Submitted URL: https://mlml.ga/2021/12/16/hitman-hol...
Effective URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Submission: On December 16 via manual from CA — Scanned from CA

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 85 HTTP transactions. The main IP is 162.0.215.48, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mlml.ga.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 20th 2021. Valid for: a year.
This is the only time mlml.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 162.0.215.48 22612 (NAMECHEAP...)
1 2607:f8b0:400... 15169 (GOOGLE)
9 192.243.59.12 39572 (ADVANCEDH...)
3 2600:9000:21e... 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2a03:90c0:999... 199524 (GCORE)
1 151.139.128.11 20446 (HIGHWINDS3)
2 99.84.191.8 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f13... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 51.178.8.230 16276 (OVH)
12 2600:9000:21e... 16509 (AMAZON-02)
1 139.45.197.234 9002 (RETN-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
4 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 139.45.195.8 9002 (RETN-AS)
1 139.45.197.243 9002 (RETN-AS)
6 2607:f8b0:400... 15169 (GOOGLE)
7 2600:9000:21e... 16509 (AMAZON-02)
1 104.153.197.251 53334 (TUT-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
85 30
Domain Requested by
12 dgu9g3a2kzqx2.cloudfront.net d13nu0oomnx5ti.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
10 mlml.ga 1 redirects mlml.ga
9 coveredbetting.com mlml.ga
7 d13pxqgp3ixdbh.cloudfront.net dgu9g3a2kzqx2.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
6 fonts.googleapis.com dgu9g3a2kzqx2.cloudfront.net
3 c.adsco.re www.xadsmart.com
c.adsco.re
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dgu9g3a2kzqx2.cloudfront.net
3 ulbackground.com mlml.ga
dmg0877nfcvqj.cloudfront.net
3 dmg0877nfcvqj.cloudfront.net mlml.ga
dmg0877nfcvqj.cloudfront.net
2 adsco.re c.adsco.re
2 4.adsco.re mlml.ga
c.adsco.re
2 6.adsco.re mlml.ga
c.adsco.re
2 freychang.fun dmg0877nfcvqj.cloudfront.net
2 accounts.google.com mlml.ga
2 withexdcel.biz dmg0877nfcvqj.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 xadsmart.com www.xadsmart.com
1 onmarshtompor.com iclickcdn.com
1 my.rtmark.net iclickcdn.com
1 qnsqac9rwvfz.s4.adsco.re c.adsco.re
1 qnsqac9rwvfz.n4.adsco.re c.adsco.re
1 qnsqac9rwvfz.l4.adsco.re c.adsco.re
1 bedrapiona.com iclickcdn.com
1 apiujquery.com mlml.ga
1 www.xadsmart.com mlml.ga
1 iclickcdn.com mlml.ga
1 www.facebook.com mlml.ga
1 static.adop.co mlml.ga
1 st-n.ads5-adnow.com mlml.ga
1 d13nu0oomnx5ti.cloudfront.net mlml.ga
1 www.googletagmanager.com mlml.ga
85 31

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
mlml.ga
Sectigo RSA Domain Validation Secure Server CA
2021-04-20 -
2022-04-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
coveredbetting.com
R3
2021-12-08 -
2022-03-08
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
n.ads5-adnow.com
R3
2021-10-11 -
2022-01-09
3 months crt.sh
adop.co
R3
2021-10-11 -
2022-01-09
3 months crt.sh
withexdcel.biz
Amazon
2021-06-01 -
2022-06-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-12-14 -
2022-12-13
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-25 -
2021-12-24
3 months crt.sh
accounts.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
1376341044.rsc.cdn77.org
R3
2021-10-31 -
2022-01-29
3 months crt.sh
apiujquery.com
ZeroSSL RSA Domain Secure Site CA
2021-10-20 -
2022-01-18
3 months crt.sh
bedrapiona.com
R3
2021-11-30 -
2022-02-28
3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA
2021-09-06 -
2022-09-28
a year crt.sh
*.l4.adsco.re
R3
2021-11-19 -
2022-02-17
3 months crt.sh
*.n4.adsco.re
R3
2021-11-19 -
2022-02-17
3 months crt.sh
*.s4.adsco.re
R3
2021-11-19 -
2022-02-17
3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2021-11-20 -
2022-11-26
a year crt.sh
onmarshtompor.com
R3
2021-12-01 -
2022-03-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
xadsmart.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-19 -
2022-07-22
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 3 frames:

Primary Page: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Frame ID: FB9BBC8B16F354C7A05682D14D53EFE5
Requests: 68 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: CDABFC0C7FEE1FBDDE9597606DC26ECB
Requests: 4 HTTP requests in this frame

Frame: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Frame ID: 6D696A2F3C2231B77BC3C18C8E8118B8
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

hitman holla twitter - mlml.ga

Page URL History Show full URLs

  1. https://mlml.ga/2021/12/16/hitman-hol... HTTP 301
    https://mlml.ga/2021/12/16/hitman-holla-twitter/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

