567&dlt&rpt=409&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C17553&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-10-2-9-9-0-0-0&tvt=1225&is=300%2C250&iframe_loc=http%3A%2F%2Fahsqutes.monster%2F&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C5FF 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrLIaXgKIV-5Y9sHlSXGGgibT2TLNgX7kC0NyFs_cq7SBhiSNvdS-bv2gxLJNBWX0DL4MaPT_5GyATMVZmOwAQgXlWrmDmZC-NwJfF1VI&sig=Cg0ArKJSzNfMByEfG4I-EAE&adk=2153563070&tt=-1&bs=1600%2C1200&mtos=118,1047,1047,1047,1047&tos=118,929,0,0,0&p=8,650,262,950&mcvt=1047&rs=0&ht=0&tfs=182&tls=1229&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1573961120539&dlt&rpt=765&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C17553&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-2-11-2-10-10-0-0-0&tvt=1228&is=300%2C250&iframe_loc=http%3A%2F%2Fahsqutes.monster%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
contents
cms.insticator.com/v3/ Frame 3C50 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.insticator.com/v3/contents?embed_uuid=4d333009-52e2-4de9-974f-654573ecd838&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=10
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6673584acd592fe9e5201dbb1f74de18107dbeedb12045a3d731bbabbcd997

Request headers

Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
cf-ray
536e98d7ecc9cbc8-VIE
logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:58 GMT
server
AmazonS3
age
15598
etag
"31605596be6a56e2ccc39b5ddc16be95"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Sun, 17 Nov 2019 00:22:36 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
21163
x-amz-cf-id
mYEDoV4uwzSk7xpTXy0lBBtPlbJp5NM8huzBBLQkvEDQNHwJjFVR6Q==
QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 3C50 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
http://ahsqutes.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 11:09:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:40 GMT
server
sffe
age
404172
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16608
x-xss-protection
0
expires
Wed, 11 Nov 2020 11:09:10 GMT
QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 3C50 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
http://ahsqutes.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 11:09:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:19:14 GMT
server
sffe
age
404174
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15112
x-xss-protection
0
expires
Wed, 11 Nov 2020 11:09:08 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 3C50 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
http://ahsqutes.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 Nov 2019 03:25:22 GMT
last-modified
Fri, 02 Nov 2018 15:17:39 GMT
server
NetDNA-cache/2.2
status
200
etag
"fb493903265cad425ccdf8e04fc2de61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73852
/
track.adform.net/serving/unload/ Frame C5FF 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472739@@33897025,8800013178402520204,100|1008|0|0|0|0|0|0|0||39|0|31|3dc46746bf32ee91c95e844eead51533a14eb162_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame C5FF 		35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=33897025&event=178&time=2&baid=29567937&name=Viewable%20impressions&imprid=8800013178402520204&icid=-4415780301758472739&eData=S-GAKV_bkCiEX-7opYMus6AdzeIWYglKOEzO5dGpk2_jBtgD1e_6sNGTMVMgdDG8uox1--LwR4T7J_IUW2UKpQ2&rnd=925381462&rtbwp=97B1513AD7D1F0F6&rtbdata=_MAPmNXtQJlWXT0w81RGkBRICIRurM1RQzG9BI9K8ytGD4dyTmpisAZ8PqFSlFVevegmrA1nYCSrL8-HubREkQz5x7Yf3PT5XvDE02VSXrZnqKPrgGQv8n0b9iomsdUMkJsJvsm07VhNpaWep0Smk21VAUGzIogaeZrDbiiGaaDC8qkc0L0AiDhevwPiR9SkHCnbeUpnIV1VdfrmWBpOcr5XAAjC4VxEMBpZ-fI4ywEmD6wnd_qIQl7P2HjoimDYzBkkRKE1E7t6KHLXtwwDKw2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:22 GMT
server
nginx
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
event
event.insticator.com/v1/ Frame 3C50 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json

Response headers

date
Sun, 17 Nov 2019 03:25:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
201
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-origin
http://ahsqutes.monster
access-control-allow-credentials
true
cf-ray
536e98dac89fcbc8-VIE
content-length
0
null
ahsqutes.monster/ Frame 3C50 		268 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ahsqutes.monster/null
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
HTTP/1.1
Server
91.149.209.42 Zawiercie, Poland, ASN34702 (WAVECOM-AS, EE),
Reverse DNS
mail.ahsqutes.monster
Software
Apache /
Resource Hash
d25d0db9c946e5a0532635a00800b6866bfaeeea249cf14b4ee7801dba258f90

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 01:23:12 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Content-Length
222
logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C50 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:fa00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 23:05:00 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified
Tue, 21 Aug 2018 23:56:52 GMT
server
AmazonS3
age
10966
etag
"9be4d53630dea437d62f2a2441634674"
x-cache
Hit from cloudfront
x-amz-version-id
6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/gif
content-length
4769
x-amz-cf-id
gPMaRk3CoXwmrKhuAwfcroZepXlGZbtdOl6DrsEMQwrzpuFGsaFFTw==
14582f81-7236-4a3d-989f-d04f71cf8a3d
d3lcz8vpax4lo2.cloudfront.net/client_images/2e70b4d2-0a5d-4cb1-a001-4c13ea7cc13b/ Frame 3C50 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/client_images/2e70b4d2-0a5d-4cb1-a001-4c13ea7cc13b/14582f81-7236-4a3d-989f-d04f71cf8a3d
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:ca00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aab7abeb614ae883cc44df384af0a6ac9f6a3ed0180da2b7adee99a1edee724f

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 16 Nov 2019 22:06:39 GMT
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2019 09:05:29 GMT
server
AmazonS3
age
19124
etag
"8795d3f334baa997eef105d4858cfc14"
x-cache
Hit from cloudfront
x-amz-version-id
AVhG_UWbsB_3I2W.uhSf8csqbsY_NU7p
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
content-length
33192
x-amz-cf-id
Rgo2Vix3L2OLT5bfx1DmB86SmC49VILtr1mgX1kjwuRvSmOvRxUaOA==
QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ Frame 3C50 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3x4X8mNhNy_r-Kw.woff2
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Origin
http://ahsqutes.monster
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 28 Oct 2019 17:55:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:19 GMT
server
sffe
age
1675771
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16576
x-xss-protection
0
expires
Tue, 27 Oct 2020 17:55:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AD58 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi40gPhkG3_j3opbJ8w829h9azkIT5QS8jBO4J-6PbGGgczvM9cczAjj5wkVg9_O42SInFTCQ50yvvzZ9IokaxWBX58B8ngZ77VM3XAtU&sig=Cg0ArKJSzGYqHS6ZZQuyEAE&adk=1078271786&tt=-1&bs=1600%2C1200&mtos=101,1029,1029,1029,1029&tos=101,928,0,0,0&p=586,0,603,160&gcm=1&lcs=1&mcvt=1029&rs=0&ht=0&tfs=102&tls=1131&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1573961121730&dlt&rpt=174&isd=0&msd&ext&imams=1&xdi=0&msp=1&ps=1600%2C17553&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-12-2-11-11-0-0-0&tvt=1131&is=160%2C600&iframe_loc=http%3A%2F%2Fahsqutes.monster%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 457D 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5pY--VPPlcw5sgVCiMnkMZSPexGlqYbfLXY3z31DbMde54a6JRTZC8Oh32IAbXm2IhBfiJqMbyaNtat68DFkWJDltiXNb10C6ZvUMn7U&sig=Cg0ArKJSzDBuLNsa85fdEAE&adk=1472740992&tt=-1&bs=1600%2C1200&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&p=0,0,250,300&mcvt=1080&rs=0&ht=0&tfs=226&tls=1306&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1573961121760&dlt&rpt=73&isd=0&msd&ext&imams=1&xdi=0&ps=1600%2C17553&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-13-3-12-12-0-0-0&tvt=1304&is=300%2C250&iframe_loc=http%3A%2F%2Fahsqutes.monster%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set iframe
sync.teads.tv/ Frame 93A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://sync.teads.tv/iframe?hb_provider=prebid&hb_version=2.38.0&
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