98 %
HTTPS

55 %
IPv6

21
Domains

31
Subdomains

30
IPs

4
Countries

1174 kB
Transfer

1931 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mlml.ga/2021/12/16/hitman-hol... HTTP 301
    https://mlml.ga/2021/12/16/hitman-holla-twitter/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mlml.ga/2021/12/16/hitman-holla-twitter/
Redirect Chain
  • https://mlml.ga/2021/12/16/hitman-hol...
  • https://mlml.ga/2021/12/16/hitman-holla-twitter/
43 KB
11 KB
Document
General
Full URL
https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
9c568e211f2a01191a8e6f30c7e7efc29706c0da7de1acd45c84c45c3b698ffa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
x-pingback
https://mlml.ga/xmlrpc.php
link
<https://mlml.ga/wp-json/>; rel="https://api.w.org/" <https://mlml.ga/wp-json/wp/v2/posts/211>; rel="alternate"; type="application/json" <https://mlml.ga/?p=211>; rel=shortlink
etag
"1339-1639689990;br"
x-litespeed-cache
miss
content-length
10579
content-encoding
br
vary
Accept-Encoding
date
Thu, 16 Dec 2021 21:26:30 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Redirect headers

content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-redirect-by
WordPress
location
https://mlml.ga/2021/12/16/hitman-holla-twitter/
x-litespeed-cache
miss
content-length
0
date
Thu, 16 Dec 2021 21:26:29 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
style.min.css
mlml.ga/wp-includes/css/dist/block-library/
79 KB
10 KB
Stylesheet
General
Full URL
https://mlml.ga/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Wed, 21 Jul 2021 00:14:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
9960
expires
Thu, 23 Dec 2021 21:26:30 GMT
style-main.min.css
mlml.ga/wp-content/themes/neve/
46 KB
9 KB
Stylesheet
General
Full URL
https://mlml.ga/wp-content/themes/neve/style-main.min.css?ver=2.11.4
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
f1d4113d23d979e74edee449405d274367bbc8f80454319e4c334436a26bf8bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Mon, 24 May 2021 12:11:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
8587
expires
Thu, 23 Dec 2021 21:26:30 GMT
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137184491-6
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce5175b26873b12417b1253159ccd3cb0f93953fe7e6de1916d6cdf3f0d7f29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36192
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Dec 2021 21:26:30 GMT
184ae3006454ac540dace6956238e8cf.js
coveredbetting.com/18/4a/e3/
0
0
Script
General
Full URL
https://coveredbetting.com/18/4a/e3/184ae3006454ac540dace6956238e8cf.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
dmg0877nfcvqj.cloudfront.net/
160 KB
52 KB
Script
General
Full URL
https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:1a00:1b:50e1:aac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8f67f737e85a8d24b86cf2441f88ea065179970f5e92c3dc2aed406f639c0d62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
53170
via
1.1 4a8de0adddd15d5e8cadba8208771b58.cloudfront.net (CloudFront)
x-amz-cf-id
YYcJrvu0uIBzaGYVly7lH0sbk9pWp3jHWhmoqjU-wJ0cADmgXZ884A==
b1f0be8.js
d13nu0oomnx5ti.cloudfront.net/
23 KB
23 KB
Script
General
Full URL
https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ba00:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:43:45 GMT
via
1.1 18c7c6863d32a25928e512ad864f8a19.cloudfront.net (CloudFront)
last-modified
Mon, 03 May 2021 01:43:32 GMT
server
AmazonS3
age
78166
etag
"6863f6e390060c097da580136d1dcaf2"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
JFK51-C1
content-length
23438
x-amz-cf-id
TgzN5vcdSH1yPQds0R9HLSfa9SFlRIOXRjz4BYL28xfxYS3o9_Y5Ig==
invoke.js
coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/
0
0
Script
General
Full URL
https://coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
a.js
st-n.ads5-adnow.com/js/
83 KB
32 KB
Script
General
Full URL
https://st-n.ads5-adnow.com/js/a.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a6162fc6d57eea1323cf7a8dc8400049d9b41b75fc2faf94016705a5fc984cc3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 06:18:31 GMT
server
nginx
etag
W/"60f90db7-14da8"
x-cached-since
2021-12-16T21:25:52+00:00
content-type
application/javascript
cache-control
max-age=60
cache
HIT
expires
Thu, 16 Dec 2021 21:27:30 GMT
display.js
static.adop.co/tabu/
8 KB
4 KB
Script
General
Full URL
https://static.adop.co/tabu/display.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
661de38d28a2da59e3cc720d817707bf0fde5c092933dc209d20c884d29902eb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
last-modified
Mon, 08 Feb 2021 16:36:26 GMT
server
nginx
etag
W/"6021688a-20f0"
x-hw
1639689990.cds224.tr2.hn,1639689990.cds004.tr2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
3492
frontend.js
mlml.ga/wp-content/themes/neve/assets/js/build/modern/
6 KB
2 KB
Script
General
Full URL
https://mlml.ga/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.11.4
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
3289ffb885f7662d2a1dc61b9605c2338bc20963675d1b8d5d47e7db1919c500