Host
sync.teads.tv
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
tt_viewer=ec68b5fb-4932-40a2-a739-27a8341c4bd6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html; charset=UTF-8
Server
akka-http/10.1.5
Content-Length
153
Expires
Sun, 17 Nov 2019 03:25:23 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:23 GMT
Connection
keep-alive
Set-Cookie
tt_exelate=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Mon, 18 Nov 2019 03:25:23 GMT; Domain=.teads.tv; SameSite=None
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4884 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
uuid2=1566499650083963733; icu=ChgIv_lfEAoYAiACKAIwo_vC7gU4AkACSAIKGAiYgmIQChgBIAEoATCh-8LuBTgBQAFIARCj-8LuBRgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:23 GMT
Age
8876608
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1240864
X-Timer
S1573961123.165434,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B685 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses15=293666^1; vis15=293666^1; ses10=293666^1; vis10=293666^1; ses9=293666^1; vis9=293666^1; khaos=K32FT8BO-M-LSCW; audit=1|hLZGFuTafB0s4xuBaOYnsu99qzxPzGzonITxICO7pPlqKvBQZEfv1JcEvuk1xUTmPMww3yJNycgi+YQF72mVac9VYJ5j8Liy; pux=1512%3D86572%262249%3D86572%262307%3D86572%262974%3D86572%263778%3D86572%26idl%3D86572%26goog%3D86572%26brx%3D86572%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67895
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:23 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E1DE
Redirect Chain
  • http://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.172.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-121-172-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
cookie
tluid=8322220661336091748; tlcookieable=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:23 GMT
content-type
text/html; charset=utf-8
content-length
516
set-cookie
sync=CgoI4gEQj4uTu-ctCgoI5gEQj4uTu-ctCgkICRCPi5O75y0KCgipARCPi5O75y0KCQg5EI-Lk7vnLQoJCDoQj4uTu-ctCgkICxCPi5O75y0KCgjOARCPi5O75y0KCgiOARCPi5O75y0KCQgfEI-Lk7vnLQ==; Max-Age=7776000; Expires=Sat, 15 Feb 2020 03:25:23 GMT; Path=/sync; Domain=.3lift.com tluid=8322220661336091748; Max-Age=7776000; Expires=Sat, 15 Feb 2020 03:25:23 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Sun, 17 Nov 2019 03:14:02 GMT
Last-Modified
Sun, 17 Nov 2019 03:14:02 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
c4752e7
X-Served-By
impression-bus5.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
PxnO2kn0f-eBTG05B7Xfw2K7QU1MYMG1RkkBlB9tm1zyQ8S7EYgjdQ==
Age
680
sync
ups.analytics.yahoo.com/ups/55965/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.167.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-167-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Sun, 17 Nov 2019 03:25:23 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Sun, 17 Nov 2019 03:25:23 GMT
location
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=ttL_seHS-rKuhP-1sIC2srTUormugv25tIbfPcGn&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.23.112 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-23-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
  • https://pr-bh.ybp.yahoo.com/sync/adtech/1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e?gdpr=1&gdpr_consent=
  • https://pixel.advertising.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.167.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-167-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Sun, 17 Nov 2019 03:25:23 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Sun, 17 Nov 2019 03:25:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-iDgTYNJ1lxlgnzWTpAaMU7kPYvfaP_kJTMx5&_origin=0&nsync=0&apid=1Ae1a6e0cc-08e9-11ea-8c9a-1222202f268e
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
aol-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ae1a6d7d0-08e9-11ea-b794-12e1ea48904a&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
track.adform.net/serving/unload/ Frame AD58 		35 B
423 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472739@@33897026,2128267341242824497,100|1181|0|0|0|0|0|0|0||59|0|1538|82C898464D3CD423_1|||1|0|0||||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame AD58 		35 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=33897026&event=178&time=2&baid=29567951&name=Viewable%20impressions&imprid=2128267341242824497&icid=-4415780301758472739&rnd=644150095&rtbwp=XdC9oQAAAAAxVhNDbsDBCfJFi35doDgkXXL9mA&rtbdata=B8QJFj_s5v7j02oVE6Bj8i3YDqaJ9wignjySi_tRYIm9VXO31WDM0fY8IUCZ5qHyyaHE_Jro9uTH4R9EvCb-wa8WDP7Sr35zir-9eh14Yi1eMxMJQhNNW-YCL_CEaWymwfXG6yMx_JrmZ2SlhWZswdDgQjnc4YMX9albwwLI3d8ob9Jgjihn5QWEU34tRho3ikKpBI440-HCSiYAjfTKocAw9nV-VpOComN1-c6UvUo1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:23 GMT
server
nginx
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
/
track.adform.net/serving/unload/ Frame AAD4 		35 B
414 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472739@@33897025,877478752479224116,0|0|0|0|0|0|0|0|0||0|0|31|3fd45d7d6de2146efc3773e7bcf1880a49ea2ba5_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0@@33897025,7002955178017226213,0|0|0|0|0|0|0|0|0||0|0|31|01d8bb2d4b6992f957aff9648a8fb0fee3672b97_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0@@33897025,8800013178402520204,100|4707|0|0|0|0|0|0|0||184|0|31|3dc46746bf32ee91c95e844eead51533a14eb162_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||01|0@@33897025,6042481318762745652,0|0|0|0|0|0|0|0|0||0|0|31|ef988adf2829cad9c2dd7ab10db91c720de16b42_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0@@33897025,546609042418016235,0|0|0|0|0|0|0|0|0||0|0|31|3ec1fd51dcc67ba85ccbab03a0e98c8f9f832f09_1|||1|0|0|F6Gtu_-aqdntM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:26 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame AD58 		35 B
414 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472739@@33897026,2128267341242824497,100|4790|0|0|0|0|0|0|0||240|0|1538|82C898464D3CD423_1|||1|0|0||||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:27 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
http://ahsqutes.monster
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
usync.html
eus.rubiconproject.com/ Frame FF0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67891
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 5D15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:27 GMT
content-type
text/html
set-cookie
__cfduid=d5e795bc0039134568b7431a0cb926dca1573961127; expires=Mon, 16-Nov-20 03:25:27 GMT; path=/; domain=.districtm.io; HttpOnly
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
cf-ray
536e98f6db22274e-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
server
cloudflare
content-encoding
br
Cookie set check.html
biddr.brealtime.com/ Frame E7EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://biddr.brealtime.com/check.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Date
Sun, 17 Nov 2019 03:25:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d02cee3e0fa87d133d416b113fad6a2421573961127; expires=Mon, 16-Nov-20 03:25:27 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
KO38c3CgmmyS60RL80WJwLfZcz0XdOEnFiHev73mc9f6nE6Vv6ib6jclMwbB1edJfll1cPV1NoY=
x-amz-request-id
519C6C4FFA4D8084
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
751
Expires
Sun, 17 Nov 2019 03:26:27 GMT
Cache-Control
public, max-age=60
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
536e98f6fd1f64b5-FRA
Content-Encoding
gzip
Cookie set visitormatch
bh.contextweb.com/ Frame B2C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host
bh.contextweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Cache-Control
private, max-age=0, no-cache, no-store
Content-Language
en
Content-Type
text/html;charset=iso-8859-1
Cw-Server
bh-deployment-stage-0
Expires
-1
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server
Jetty(9.4.7.v20170914)
Set-Cookie
_dbefe=http://10.223.6.185:8080; Path=/
Content-Length
27
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19123-FRA
X-Cache
MISS
X-Cache-Hits
0
Vary
Accept-Encoding
sync.html
cdn.aralego.com/ucfad/cookie/ Frame 4B78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.aralego.com/ucfad/cookie/sync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:2156:5000:e:e6df:4340:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
cdn.aralego.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 01 Aug 2018 11:19:08 GMT
Access-Control-Allow-Credentials
true
CF-Cache-Status
HIT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
521be645eea9dff7-FRA
Content-Encoding
gzip
Expires
Tue, 05 Nov 2019 22:14:02 GMT
ETag
W/"5b61972c-12e"
Date
Sun, 17 Nov 2019 01:53:20 GMT
Cache-Control
max-age=14400
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
OMZCBQBhJ_gyu9zA6cdAZ1wE_FHVMR2v1LCDS6eBIdkBPbCgq-8hlw==
Age
5527
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D810 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Age
8876612
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1240866
X-Timer
S1573961128.508447,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8798 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Age
8876612
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1240867
X-Timer
S1573961128.514337,VS0,VE0
Vary
Accept-Encoding
Cookie set sync_iframe
sync.bfmio.com/ Frame 9ECF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.25.159 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-233-25-159.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Sun, 17 Nov 2019 03:25:27 GMT
Set-Cookie
__io_cid=66e31f852077d819c9fbfd9b8b2df3e974b42934; Domain=.bfmio.com; Max-Age=31536000; Expires=Sun, 15-Nov-2020 22:25:28 GMT-0500; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 5BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
143.204.101.31 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Host
ad-cdn.technoratimedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
4640
Connection
keep-alive
Server
nginx
Access-Control-Allow-Origin
*
Last-Modified
Fri, 18 Oct 2019 19:39:23 GMT
Content-Encoding
gzip
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
698357245
Via
1.1 varnish, 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:10:30 GMT
ETag
"37eb-595347daed0c0"
Cache-Control
max-age=900
Expires
Sun, 17 Nov 2019 03:13:08 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
8RJJ4koegHZmEFZhmuAXDKEN_9GwCSgACSUC2k5mHXqjG2L1M3V0ug==
Age
897
/
ssc-cms.33across.com/ps/ Frame CE8D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dIrPkKFyCr6y4SaKkv7mNO&gdpr_consent=undefined
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.176 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip176.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=dIrPkKFyCr6y4SaKkv7mNO&gdpr_consent=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
2000208
server
33XP004
content-type
image/gif
content-length
43
date
Sun, 17 Nov 2019 03:25:27 GMT
match
ice.360yield.com/ul_cb/ Frame 5371
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ice.360yield.com/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ice.360yield.com/ul_cb/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/ul_cb/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Sun, 17 Nov 2019 03:25:27 GMT
content-type
text/plain
content-length
0
location
https://ice.360yield.com:443/ul_cb/match?external_user_id=5768739818428743815&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
ad.360yield.com/ Frame 5371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&google_tc=
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESELd8oDEl5jz5fGysFIJmkXA&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESELd8oDEl5jz5fGysFIJmkXA&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:27 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESELd8oDEl5jz5fGysFIJmkXA&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
match.360yield.com/ Frame 5371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm=&publisher_dsp_id=340&google_tc=
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:27 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ Frame A94E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&google_tc=
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESEK_sH_l_fOgxq94dx6tPfOI&google_cver=1
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESEK_sH_l_fOgxq94dx6tPfOI&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:27 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESEK_sH_l_fOgxq94dx6tPfOI&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
match.360yield.com/ Frame A94E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm=&publisher_dsp_id=340&google_tc=
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESED-uyS04UFlvPywozvc24JQ&google_cver=1
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESED-uyS04UFlvPywozvc24JQ&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:27 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESED-uyS04UFlvPywozvc24JQ&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ice.360yield.com/ Frame A94E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:29 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid
55261b7e-e3ae-4c48-9a80-19b1a6e7905a
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 21F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
uuid2=5768739818428743815
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Age
8876612
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1240868
X-Timer
S1573961128.530321,VS0,VE0
Vary
Accept-Encoding
sync.html
cdn.aralego.com/ucfad/cookie/ Frame 5665 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.aralego.com/ucfad/cookie/sync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:2156:5000:e:e6df:4340:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
cdn.aralego.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 01 Aug 2018 11:19:08 GMT
Access-Control-Allow-Credentials
true
CF-Cache-Status
HIT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
521be645eea9dff7-FRA
Content-Encoding
gzip
Expires
Tue, 05 Nov 2019 22:14:02 GMT
ETag
W/"5b61972c-12e"
Date
Sun, 17 Nov 2019 01:53:20 GMT
Cache-Control
max-age=14400
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
5XXfwfoJ37upFYqirByW2qqGgxJCerQM-huZYdq3MBT595GhdnnTHA==
Age
5527
index.html
cdn.districtm.io/ids/ Frame C84C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:27 GMT
content-type
text/html
set-cookie
__cfduid=d5e795bc0039134568b7431a0cb926dca1573961127; expires=Mon, 16-Nov-20 03:25:27 GMT; path=/; domain=.districtm.io; HttpOnly
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
cf-ray
536e98f73b3c274e-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
server
cloudflare
content-encoding
br
visitormatch
bh.contextweb.com/ Frame DD93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host
bh.contextweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
_dbefe=http://10.223.6.185:8080
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Cache-Control
private, max-age=0, no-cache, no-store
Content-Language
en
Content-Type
text/html;charset=iso-8859-1
Cw-Server
bh-deployment-stage-0
Expires
-1
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server
Jetty(9.4.7.v20170914)
Content-Length
27
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19123-FRA
X-Cache
MISS
X-Cache-Hits
0
Vary
Accept-Encoding
Cookie set sync_iframe
sync.bfmio.com/ Frame 4736 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.25.159 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-233-25-159.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Sun, 17 Nov 2019 03:25:49 GMT
Set-Cookie
__io_cid=ca6f930a796aba48b2ab6169c19c868dac73741d; Domain=.bfmio.com; Max-Age=31536000; Expires=Mon, 16-Nov-2020 03:25:50 GMT+0000; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 644C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
143.204.101.31 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Host
ad-cdn.technoratimedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
4640
Connection
keep-alive
Server
nginx
Access-Control-Allow-Origin
*
Last-Modified
Fri, 18 Oct 2019 19:39:23 GMT
Content-Encoding
gzip
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
646118564
Via
1.1 varnish, 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:10:47 GMT
ETag
"37eb-595347daed0c0"
Cache-Control
max-age=900
Expires
Sun, 17 Nov 2019 03:13:08 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
2819mHAqUXHgWTYt4_PPw7GsSfk7JAxgKL9fm8V9vOslYYTxASZvWA==
Age
897
usync.html
eus.rubiconproject.com/ Frame FB80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67891
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 8DCE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://biddr.brealtime.com/check.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d02cee3e0fa87d133d416b113fad6a2421573961127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Date
Sun, 17 Nov 2019 03:25:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
KO38c3CgmmyS60RL80WJwLfZcz0XdOEnFiHev73mc9f6nE6Vv6ib6jclMwbB1edJfll1cPV1NoY=
x-amz-request-id
519C6C4FFA4D8084
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
751
Expires
Sun, 17 Nov 2019 03:26:27 GMT
Cache-Control
public, max-age=60
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
536e98f74d3e64b5-FRA
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F3F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
uuid2=5768739818428743815
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:27 GMT
Age
8876612
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19146-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1240869
X-Timer
S1573961128.573657,VS0,VE0
Vary
Accept-Encoding
match
match.360yield.com/ Frame 41FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RvBycdoASduQgTWubtzvNQ&google_cm&publisher_dsp_id=340
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:28 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEP-m76JeC_QpAwpYI7YkH98&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ice.360yield.com/ Frame 41FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma
no-cache
Date
Sun, 17 Nov 2019 03:25:30 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid
f10cfa0f-2e37-4b83-acc4-6b32d8b15a54
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ice.360yield.com/match?external_user_id=1481761151756769786&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ad.360yield.com/ Frame 41FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESECKTLF5ZTk7exfXL_zedad0&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESECKTLF5ZTk7exfXL_zedad0&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Sun, 17 Nov 2019 03:25:28 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5SPIOqGozRCLAAAENCv-AAAAsvAAA&external_user_id=CAESECKTLF5ZTk7exfXL_zedad0&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 551F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
uuid2=1481761151756769786
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:28 GMT
Age
8876612
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19172-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1250680
X-Timer
S1573961128.358984,VS0,VE0
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame A47B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ahsqutes.monster/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d5e795bc0039134568b7431a0cb926dca1573961127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