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Mon, 24 May 2021 12:11:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2050
expires
Thu, 23 Dec 2021 21:26:30 GMT
comment-reply.min.js
mlml.ga/wp-includes/js/
3 KB
1 KB
Script
General
Full URL
https://mlml.ga/wp-includes/js/comment-reply.min.js?ver=5.8.2
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Fri, 26 Mar 2021 05:32:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1228
expires
Thu, 23 Dec 2021 21:26:30 GMT
wp-embed.min.js
mlml.ga/wp-includes/js/
1 KB
897 B
Script
General
Full URL
https://mlml.ga/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Thu, 07 Jan 2021 01:59:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
663
expires
Thu, 23 Dec 2021 21:26:30 GMT
wp-emoji-release.min.js
mlml.ga/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://mlml.ga/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
last-modified
Wed, 21 Jul 2021 00:13:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4539
expires
Thu, 23 Dec 2021 21:26:30 GMT
184ae3006454ac540dace6956238e8cf.js
coveredbetting.com/18/4a/e3/
0
0
Script
General
Full URL
https://coveredbetting.com/18/4a/e3/184ae3006454ac540dace6956238e8cf.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
utx
withexdcel.biz/
0
482 B
XHR
General
Full URL
https://withexdcel.biz/utx?cb=6z7s7wexOCKC&top=mlml.ga&tid=945346
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-8.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
via
1.1 6ec872fa8051a500a5a9ab5ec50a79ba.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://mlml.ga
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
r48Eu2UnFubyIi4JOkTQt6y62lpfz7hvJCmgtEW5h_Y08cx1JeVjhA==
bWc1VkhCWFYldTlXXQMtKD0GMw87JVE4MFg+BT4yCVQAOhs1UxMiIQlaDGJ9XlMDcDgEAwhnbh4TVCI9HloEcCEDAVprbhtaBHh7WUkHYmZdQUBreUsTRTcvUFYTJjwZCwhnfl5eA25xVF4FZXlY
ulbackground.com/
0
274 B
Image
General
Full URL
https://ulbackground.com/bWc1VkhCWFYldTlXXQMtKD0GMw87JVE4MFg+BT4yCVQAOhs1UxMiIQlaDGJ9XlMDcDgEAwhnbh4TVCI9HloEcCEDAVprbhtaBHh7WUkHYmZdQUBreUsTRTcvUFYTJjwZCwhnfl5eA25xVF4FZXlY
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8d86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WMveuDWkNdV1rqGcTQejE8gxNj%2BJ9MVQYoSVm0PW7QOIZwP%2FjVZOJdxC%2BrYFVneU6bSD8HK0jy%2BLtKFky92ic6zjPYVjfN9uvD%2BEIz0GTrNP%2BsdowBhDrsG5irVk4XNQj9TG%2FkFxwUynnru2hDi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6beafd881f664bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

popunder.gif
ulbackground.com/
35 B
672 B
Image
General
Full URL
https://ulbackground.com/popunder.gif
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8d86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Dec 2021 21:26:30 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 22:27:32 GMT
server
cloudflare
age
169138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxQnGLYiz3s4Ja4Y4CH8zxC%2FP8arAmGAHsfJvy4o20vmZEp%2BqlEIIZTHDBOKEKKGeQgU9AoctJFh%2B4DrbjIy57yCMKIZbcXplq2KP7CM7MvMM1SsawifAjsyfMTMAUmDKHDeC8p6d7hHWvHUeVSo"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6beafd881f6b4bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tag.min.js
iclickcdn.com/
67 KB
24 KB
Script
General
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
23534
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
28abd4350cf60d5ab09a17a15364d608
pragma
no-cache
last-modified
Thu, 16 Dec 2021 13:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmNY6BabZP9%2FqFDnoH6GDVMOl5YzMFW5%2F1jlNLmQ88zTarKFfZIrafGK1lNjCYSYK%2BD1RM1%2B7ICJ%2BUNi90pBHLmVtuJE%2FTjwkxU2NUiWVtseVm7xAuCXUKqZbw0Y2XdDaZ5MjiHpYLGKr64%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6beafd881d214bbe-YUL
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Fri, 17 Dec 2021 14:54:16 GMT
/
dmg0877nfcvqj.cloudfront.net/
160 KB
52 KB
Script
General
Full URL
https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:1a00:1b:50e1:aac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8f67f737e85a8d24b86cf2441f88ea065179970f5e92c3dc2aed406f639c0d62

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
x-amz-cf-pop
JFK51-C1
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
53170
via
1.1 4a8de0adddd15d5e8cadba8208771b58.cloudfront.net (CloudFront)
x-amz-cf-id
rFGOqPt80Ll_X_sl-NE7tIreNokEXS5jzOHjH3YlL0_-5yBTYJkKuw==
utx
withexdcel.biz/
0
483 B
XHR
General
Full URL
https://withexdcel.biz/utx?cb=Xea4GMjdJsRp&top=mlml.ga&tid=945346
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-8.iad89.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
via
1.1 6ec872fa8051a500a5a9ab5ec50a79ba.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://mlml.ga
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
g7wMchmiXVY1Xo7BwAv_GgtUNKiNgHUqOUihZhCFjIaGUAWomsmyng==
clean-blog.min.js
www.xadsmart.com/
30 KB
9 KB
Script
General
Full URL
https://www.xadsmart.com/clean-blog.min.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ad67d20341c19422d75da7ba070e95f161ec6c665c57b4ce671276e08cdcdcd2

Request headers

Referer
https://mlml.ga/
Origin
https://mlml.ga
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
111948
alt-svc
quic="195.181.169.1:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1qQFVV4L/TLUBAA==
x-accel-expires
@1640182842
server
CDN77-Turbo
x-77-nzt-ray
QGgMXOBkkuk=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Wed, 22 Dec 2021 14:20:42 GMT
jquery-3.11.0.min.js
apiujquery.com/ajax/libs/jquery/3.5.1/
99 KB
99 KB
Script
General
Full URL
https://apiujquery.com/ajax/libs/jquery/3.5.1/jquery-3.11.0.min.js?i=https://mlml.ga/2021/12/16/hitman-holla-twitter/&r2=b2a697bb6bc6589991af5544081da1c6
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.178.8.230 , France, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-178-8.eu
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a9d9fe26fe599fb585940670c53f3f409b1fa8b14b61b52ce64fc120220d27a3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 21:26:30 GMT
Last-Modified
Sun, 12 Dec 2021 14:16:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b60453-18a46"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100934
video.avi
mlml.ga/wp-content/uploads/2021/12/
158 KB
158 KB
Media
General
Full URL
https://mlml.ga/wp-content/uploads/2021/12/video.avi
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
ca9914ced179e98c8f0aaf4b3b322f0f42a5940868e54f6095b35cf5a83ba95f

Request headers

Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-161447/161448
date
Thu, 16 Dec 2021 21:26:30 GMT
last-modified
Wed, 15 Dec 2021 19:53:29 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
Content-Length
161448
content-type
video/x-msvideo
html.1612660.9db27.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/
7 KB
7 KB
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/v2/html.1612660.9db27.0.js
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
b25095baeabcbbbd201fe9eaaf5fe41a2c2c28d3c089474560c31763e9319002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
7116
x-amz-cf-id
M5Z60M22ww2uBbgLd7h6cgt6ILSUIjgKBGeFDFEM3sNuJfRdaWTfEg==
css_front.css
dgu9g3a2kzqx2.cloudfront.net/public/external/
6 KB
7 KB
Stylesheet
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/css_front.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
3WNgR8lCPkIvdtpcvmj8JOjJw6jXw4muTKpgMei_LA10MN1ipjPT9A==
invoke.js
coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/
0
0
Script
General
Full URL
https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
FGvJ1PeVgAwqIyM.png
mlml.ga/wp-content/uploads/2021/12/
211 KB
211 KB
Image
General
Full URL
https://mlml.ga/wp-content/uploads/2021/12/FGvJ1PeVgAwqIyM.png
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.48 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium189-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
85f164282197a912d01c9846a3301751ec296992b2c3da0326781b7725972ddf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/2021/12/16/hitman-holla-twitter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
last-modified
Thu, 16 Dec 2021 18:33:40 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
216069
expires
Thu, 23 Dec 2021 21:26:30 GMT
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
invoke.js
coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/
0
0
Script
General
Full URL
https://coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
coveredbetting.com/734b0b50db7d155a16285de384fc9bab/
0
0
Script
General
Full URL
https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
bedrapiona.com/5/4730323/
3 KB
2 KB
XHR
General
Full URL
https://bedrapiona.com/5/4730323/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
861198d5d11650572a1664acf98b248b804f568401e18f5376d44e11f8aa6a23

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
b4dd7b6ebb4d96206af1b5f228b7536a
pragma
no-cache, no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://mlml.ga
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
/
freychang.fun/
16 B
721 B
Fetch
General
Full URL
https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e988397539153ae45a5d522910a313f9e566279693517319b3564dba6dc027b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://mlml.ga
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BADDS4W39mGaXqDhMoexCK3yeRTtGR2ZenSU8%2FRh1j17goecuNkaseb0RnwEat2w%2BHxuzuHo%2BcsGOaNuQLkMD4zceUtlQmTr%2BHwOeosoHCRXreAynZEmo33eZBrCz4tgVwjnSiRXg%2F9IapK"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6beafd89bd05713f-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
freychang.fun/
15 B
327 B
Fetch
General
Full URL
https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711fb28fefc6e8b78bd3d4bc06eaf101a063a5a5194295e1b5dd9989cb8dabdf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://mlml.ga
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUxwKtJqpa7merRmW58daH7SKPKlB4X1pCgCslvnFJTXGZWLYyJLHCPD8bEsfm4O8QnU8pmqf5wdAuZIQyIMYJo5kB7rNcubYUio8EbxgN32pg5IxaxEItKZtIr%2BFIJCla9ybeEzzswhteRw"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6beafd89bd0b713f-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137184491-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3876
date
Thu, 16 Dec 2021 20:21:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Dec 2021 22:21:54 GMT
AR5ud31GS2V+ckxLY3B9RA
ulbackground.com/Rkt1clNpdBYBbhcfLx8JHiNAMD8iKCY6Gg4eIyQdIxo3KgUDClMGOiJ2TEZmdX9DVCMvL0hDdTU/FAYmNXZGQmN3bRwcNSl2RUJjd20DT2JoeEFcYXJlRVQme3pTBiMnLEhDdTY/
0
264 B
Ping
General
Full URL
https://ulbackground.com/Rkt1clNpdBYBbhcfLx8JHiNAMD8iKCY6Gg4eIyQdIxo3KgUDClMGOiJ2TEZmdX9DVCMvL0hDdTU/FAYmNXZGQmN3bRwcNSl2RUJjd20DT2JoeEFcYXJlRVQme3pTBiMnLEhDdTY/AR5ud31GS2V+ckxLY3B9RA
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8d86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef51kEIEWy7Ty7uvxe%2F3OEd280uS4VFsT9QART6vHwSYhgVd0L%2FuRBgbH%2FeJRMFAAX0CcDY%2BIKARaY1j5yHmeZNzrs0asLilu5%2F%2B95OOocE%2F8DcImMoJ%2BICAUrTkQ2zySB8drc3mo0mdX7j6D2YH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6beafd89a99e4bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
invoke.js
coveredbetting.com/14bc31ff8d137840a3a613c1a0dae6ee/
0
0
Script
General
Full URL
https://coveredbetting.com/14bc31ff8d137840a3a613c1a0dae6ee/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/HumanVerification/
1 KB
1 KB
Stylesheet
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/clockers/HumanVerification/css.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
9064b3368b65c9e47e057f59538af8739a43ff3e3b9713bf2675916a2d586b88