status
200
date
Sun, 17 Nov 2019 03:25:28 GMT
content-type
text/html
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
cf-ray
536e98fc3cbb274e-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
server
cloudflare
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 092A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
uuid2=1481761151756769786
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:28 GMT
Age
8876613
Connection
keep-alive
X-Served-By
cache-jfk8124-JFK, cache-fra19137-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 1881910
X-Timer
S1573961129.564446,VS0,VE0
Vary
Accept-Encoding
Cookie set sync_iframe
sync.bfmio.com/ Frame DC4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=4f8e8dde-a131-4603-f49c-8b10b480b496&gdpr=0&gc=&gce=1
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.25.159 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-233-25-159.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
__io_cid=ca6f930a796aba48b2ab6169c19c868dac73741d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Sun, 17 Nov 2019 03:25:28 GMT
Set-Cookie
__io_cid=ca6f930a796aba48b2ab6169c19c868dac73741d; Domain=.bfmio.com; Expires=Mon, 16-Nov-2020 03:25:28 GMT; Path=/
Content-Length
929
Connection
keep-alive
check.html
biddr.brealtime.com/ Frame 91C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://biddr.brealtime.com/check.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d02cee3e0fa87d133d416b113fad6a2421573961127; dt=2019-11-17T03:25:27.577Z
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Date
Sun, 17 Nov 2019 03:25:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
KO38c3CgmmyS60RL80WJwLfZcz0XdOEnFiHev73mc9f6nE6Vv6ib6jclMwbB1edJfll1cPV1NoY=
x-amz-request-id
519C6C4FFA4D8084
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status
HIT
Age
752
Expires
Sun, 17 Nov 2019 03:26:28 GMT
Cache-Control
public, max-age=60
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
536e98fec8ba63bf-FRA
Content-Encoding
gzip
visitormatch
bh.contextweb.com/ Frame CAEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host
bh.contextweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Cookie
_dbefe=http://10.223.6.185:8080
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Cache-Control
private, max-age=0, no-cache, no-store
Content-Language
en
Content-Type
text/html;charset=iso-8859-1
Cw-Server
bh-deployment-stage-0
Expires
-1
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server
Jetty(9.4.7.v20170914)
Content-Length
27
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:25:28 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19123-FRA
X-Cache
MISS
X-Cache-Hits
0
Vary
Accept-Encoding
sync.html
cdn.aralego.com/ucfad/cookie/ Frame 1A0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.aralego.com/ucfad/cookie/sync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
2600:9000:2156:5000:e:e6df:4340:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
cdn.aralego.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
sspid=9b2b89a1-c273-4308-a196-ece195a6e00c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 01 Aug 2018 11:19:08 GMT
Access-Control-Allow-Credentials
true
CF-Cache-Status
HIT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
521be645eea9dff7-FRA
Content-Encoding
gzip
Expires
Tue, 05 Nov 2019 22:14:02 GMT
ETag
W/"5b61972c-12e"
Date
Sun, 17 Nov 2019 01:53:20 GMT
Cache-Control
max-age=14400
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
biMjKr9aWbgo_8lWBbsF-ErvH4Wh3jyHpoc_Zcue4-gHUMhmbdrywg==
Age
5528
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 4577 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_2.38.0
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Server
143.204.101.31 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Host
ad-cdn.technoratimedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate
Cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ahsqutes.monster/