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
etag
"436-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1078
x-amz-cf-id
mHGCL7N7nSIucep-AVW-iWBQ5I7P8Gk1OMpOWMO-niqdey0OT-xtjw==
invoke.js
coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/
0
0
Script
General
Full URL
https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
c.adsco.re/
62 KB
22 KB
Script
General
Full URL
https://c.adsco.re/
Requested by
Host: www.xadsmart.com
URL: https://www.xadsmart.com/clean-blog.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1652985
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6beafd8abcad7142-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 16 Jan 2022 21:26:30 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1511209738&t=pageview&_s=1&dl=https%3A%2F%2Fmlml.ga%2F2021%2F12%2F16%2Fhitman-holla-twitter%2F&ul=en-us&de=UTF-8&dt=hitman%20holla%20twitter%20-%20mlml.ga&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1869404910&gjid=1118662639&cid=389320886.1639689991&tid=UA-137184491-6&_gid=1209451134.1639689991&_r=1&gtm=2ouc10&z=385092508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mlml.ga
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
invoke.js
coveredbetting.com/734b0b50db7d155a16285de384fc9bab/
0
0
Script
General
Full URL
https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 21:26:30 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
6.adsco.re/
0
105 B
Other
General
Full URL
https://6.adsco.re/
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Origin
https://mlml.ga
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://mlml.ga
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6beafd8b3821ecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
4.adsco.re/
0
454 B
Other
General
Full URL
https://4.adsco.re/
Requested by
Host: mlml.ga
URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Origin
https://mlml.ga
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 21:25:27 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://mlml.ga
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Wd3VWT2gUGjgpVwMcMnJRQ0Ble15RHyUgBgdILxg+GQZhKAI0HxINJR1TIjUMSkVwIwkZEmtpDRkWa35OFhE0clhRASYgA0oUOj0DGxsnOQ0DUyMuVRoaLCYEGxRzfS5CW2ZqWkddISYGExohPE1FRTg7TUVFZ39GR1BlDU1FRSEmBkFBc3wqUkdmN15DXH-N9WBY...
dmg0877nfcvqj.cloudfront.net/
650 B
754 B
Script
General
Full URL
https://dmg0877nfcvqj.cloudfront.net/Wd3VWT2gUGjgpVwMcMnJRQ0Ble15RHyUgBgdILxg+GQZhKAI0HxINJR1TIjUMSkVwIwkZEmtpDRkWa35OFhE0clhRASYgA0oUOj0DGxsnOQ0DUyMuVRoaLCYEGxRzfS5CW2ZqWkddISYGExohPE1FRTg7TUVFZ39GR1BlDU1FRSEmBkFBc3wqUkdmN15DXH-N9WBYFJiMNABA0JAEDUGQJXURCeHxeUkdmZwMfATsjTUU2c31YGxw9Kk1FRTEqCxwaf2paRxY+PQcaEHN9Lk5DeH9GQ0Nge0ZORnN9WAQUMC4aHlBkCV1EQnh8XlEAaw
Requested by
Host: dmg0877nfcvqj.cloudfront.net
URL: https://dmg0877nfcvqj.cloudfront.net/?fngmd=945346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:1a00:1b:50e1:aac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd34140174ef6276a381c00cf93dd97ba367f826d7d2cc7825cc6ec70f7b4b97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
gzip
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
477
via
1.1 4a8de0adddd15d5e8cadba8208771b58.cloudfront.net (CloudFront)
x-amz-cf-id
7v-IA1QRprTqS9NaYE9i08fz6BvYxreLZ5cVC6slEA2pzGDRF2EQnA==
p
adsco.re/
0
416 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 21:25:27 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK nyc223
Access-Control-Allow-Origin
https://mlml.ga
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/
47 B
454 B
XHR
General
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
1c2e739f79795e414bec0a1b8dd8b0038709b8319e3feccd7a260cbe55b72a87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 21:25:27 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://mlml.ga
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/
55 B
448 B
XHR
General
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52930411185b12d8a2b922e55d65be7ecb5324b283251968a80fd66ed86a1da2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-encoding
br
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://mlml.ga
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6beafd8b381eecee-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
qnsqac9rwvfz.l4.adsco.re/
0
464 B
Ping
General
Full URL
https://qnsqac9rwvfz.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 21:26:31 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
qnsqac9rwvfz.n4.adsco.re/
0
464 B
Ping
General
Full URL
https://qnsqac9rwvfz.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 21:26:30 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
qnsqac9rwvfz.s4.adsco.re/
0
464 B
Ping
General
Full URL
https://qnsqac9rwvfz.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mlml.ga/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 21:26:32 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame CDAB
62 KB
22 KB
Document
General
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/

Response headers

date
Thu, 16 Dec 2021 21:26:30 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Sun, 16 Jan 2022 21:26:30 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
1652985
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6beafd8b5f057138-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gid.js
my.rtmark.net/
65 B
538 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=563cf6a988c44719b6d0d80d42aab3cb
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1dd6d4426b6b9b8900cfae66a3e80c9bfec42c27dbc7858e031f0aa3ea0db441
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mlml.ga
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
6.adsco.re/ Frame CDAB
0
0

/
4.adsco.re/ Frame CDAB
0
0

/
c.adsco.re/ Frame CDAB
61 KB
0
XHR
General
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1652986
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6beafd8c18347138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sun, 16 Jan 2022 21:26:31 GMT
ct
dgu9g3a2kzqx2.cloudfront.net/public/ Frame 6D69
28 KB
29 KB
Document
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
c793f90bf90df2f166c8b984f490bdad7466d326ecc31ba7b492c0a3fc197df3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Dec 2021 21:26:31 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by
PHP/7.4.11
cache-control
no-cache, no-transform
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
x-cache
Miss from cloudfront
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
8CwGlZbc8nftSWcu_a08xGT66nplj2d13Nti5gSUqQMpZ8AYBZM0Pg==
/
onmarshtompor.com/
0
0
Fetch
General
Full URL
https://onmarshtompor.com/?rb=e37fLEKz-JEeQ7D5mDvFzhVYFIeefzUKzngHxOUgMfogPivN_rqv8F5dWmTmEqme6_8wjmX5pWA_NM-Bgdrhs_1AUDxRcM-qXQdprpnHPlga6eDx2U9zVch3jQsAyuyKYoRUWfbdbVOuvPm3_nGHb1h8b7wxypm6yygS-NDSZtuE6PemAZltyD-LIcthFuBh-OL2MAJo6k8WOr7DYOC_ExHEuI1AvxK0VVGOw4zGktiIy-eHMZwxtTEhRN0ilsxMzb35F-2PnGmdG0dp&request_ab2=0&zoneid=4730323&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fmlml.ga%2F2021%2F12%2F16%2Fhitman-holla-twitter%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&os=other&os_version=other&bs=f69b07f4-6691-44ea-9525-c178cb64dad7&userId=563cf6a988c44719b6d0d80d42aab3cb&m=link
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-trace-id
5c54ca48468ce9eea158d37f52a75f94
pragma
no-cache
date
Thu, 16 Dec 2021 21:26:31 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://mlml.ga
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
p
adsco.re/
363 B
851 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
f4c9117d8aa3c3791bbee2049b85349d067262ea6776840129f183164ea5be3b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

AS-P-G
OK
Date
Thu, 16 Dec 2021 21:25:27 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
close
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK nyc223
Access-Control-Allow-Origin
https://mlml.ga
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
guid
dgu9g3a2kzqx2.cloudfront.net/public/
0
285 B
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=1n7iwk3xe&e=ll&t=1639689991387
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
FgL10LJa5WrTGcAs17XLsku4a448KU8dK9jZca1TBZbm4-yz7naasw==
css
fonts.googleapis.com/ Frame 6D69
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular,bold,italic,thin,light,bolditalic,black,medium&lang=en
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37965a8c9363c0b7c55721c4a14a90a9eed634f94fa66c9bc6e4695c25872fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 21:23:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
css
fonts.googleapis.com/ Frame 6D69
3 KB
695 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400&subset=latin,latin-ext
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 20:58:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
icon
fonts.googleapis.com/ Frame 6D69
569 B
869 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 21:26:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
css
fonts.googleapis.com/ Frame 6D69
3 KB
695 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3e1a0fa37cb773c73e8ccfb69798b22febaded38f88db48e604a0e9a3810942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 21:04:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
css
fonts.googleapis.com/ Frame 6D69
3 KB
695 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 21:03:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
css
fonts.googleapis.com/ Frame 6D69
3 KB
695 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b684dd040789421a46a73d15a17624fca22594a692d2200d4b8362f497a59948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 20:58:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 21:26:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 21:26:31 GMT
font-awesome.min.css
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/ Frame 6D69
28 KB
29 KB
Stylesheet
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
age
71080
etag
"4083f5d376eb849a458cc790b53ba080"
x-cache
Hit from cloudfront
content-type
text/css
date
Thu, 16 Dec 2021 01:41:52 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
29063
x-amz-cf-id
5mKjYa3ou3GRC9cn8hdALtaGieuDNxL4we4PHweflVSxNDFSviczpA==
qtip.css
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 6D69
9 KB
9 KB
Stylesheet
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/qtip.css
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
age
50291
etag
"ca447ae8bb217a89fb895449985336ac"
x-cache
Hit from cloudfront
content-type
text/css
date
Thu, 16 Dec 2021 07:28:21 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
8982
x-amz-cf-id
fba4ThmbVwVhQI14JzeOBK-lRxypAat11N1gLmdpuyaqS_8ZAASfQg==
jquery.js
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 6D69
95 KB
95 KB
Script
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/jquery.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
age
70227
etag
"7faa5fa0b997277a94a3c3b02d8be514"
x-cache
Hit from cloudfront
content-type
application/x-javascript
date
Thu, 16 Dec 2021 01:56:05 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
97174
x-amz-cf-id
BbpuVa0BrqgazNXHm4kWJoNLUUubFnDP8n5PDREZMkt_wemv21k8Wg==
qtip.js
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 6D69
25 KB
26 KB
Script
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/qtip.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0552507c8b0827de53b8dc9d18a2a0427d8aedcb398d6a23b39835f9ac6eec38