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
4640
Connection
keep-alive
Server
nginx
Access-Control-Allow-Origin
*
Last-Modified
Fri, 18 Oct 2019 19:39:23 GMT
Content-Encoding
gzip
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
X-Varnish
698357245
Via
1.1 varnish, 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Date
Sun, 17 Nov 2019 03:10:30 GMT
ETag
"37eb-595347daed0c0"
Cache-Control
max-age=900
Expires
Sun, 17 Nov 2019 03:13:08 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
BLk7yDUInZAETsTdyxRDrjO0zjq5hqoPS4mlvF0NgesAKZDYneECYw==
Age
898
usync.html
eus.rubiconproject.com/ Frame DFCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ahsqutes.monster
URL: http://ahsqutes.monster/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ahsqutes.monster/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://ahsqutes.monster/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:32 GMT
Content-Encoding
gzip
Content-Length
7456
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=67890
Expires
Sun, 17 Nov 2019 22:16:58 GMT
Date
Sun, 17 Nov 2019 03:25:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-geo.s-onetag.com/ 		23 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://onetag-geo.s-onetag.com/
Requested by
Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol
HTTP/1.1
Server
2600:9000:2156:b400:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 Nov 2019 03:25:29 GMT
Via
1.1 7419ebe6dc61a036c7f081375facfd52.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA54, FRA50-C1
x-amzn-RequestId
a83237e1-b153-4b89-8006-9fb53ca3639d
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
x-amz-apigw-id
DSKSeHfpSK4FgMw=
Content-Length
23
X-Amz-Cf-Id
PLPDXHsiFeyaRD9td_xACWZSWHrkHO05CpeU3PqHANDozSlP_WaJaA==
g
rtb.connatix.com/ 		113 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rtb.connatix.com/g?c_pw=455&c_ph=256&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=http%3A%2F%2Fahsqutes.monster%2F&c_ivt=0&connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&notServed=false&xplr=true&c_s=false&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&gdpr=1&med_id=930629&req_no=2&v=1&c_pt=1&c_f=[{id:14449,r:1,i:0,f:1},{id:14451,r:1,i:0,f:1},{id:14547,r:4,i:0,f:1}]&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1&callback=cnxJSONP_33f629d801c69b9539681573961129764
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
52.86.189.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-189-110.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
4da3e3e402434698fee0e22daed4d09821e75451dd0ca0e03a5f54040c2ea6bd

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:29 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
113
g
rtb.connatix.com/ 		113 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rtb.connatix.com/g?c_pw=455&c_ph=256&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=http%3A%2F%2Fahsqutes.monster%2F&c_ivt=0&connatix_sess=2_WBcB0pRVe3iQ8JNVixa_-w_cV32jOo7nCQSdfjagA6EtZWpOmcoDP2sB1in78hA44VnB19HPevyBx4r8V3ecqE-OvPOfiHgZZNJUYHB891YKR5bHT2PD4ZVAHAZiPdKE5HLDoiFW089fw4htd0PJ26q9FaTXJrY0pVG5ODzIxR82bPJgSuN1V_Ab2sxESS&notServed=false&xplr=true&c_s=false&c_pl=t3dWNFVIL1yf0mvC04CDuORPuKqinMCDzSHFZm6LPXWL4mhrIk-Je9PxaJivEmHEOERh0bG_EUpgbNtQSdfHecCeVadKh2TXBB9G5fgmbnSopOelce5oeeD7JsXtf19PARLB4bhYUsxlXRL255nH5sprk-i19SIyjH5r7jQ1sFXbesGkvAKuzqPdAUGKhwH-dP2P7A06Ufr59h-wZU9lKJUKW_Inc9tlutfyxFypM3o&gdpr=1&med_id=930629&req_no=3&v=2&c_pt=1&c_f=[{id:14447,r:1,i:0,f:1},{id:14453,r:1,i:0,f:1},{id:14545,r:4,i:0,f:1}]&p=http%3A%2F%2Fahsqutes.monster%2F&c_v=1806_0_0_0_1&spp=1&callback=cnxJSONP_a18a028bcce099bf0dee1573961129975
Requested by
Host: db356nau468gk.cloudfront.net
URL: http://db356nau468gk.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
52.86.189.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-189-110.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
917c516d1a7ce35e303e49d8d4f15f908d87205d20a2ffa44babe9dc2659be51

Request headers

Referer
http://ahsqutes.monster/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2019 03:25:30 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
114

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga function| getOutboundLink object| _comscore object| _qevents function| __cmp object| elem object| scpt number| is_home function| convertEntities object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions object| __twttrll object| twttr object| __twttr function| $ function| jQuery number| googleLT_ object| google object| ca function| google_exportSymbol function| google_exportProperty number| _sf_startpt object| blocks object| hPage boolean| mobile object| googD object| adUnits boolean| noScr boolean| oldH object| ccScr object| pbScr undefined| r number| z function| initPage function| initAdserver function| adh function| innerScr function| scrBuild function| scrL function| scrR function| scrVis object| apstag number| ord object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| __underground object| __connect number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| __s object| instgrm boolean| apstagLOADED function| getArchiveDate object| FB function| pbjsChunk object| pbjs object| __core-js_shared__ object| wpBannerizeJavascriptLocalization function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| WPBannerizeJavascript string| ggv2id object| ua_result function| __cmpui function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ggevents undefined| bean object| GUMGUM object| ggData object| top970flexDH object| TopInnerRailDH object| MidInnerRailDH object| BotInnerRailDH object| RightOuterLargeDH object| LeftOuterLargeDH object| RightOuterSmallDH object| LeftOuterSmallDH object| InArticle1DH object| InArticle2DH object| InArticle3DH object| InArticleM1MH object| InArticleM2MH object| InArticleM3MH object| InArticleM4MH object| InArticleM5MH object| InArticleM6MH object| BelowCarouselMH object| UnderVideoMH object| UnderVideo2MH object| AdhesionMMH boolean| google_noFetch object| cnxUmm object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval string| cnxPageGuid number| spp object| cnxJSONP_824093174cd082bedc5b1573961119368 number| google_unique_id object| cnxJSONP_8c6cb11086a3c921bc201573961119709 object| cnxJSONP_d489758f1ea8334f77cc1573961119950 object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| insticatorUserTrackingMessage object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| NSTCTR function| cnxAddEventListener

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ahsqutes.monster/ Name: _gat_gtag_UA_86316_1
Value: 1
ahsqutes.monster/ Name: _cmpQcif3pcsupported
Value: 1
.ahsqutes.monster/ Name: _gid
Value: GA1.2.1010882067.1573961118
.ahsqutes.monster/ Name: _ga
Value: GA1.2.1556147499.1573961118