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
age
82918
etag
"fed81df4cec943daadd9ba37534b0979"
x-cache
Hit from cloudfront
content-type
application/x-javascript
date
Wed, 15 Dec 2021 22:24:34 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
26034
x-amz-cf-id
Wx7CpdpcZjdHge2UFNrUsu9N_TL-S979cqLVAPskU7f2-klkB0bnug==
block.js
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 6D69
25 KB
26 KB
Script
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/block.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f8db58e8a749a3f2493ac7d6cc0fe2952cbc312f91ce23a585d4e91cb48a90d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:54 GMT
server
AmazonS3
age
83012
etag
"ee84a793bd9253dcec3ed28163c98e6c"
x-cache
Hit from cloudfront
content-type
application/x-javascript
date
Wed, 15 Dec 2021 22:23:00 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
25920
x-amz-cf-id
r8sneamEsLl_yqX97nOz2IVeAYI7oXn-EeLv8XF4GgaukHaGNjnqyQ==
style-cleaned3.css
d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 6D69
8 KB
9 KB
Stylesheet
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/style-cleaned3.css
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc9e58ed0923645d80c29a8cd413acad8aefd811b203bc6f7f910670964b1a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 4ffd9afb636b7eb92e42cf2534136d51.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
age
83767
etag
"c050ea76f9cc89ff6467ac0da27e3571"
x-cache
Hit from cloudfront
content-type
text/css
date
Wed, 15 Dec 2021 22:10:25 GMT
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
content-length
8664
x-amz-cf-id
QO57fzU0xyucDxE4dBYL62keyu3VWWitrcbBT2yxbgMNqxq95nbv6w==
guid.js
dgu9g3a2kzqx2.cloudfront.net/public/external/ Frame 6D69
862 B
1 KB
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/guid.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:34 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
last-modified
Tue, 11 Aug 2020 19:47:27 GMT
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
etag
"35e-5ac9f574655f4"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
862
x-amz-cf-id
SxYzJZkIBOFkv1ByqEgRQ3MFdG6viYDO_9CA1M6VghuZEbvuE0QLwQ==
t.js
dgu9g3a2kzqx2.cloudfront.net/public/external/ Frame 6D69
2 KB
2 KB
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/t.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jul 2020 08:43:38 GMT
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
etag
"696-5aaef9ea142f5"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1686
x-amz-cf-id
G2G8Y_R9MkZ9D4gF_hNclqo8f3J4OLFx8JYvex4Uy9JUs70QdLyoIA==
iframe.js
dgu9g3a2kzqx2.cloudfront.net/public/external/ Frame 6D69
5 KB
5 KB
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/iframe.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
69a5cc6598399abf486d364264eebd2591bbd39018f72b942581b2ff16f1c00d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
etag
"1399-5a8c5e62eacaa"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5017
x-amz-cf-id
6DbZTfQGGXc0VzgIhUS8GvDfhFsPr26Gujt1QNRVV49wEa5SRrKjew==
BmCb.asp
xadsmart.com/
0
124 B
Script
General
Full URL
https://xadsmart.com/BmCb.asp?_=BAoAYbuuxwFhu67HgAGBAsAAIE_J7izEP_-oVrJU_YZWoJ-2TL_GX7atewRC_79-r5oowQBHMEUCIB85HoN_p2KBBt8cdtpgoVkRPQ9NOO2BiXgZjGWLaQYwAiEAzDRxoKEhJrii6pFOzOtoZWsdyyawGnCmMNkkZEyWWCfCACCGSL1LVvCTLCKOsebideZJcIh26hC_ZSp8PnTCbwsPi8QAECoNVgAACUsDANAAAAAAAAHFABDOzYTKkcF752rzbfQ252C7wwBHMEUCIEEMaVPybXpc13XgAH-cFWTkue7yPlwpdLQxCtTY6v_9AiEAlHoEIDT1m9Mq0NmIaJIfnLKk6nyfAGhUG0GqNDO9UoA&v=4&EhLGZcWO=4597925&minBid=&XRkHrxqM=10000:1,10000:1,0&SQTirbHn=&fzdFeaxl=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.xadsmart.com
URL: https://www.xadsmart.com/clean-blog.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.153.197.251 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
104-153-197-251.customer.totaluptime.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
asf
-1
access-control-allow-origin
*
content-type
application/javascript
popads-ec
ASE
cache-control
public, max-age=604800
content-length
0
expires
Thu, 23 Dec 2021 21:26:31 GMT
analytics.js
www.google-analytics.com/ Frame 6D69
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3877
date
Thu, 16 Dec 2021 20:21:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Dec 2021 22:21:54 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 6D69
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dgu9g3a2kzqx2.cloudfront.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 15:24:29 GMT
x-content-type-options
nosniff
age
21722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16408
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 16 Dec 2022 15:24:29 GMT
fontawesome-webfont.woff2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/fonts/ Frame 6D69
70 KB
71 KB
Font
General
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: d13pxqgp3ixdbh.cloudfront.net
URL: https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:9800:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css
Origin
https://dgu9g3a2kzqx2.cloudfront.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6fcb3966d0deb6baf3867f346443cb9a.cloudfront.net (CloudFront)
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
age
78305
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
71896
last-modified
Mon, 30 Jan 2017 06:33:55 GMT
server
AmazonS3
date
Wed, 15 Dec 2021 23:41:27 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
YK9kXtqGbtcWli77Q7gA8GbPyG8AVoEJ6x0RGY9XUnzAzs-jxom2uw==
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ Frame 6D69
81 B
375 B
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?time=1639689991680&it=1612660
Requested by
Host: dgu9g3a2kzqx2.cloudfront.net
URL: https://dgu9g3a2kzqx2.cloudfront.net/public/ct?cpguid=1n7iwk3xe&it=1612660&w=1600&h=1200&key=9db27&m=0&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
191ad1290fa99a20bbc8a427ee681c205abc3b440520735fb8c365f568e74be0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:31 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
81
x-amz-cf-id
-q3jTFpyrHFy2r2TM-7wylFdPga8wqqlLK5hhMrzyl4aARoJNWNrHA==
impression.php
dgu9g3a2kzqx2.cloudfront.net/public/external/
10 B
303 B
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/impression.php?it=1612660&time=1639689992189
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:32 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
10
x-amz-cf-id
fsQ2sunSYnAeOiDIHijf4Pdh_Zx2gvCSrWtNMU7hrP6aqal7t3fgGw==
guid
dgu9g3a2kzqx2.cloudfront.net/public/
0
287 B
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=1n7iwk3xe&e=opl&t=1639689992190
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:32 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
o4H_SQaPnCpRCYJhOogVVFU-HVydX2YgZyaGT-lCmP52GjxafFy_ow==
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/
81 B
375 B
Script
General
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?it=1612660&time=1639689992685
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/b1f0be8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:ac00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
191ad1290fa99a20bbc8a427ee681c205abc3b440520735fb8c365f568e74be0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://mlml.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 21:26:32 GMT
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
JFK51-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
81
x-amz-cf-id
5OSmesMMc69p2-BPlneykE-UOawBEL8YZHkwcZc4eZk7_5Wh01XvPQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6.adsco.re
URL
https://6.adsco.re/
Domain
4.adsco.re
URL
https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| gtag object| dataLayer number| LAST_CORRECT_EVENT_TIME number| _400195855 object| _pop object| img object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| atOptions object| google_tag_manager object| i595cuuddx9 object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| google_tag_data string| GoogleAnalyticsObject function| ga object| detectZoom object| iframe object| where object| win object| _pao object| twemoji object| wp number| iinf object| sc_adv_out object| adk_pdisp object| $jscomp object| SC_STAT_CONTAINER object| SC_CODE_REGISTRY object| _sc_cached_scripts object| sc_adv_ids object| SC_TBlock_Collection function| SC_ContainerElement function| SC_loadPartnerScripts object| SC_AdvOutBuilder string| __sc_int_uid number| __sc_int_uid_loadind_time object| gaplugins object| gaGlobal object| gaData object| NeveProperties object| addComment function| yWVns7gjCjDBMj function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt string| styles object| styleSheet function| GM function| ts function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| HFG