26 Console Messages

Source Level URL
Text
console-api warning URL: http://tradecraft.s.llnwi.net/v1/pub/adap.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://static.quantcast.mgr.consensu.org/v26/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
dom ready!
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
session: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Send pageview now
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Prepare to load embed: 4d333009-52e2-4de9-974f-654573ecd838
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
dom ready!
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
session: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
pageview have been sent or scheduled
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
dom not ready, set up listener
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
topFrame: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
params: [object URLSearchParams]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
session: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
pageview have been sent or scheduled
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/4d333009-52e2-4de9-974f-654573ecd838.js(Line 1)
Message:
%s EMBED VERSION: 4.5.8.0
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 1)
Message:
formatedPageview: {"timestamp":"2019-11-17T03:25:20.694Z","user_data":{"session_details":{"id":"ebdb1cf5-9c12-48f6-80ae-319f1cfc1a82","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"2cdf4c71-ad6c-487e-b43a-8f1af912284a","page_url":"http://ahsqutes.monster/","hostname":"ahsqutes.monster"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"EMBED_AND_AD","ads":["div-insticator-ad-1","div-insticator-ad-2","div-insticator-ad-7","div-insticator-ad-3"],"embed":["4d333009-52e2-4de9-974f-654573ecd838"]}}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a3226.casalemedia.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ahsqutes.monster
ajax.googleapis.com
aol-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
assets.revcontent.com
audit.quantcast.mgr.consensu.org
b.scorecardresearch.com
b1sync.zemanta.com
b2c.insticator.com
beacon-eu2.rubiconproject.com
beacon.s-onetag.com
bh.contextweb.com
bid.contextweb.com
biddr.brealtime.com
bttrack.com
c.amazon-adsystem.com
c.ingage.tech
cdn.aralego.com
cdn.connatix.com
cdn.districtm.io
cdn.jsdelivr.net
cdn.revcontent.com
cdn01.cdn.justjared.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjared.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjared.com
cdn03.cdn.justjaredjr.com
cdn04.cdn.justjared.com
cdns.connatix.com
ck.connatix.com
clarium.global.ssl.fastly.net
cm.g.doubleclick.net
cm.revcontent.com
cms.insticator.com
connatix-d.openx.net
connect.facebook.net
core.connatix.com
csi.gstatic.com
d3lcz8vpax4lo2.cloudfront.net
db356nau468gk.cloudfront.net
df80k0z3fi8zg.cloudfront.net
display.bfmio.com
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
eb2.3lift.com
edge.quantserve.com
eus.rubiconproject.com
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geoip.insticator.com
get.s-onetag.com
googleads.g.doubleclick.net
hb.aralego.com
hb.emxdgt.com
i.clean.gg
i.connatix.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
img.revcontent.com
js.gumgum.com
match.360yield.com
match.adsrvr.org
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.technoratimedia.com
protected-by.clarium.io
quantcast.mgr.consensu.org
rtb.connatix.com
rtb.mfadsrvr.com
rules.quantcount.com
s1.adform.net
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
static.quantcast.mgr.consensu.org
staticxx.facebook.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.bfmio.com
sync.teads.tv
syndication.twitter.com
t.ingage.tech
tlx.3lift.com
tpc.googlesyndication.com
track.adform.net
tradecraft.s.llnwi.net
trends.revcontent.com
trk.connatix.com
ups.analytics.yahoo.com
use.fontawesome.com
vendorlist.consensu.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.justjared.com
x.bidswitch.net
cm.g.doubleclick.net
104.16.190.66
104.17.120.107
104.244.42.8
13.224.196.127
13.224.196.3
13.225.78.126
143.204.101.31
143.204.90.242
151.101.113.194
151.101.114.217
151.101.12.166
151.101.13.108
151.101.14.217
151.139.128.10
152.199.22.24
162.210.196.208
172.217.18.2
172.217.22.66
178.162.133.150
178.79.227.76
18.195.171.24
18.195.61.72
18.196.104.43
18.196.130.47
18.203.21.2
185.33.223.210
185.80.38.195
192.132.33.46
2.16.186.80
2.18.232.7
2.18.234.21
208.100.17.172
208.100.17.176
23.111.9.35
23.37.55.184
2600:9000:20eb:ac00:1e:48a3:1500:21
2600:9000:20eb:fa00:10:3422:3f00:21
2600:9000:2156:1400:1f:287:d20a:ce1
2600:9000:2156:2000:9:46dc:4700:93a1
2600:9000:2156:4200:6:44e3:f8c0:93a1
2600:9000:2156:5000:e:e6df:4340:93a1
2600:9000:2156:b400:5:ae3a:ba00:93a1
2600:9000:2156:e800:5:9a4c:9b00:93a1
2600:9000:2156:fe00:0:a223:1e40:93a1
2600:9000:21f3:200:9:46dc:4700:93a1
2600:9000:21f3:7600:6:266a:9940:21
2600:9000:21f3:ca00:1c:386f:ec80:21
2600:9000:21f3:fc00:1:af78:4c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:180b
2606:4700::6810:5814
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:806::2008
2a00:1450:4001:815::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a00:1450:4001:821::2003
2a00:1450:4001:825::2002
2a00:1450:4001:825::200a
2a00:1450:4006:802::2003
2a00:1450:400c:c00::9c
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
3.121.172.124
3.233.25.159
34.195.95.173
34.198.184.44
34.95.120.147
35.156.24.221
35.158.167.38
35.236.211.40
37.157.2.235
37.157.5.72
52.209.131.99
52.222.174.190
52.28.69.126
52.3.239.25
52.4.113.87
52.58.97.76
52.59.13.16
52.86.189.110
54.175.237.245
62.149.0.72
63.32.23.112
64.202.112.95
69.16.175.10
69.16.175.42
69.173.144.141
69.173.144.153
72.251.249.13
74.214.194.133
91.149.209.42
91.228.74.134
91.228.74.168
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
01e589935d6e8f3e2724760655417aaa35a7e9f8afddd65a5d9b29c9722c43b4
024a91c385ab0cd81ae0a56df5867f302494beddd2d3c26be281d324a6f3e67c
0286c3340134882bfbe2226f5078e351caa71e9f8884de418f813f8a980b8ba4
0306aca6920f514fcc85aa7fa47965f75c5429b19f182276551250c83822aa51
03e32b1dddc88a316aed9d170f0a7b230ebf796d8a4331898cf990484db8881d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077e59ac722019e0681c687fded5d985dd1e210f41bcebe27ac780a5e7ba719e
08133d0ee648738d6facda4033282f85fae771b15960105b196edfbb9af06d8b
0ae091d6b529a28c0080dd4e376a97d1c246a0d9187095ef0242168b5d09d74b
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
0ee0c4c88d6852a101cfed63a9c40d37258bfc4c457330809d39571d6b025e42
0ee850e2f2c57427277b5565f2431698985d60b2775962f314f1cac3de1c77fb
0f4bdf81adeb6ac5b68e736f54aa530b775b8c035fadfa625f34735c4c2278d6
10e1119592f35f71fd1e6697049e714b31ac02d9ece240a50801b54397683699
11172accb43b9305b4b01813d553a2a83b69708e455ef48d9f2b8be727636a0b
122a3f8200b30e31f7a4991e0f4e4e980c6c8609b2c4cda7f43a66f9734cdfd8
1268fa59f9a147bb07010999b030e8a7a27ac0bb1abf2760fa1ac5451eb71e31
129f274cc332fcb0d98e538ea908b85819c4688e78de97f2467f633b20b91f6e
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
154eafe1535b25f6276b63d7dcf0c83b74f01ce5e0581909c28dafd1394e70b1
15813f50bcd9df11643c360765e95947d5e6b5f88ba9ab921bb7adfb43fcbd24
159977df8663bca9f6436986c4a88da5314ea841ded4a60cc6bc2bc62931d8d7
16673014b568a37171c25bcc56b0fa2187ccd37be6fa65c562c8a5b3708d962a
1b66db6bcc390431341efde148bf1e02b15ce688d58bfe04eb698e7d46e06577
1ba66173d4190b0bf03a803e28101feefea6db94265794bca3a76fc387b4e402
1d1eedbef5e6ed518eba786d6ca7694478879d8e28e705bbe43d3e1162c15ea5
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973
1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4
1ed44c5efb052c83135aaa8c8f5a4129a4f7539fecc10c363e3a6df6b1d7cc28
1f6ba59e0e4b96cbb3e07c3c5d908a62dae632d96714e50c6671cd1df32d1829
1fe3c7d6d5c3c9f69c850cf082eff60c6d44421b86199eaf35ea5e2564e0b30b
218cd0b67ca26b5a6d1891256a4402a9c2ec65a68a039d96d36b17e595ff5285
219047c6e38f96bdc0fb2fc5655c88bd0ee0b990a08f3874075c719d274121dc
23422371c84b69ab4fc65df7b894095cd372f06ff836c4ed4d623bbb475eb248
236a65b4a1fb3531595836c2d7e456b8e6298c896cebaa7d10dfd4db65392dce
23a2ef2fe9a33e76e365bf3e2210e376800da8b466828481fb1726bc9b4c859d
23a3d2127e61ed379997613e69a76129edade1c3776382030d68745e6300278c
23d93d49db0d1774338ed86db0e1b54c964c3fe4f223d4b2004cc7134694fff1
245133e87c0dfc4594954035be9f206ae3be1fa93df8dbcc37bb179315aa3091
26a6c30ef7690378bb39ace54ea999fd88a7c70c1ae5f8123c178b239bc06c30
290f076a9ff4ac0105f7f0e93cd652ab25ce71b4eec181714180874323a90697
29905cd4f825966f1add39ce0a8fa9ad17a6d27f7c623b313423aa9406be267a
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4
2afb6347d51f4151b9bf64f1f0eb86d00129f6aac8b560320fb2a3da6aa449fe
2b82183f3748b9f54971c0488f332ae90f67050f675a747eb765461d15c0108b
2bfd2baed10b43bc72e9f03f83f191a672b21fb77e71b598591426b900c43e76
2c386f50d2a4ba8976deff1b7e651e89cb22ee0f46410ed77581236744ec8527
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
301272b71a2b252dfaaa0e182c5b8a8f8a2807c4d4762d72319fd05e36d15e61
30565b1e406c2b5eed69c41d980781dcbcc8373ddb964a86d5a7cd8645f7e370
324c98482ded981ea3d16b227efc6866e4df648cb21abab4eb51a1928b5b857a
32ec6fa94fb3a73c51265107e5b7b817e59d93c64a82353104823cddce87cf98
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b
33923fc85a084c0adadf8c9366a6a0694d4c9a9791a30ba9ced8066a7df92b30
339b5f6e0159d92acd1b44aa555713d88ddb802ec9477d3140858185e9196283
344599193b13fdf1c86eff77ffbf0f77e83e1b70b4d0a4c363eb3b9e94a9bc8c
353cb80b6329eafa244b4a723090f422c14ec61c5a44e999843aa30748ed33dc
37885904343fccda810a8a5855573c23f422555762998f9d0eb3c0c0e9bebca6
3793848fa6914a0e3ef04f8f03fd38a1445de58703f8d71791515ecb634ef7f3
39ac0089c9d43fa7a8e50879435db5c6b51c79041841ddb5f44a820a077aafe4
3a6dd567e0b6781f2c1c56c8045dcb8063d70820bdeb297628225b5b048e92e5
3ae704991475fe127129855419444420b2126cf88a4b40f4a9c9ef27cdad8911
3c0aa1569f7dad78a4052f8f55c985ba84128e2da0d4fdcf38de3ffcbaf230a9
3d816548b6f66b091ae7c8f1e6b2a2e63bd0e69ee16b3075a38e1ab418e61634
3de8316ce150950ead23dbc3eb1d146eafe1788512acc38c56887e3295a41eab
3f1adb66de76baaca9fd66bd4d6d7e94c3b839f2474a749959efcbac9283227d
3f9f4d384bd881a089b079007ca640162126678ef1e632b37c3e483f51279100
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe
45df18bdacb438598423616ef9b6f85a5d26e1aab8d426209937423d477d80e6
479deaea78a22be3bb4ba1f4f3676454ffc3cfd88a3253285e0696fad7f304c5
47b41d1e7b499d0e79b37b0981ef7191f3b9b5fa95d04c07fbe9a0e796631cd9
4a35763c218b84a555887716ed51b8858b5789fcb632114af526b67964382364
4bf24f49b6bf67beed912087b516b909ec72f0ea400007c84e6077a77e15493d
4c691c9188bf02eaedbe67013b3a713ffb9ac29edfda799eee41ccc671799ca2
4da3e3e402434698fee0e22daed4d09821e75451dd0ca0e03a5f54040c2ea6bd
5005093dd543c0df08b89f3df6b83915f511b16c5cfa468cfb4827a7ed23fe90
50ddbd84eacd8251e8b7c6510735b9bcc7631931b836bd66af79d9c0fae34c9c
52b61ce631146be25679448c127c262a6e59a0f34a2aa5afb7791ec980183890
52eb6f6b1083d8fce690b1bd5bc46fdfaf81bda7c9af91783087bdebee4c9754
5395801022f46f8f036a3f6e3b268e8e55f1cd9a4c31dd36962916dd4eb23bc4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563c3112d49170aa9a38e0d1b10a7c0806fffd809bfd87026ff0a3e5b28e89f5
56c5bb68b668e5b4d1f7f18d9dbc060c9de85befbbbf5e797f75a136a48210f8
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5dfc271356691df3f5d00b2a7045abab98b3ef350876d607c9ef21b4c3e9586c
5e0dd6a4cef855e1aabc211227702ca1fbf63d113858cd808fb569932aa0ba71
61af862bc7caf82c938389b9981a642b662811179aadbab8539f74a799e6c6da
62dbe06ef726114e6b863ce5fdde493268e8ad27791fb50ce864395232f68e1a
63dc8c130dbe500736809bf2da0000f2f841731dddd70db2600af6d33a777fcc
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b
66cb5ac1be6b22f9b0cb08f85da4571b43f3a671cce1132f420a14a4ccf83769
67693018b7f2ef59b1450c65077e9c3680bc6bd8090fd6dd36a3ffb26c03a080
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c230f38f5facfb36110c395d2b47aa3f7240be1d54b9d5d84e49922aafbc5cd
6d108f2f78a4142ac3fc3486d7c61f7ebae70fa14583ecb89834664231b55921
6d5783f621f26ce9d9f954568ff21d24e8f6986910c05388a1f0098a939b38d4
6e4d9bbd321a8300bc12abb7e6b5bdab1870893c0bb4128874d5666da6012753
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7
761db9a30319ab01fd0632c495c1a48017e4837081203baf7ce3a9f4fa88b7e4
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
785bf2b7e6bfe2cae3f1fddeec51c120acafd3ad398bef078bf631ce91a56e2f
78ddd0462a3d3522857c98c91600aaaf784b06cb186149c209cabe7bb905756d
795624f8a6e25872201f4f5d897a6563bc1440bab55802319641a235005fb84e
797bf61e6e667253c0bcf851a7e78d831db1391bb867f53e142243dcc1f84235
797d081d5d1cf52578e5286bb19c0d62adc09b0556171dcec2003b1e80bee59d
79af106adfb6f9119e4ae8ac1d87745c935a07db6eb04916f71aa4f1f5029f51
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7f4bdcf0639118e0a2deeb6191af9c6e63925ba192d1ac669ebcbdbba06c8e2d
7f4d78e76dd38e365b4b83b21628eb99f574f50f93b40b611fa861f3f03bca86
8074ed012e9e87f16dbfdb1449153c7818c40abd44cf7f2e1a2de23f2802904c
8143a28edd6ad544a3dca1fd7ffcf368573fca0922e8e5918aa5d81e88a2aa7e
8277e342d4012bb526f8cf283af2a45475212430aa89f426852055bc4ef5bec3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840eada3a43318aa004a2bd3f766dde2b6870c65dc9850127810ec5bb96a4b3f
841fdab7f32afcfead28e8e8041bcca501737464f8b359ddcf3d4ba12cb121b1
844469e59d0b4b70c9b1a84660a58fe9debbce237b19c741b86550d848dc2e91
84dd1148a7e5e102a94668c018e816dea9ab2f97e888b2be61fdc523bad97b5f
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2
865bdf73e082f1b29bb4b03592359e20347175da6a51d336642a0322090d22fe
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
88289d80341fe22de81d02e2f0b5dff59b1c4f40f0ad6c4d4084170591fdd68f
89c842ab40f25ce3793f85695d4126b8506f63fd77f10957b50e7e4dd5a91c8a
8a5a107bb79520bfe5cffde58be6791c3f66ce34349d89494b269504c556ea6a
8acd24e3ae1e1cf26fb576067611a78e00643a32f3c9c5810629a88a1412ddfc
8c8f04a5eeafa8cebb6feeec4cc14f08ac405accb413836d3aaf98bd5e639b25
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934
8fcfc1b11efe36a9e89116d2a5e49bd86f2426bfc61032c3019ea790021f7e68
917c516d1a7ce35e303e49d8d4f15f908d87205d20a2ffa44babe9dc2659be51
917f5841c0ce31e14f68cae29e9f4d02a5b2cd996a284d83df33c6ef46c6a067
936ab34ec189e627fc7fe38d68af412e29637e155c85d6cf98781e9fc1f9fc56
946dff9524d8dba881422d95271310b42ee3f2b00cd315e588dcfec4f55ca013
970d39cb51862f15dea788a5d3b6f6e47298c62fcbd35005ef45c8396e789ed8
9973beab1b7ed34227ff98e41bec0fba5ef4f6dcfb809a9aa683065d2e47f807
9a619552f529900f0c98a10775397188dceb9de77feec7c232ef0669c83cdf11
9b7040f8ffb6dafdd20542d7eb3b3de6f80569650267673831a686baf4ea480d
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d403c131afb3bc2d19ad15c63c049b5b1381efd75015fcfcfb3c6d2489d6ab1
9e0ff8d9243c4e64b42bd60ac2fd7a32565a785306445beafb808c3a2e4e250b
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9ea611760b8561eb6138a9053f715036c4a5a4424d0cc1246efa8ce02e8dd0f9
9eac52eaa6cb180ed995af876bb5c8eac7f9defeb034b80ba96f7f16b3f3dc86
9ee5de0ddc6aa830699d8db573c6c35cd5adb33908941ceb5d52d18361db4b1e
a0119b951563ee087c6cf42aee7bc95340a62a6151964e6c9f63b22a7dfbc3ff
a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12
a0ce4453fa637641e156899aff2045502a8806c0739c1cda4399f6d5c1d2fc07
a129b9fd8dfefc6acbd30835543cf9c3648cc2dd60cdeb2c07d62831b3adecb1
a171b2d0475189232a4c25d13758611a881a455c988ba5f6d39275f042b5ece2
a25e14865126cb8fb6fba6ec8e05a94bf93b5f999bcc8785a80b54001d120eb5
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8
a4ca2aab7f67fff86ca9da7b1c4d717d22f52f9e69efc9f4f10346dfd78eaa3d
a5193ba3a7a6fcf7f829c7c830d5fa6a8b520962c93677386b350fe860bd5e09
a520fde7ce0c5e4cf7107fb585beb21525d9a78713a8f99f2f9ea3b263c7c33d
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73
a97554ecfbdaeeeabbc928f8e242a6b99cecc51be9e3565b8d808e02e226af86
aa78b2dcd17f734a05acddb454bd496b0e910af5107462b4a1003f8bb3a060de
aab7abeb614ae883cc44df384af0a6ac9f6a3ed0180da2b7adee99a1edee724f
abe25423757ae3e0539bd655e7c72e5167da865799ebde956c9b4bfb025fd562
aca1dbd1d993891da4b29813478d5c88f22aff7cdab776c8730211b6f4a9971e
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
ae1d335558df5188d04d58d4597c45c7ded211555293c7a912c3facfb421d847
ae7776c47f10e298ad0d832f7f47410bc931162fe1e08fc306d89f99908b12f7
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580
b10acc371fbd1064b9d2ff742238edb026c6588da9cb9c07d0592f1edbc2f74f
b11193b4ab434d6679f1f70bb40ce9fe381c758089feea2484bb5081b051df9d
b1201cd72de246ce922d28aac47a1676abb5a6b7dba0cc179b0d095b1aa9715c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ac79fc7ce0bb7dbc3b62ad03984b830f4d0bdaa003f6a6efb9c948db240552
b2be404b3844817f6d65735c35cd833dbe16f3f8fb07a80397475ada9d048758
b393e0b2e78aa7bb6d114f846664ee238e839bcc81c867e501c737edf4e2c8fe
b5ee08b4eac1dceb5fa255694853ba0f568068a2019d568195229ef15530dabc
b751924cbced8e390aa395daa8549041ee4e6e9dacc5ad89e26d918c588bbeae
b8669b8330ce63e0efdf086c26862ecac4d65bde8f347b5e9d3b381f4a984835
b8721fe187922f5982da9ccdf9d9cfcdd2cf6954466d6cdff7abaff43947f207
b8c432a1f6b019a2992d0f34e3a609e613fabc41ca0ed96d8e9bdeb80730da40
b900a698a80c18591a6602318e9a5b1401f507e42e412363c88c78f758d4455b
bb84fcb5f1eb1961ba9120a66f20a59e9b40aada9035dcc59935b69a7d2e2ce0
bc6673584acd592fe9e5201dbb1f74de18107dbeedb12045a3d731bbabbcd997
bc8d9849df9745be6cc4664c239c518cd5ea1504d96087bf02b095136c61bbed
bdf4c71c4527c8079d18e9697897b36bf4458acfa39198be73f6d6fac95a6476
be40753695f080c20770708e19ce7b074a374e537908bb022b607320f6087c39
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c499ce33b2a130245a2e37676df8c9197b81c23c90015c00d36aa7d827e5dce2
c53869876c6542e83b888f35378793083d7c796ea89be2ba0a8d187bc2d251ef
c68cf9d88340ab0640a8f517e1bddf8f40ce385e2a5832411d6ef16e72645fd4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc449a7d8104605978405e5319e5e889e9ef13654e54c1167f188e2fab23572a
cd51eaac7aeea52454c44304b658e9746ffd7695ac761a688651f398e36dad62
cedaf4be904319bbecc4dfbe8463788d5c184bb64aa1a5f3d9469b406462f830
cf279bd25bfbaa0d6d6cb41e30293b0bee0ed00f22a7cb8415086133400caa4b
cf2e4ca46bdbcace5c70c655869f23d3b604bb0d5b6a221265bc21ae18009b49
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d133fe10f39e3c6af09693ee16cc092246cd602ef89c652f0d9e0aba1a094e22
d25d0db9c946e5a0532635a00800b6866bfaeeea249cf14b4ee7801dba258f90
d2753cfad04bfad4418623ea7df72fbb8f16df58ce2b8592efcaa3bb60f3b688
d59bcebbf95128efbfab69bf12933eb6c81100763afa15030065050f24d4b6e2
d76c575c05f0bcb7ff6929fb9fa82069954ca4f9f12444df519b31a8bddf4625
d8ffd0ea79dd42010226d45e586e5f4283bb59859f9b49fc91533958d0b9f846
d96b094b6fd77ea9bc3cbae1300f943337949916e2270b123def19e80549786c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc44f46e7d2dee40ffc82428e5057057416ebd92fa027b81da30e73c18155276
dc727331b38651daa020436125bfb412a41d9a27bcf6630279021aa8799ea36a
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d
def0ea10291898d75772c0910e300cf1c0076ce35f2620bf1c45d39c01c9fe7f
e11ca9ed502c1dc7449e761b37f5768d6c20ddab1c014f40e3ae6953d82f1e62
e1b370b07a351cece878fa3c19ba8f18d55f7fd74b91dc896518f85297c85860
e1ff41a8163cc49716cfc902fa3c6aed66351331354569a0c2d44e6122e9efb2
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
e49f77ef228b7bf7b27289fbf657c347246d44eb787351b7b2f684f8c680d31a
e576b8eb88078186ed0a915b66a94b59200637709d07af8991576bed91ef91ab
e6d699e02fef47860c943a5587789cc4a5b5e9174af64048a5cf8214d204e32a
ea11bceb8be1508534e7d4b2226f3d106ad6a9f79bb804580d910fb259981e98
ea50413d551555b2d2e08a557853c4260e1455e462da28b448ef923e970afb31
eb5ce2ef8ee3581fc1fd45ae3a7088940dd7fad537d7655b04b4f807d5ea7877
ec359d16501a10813dd0437da88e04d6c2d564038d047103b00a0c50ee54477c
ed9b132bf4cebbf932b36b392883d83d2d9465231e73c5f26e48e9a04282c268
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155235d32a4748d729c417e3ad869921090f09432e79fa55c0c083c83a800e2
f49c55a38dfcecb625a2bb61a3f892d02308cb392c68ae6606d522a5d148bc16
f575381349bcc657b74552561563d7e5361c0f928d9bfaf201914f79244da45c
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
f5fa6657656652bb272ae1ebe1cfc93bac1895be065a8598472cd294e5cfa1c5
f623e1d423f85d8c36affb7faf68d0b804e0389e2621de2ea9eb97bb0df21c76
f6ee1c2908434856508d72c8c8da1e9454b82c57d95425362786bd6ba0c9b091
f84bc7eb245a2964516604e58d37908dec0f39f3dbe0dd03939ced8c07464667
fb8cbd2a68b8068930e22baa762a4463ffd66b91ac3905ef9123ea07203bc133
fd7d56a17cea82187ea278ff309a9f0a5a7df09f43d6e539968369a11f2c458b
feb64e8abe2accaacb76f21425ffd91952bcff2f7da2a0da532061ebd1ce22ce
ffac40549b8b980033c3720db5b8d58580fc7c87243afdfaacc4b5090195485e
ffc3471acfff80133f89ef7fbdc1456429c99db49c74f971b253f612d0364072
ffeff26be90a30b3cc2a91bc275a68369e8fbfcc01b5611aec64531dc5cced2f