20 Cookies

Domain/Path Name / Value
mlml.ga/ Name: _cpguid
Value: 1n7iwk3xe
mlml.ga/ Name: test
Value: test
.mlml.ga/ Name: SC_unique_865447
Value: 1
.mlml.ga/ Name: _ga
Value: GA1.2.389320886.1639689991
.mlml.ga/ Name: _gid
Value: GA1.2.1209451134.1639689991
.mlml.ga/ Name: _gat_gtag_UA_137184491_6
Value: 1
bedrapiona.com/ Name: OAID
Value: 563cf6a988c44719b6d0d80d42aab3cb
bedrapiona.com/ Name: oaidts
Value: 1639689990
mlml.ga/ Name: a
Value: McmmCHE8trKIzatCl3oMvEyIKryaKpyU
my.rtmark.net/ Name: ID
Value: 563cf6a988c44719b6d0d80d42aab3cb
mlml.ga/ Name: prefetchAd_4730323
Value: true
mlml.ga/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAoAYbuuxwFhu67HgAGBAsAAIE_J7izEP_-oVrJU_YZWoJ-2TL_GX7atewRC_79-r5oowQBHMEUCIB85HoN_p2KBBt8cdtpgoVkRPQ9NOO2BiXgZjGWLaQYwAiEAzDRxoKEhJrii6pFOzOtoZWsdyyawGnCmMNkkZEyWWCfCACCGSL1LVvCTLCKOsebideZJcIh26hC_ZSp8PnTCbwsPi8QAECoNVgAACUsDANAAAAAAAAHFABDOzYTKkcF752rzbfQ252C7wwBHMEUCIEEMaVPybXpc13XgAH-cFWTkue7yPlwpdLQxCtTY6v_9AiEAlHoEIDT1m9Mq0NmIaJIfnLKk6nyfAGhUG0GqNDO9UoA
dgu9g3a2kzqx2.cloudfront.net/ Name: BUILD_VISITOR_RAND
Value: f0755b3a
dgu9g3a2kzqx2.cloudfront.net/ Name: BUILD_VISITOR_ID
Value: 1182549374
dgu9g3a2kzqx2.cloudfront.net/ Name: BUILD_VISITOR_ID_KEY
Value: 89b580d35fb84baa92fa417ff5595644
dgu9g3a2kzqx2.cloudfront.net/ Name: BUILD_VISITOR_IT_ID
Value: 1612660
dgu9g3a2kzqx2.cloudfront.net/ Name: BUILD_VISITOR_IT_ID_KEY
Value: 9db27
onmarshtompor.com/ Name: OAID
Value: 563cf6a988c44719b6d0d80d42aab3cb
onmarshtompor.com/ Name: oaidts
Value: 1639689991
onmarshtompor.com/ Name: syncedCookie
Value: true

19 Console Messages

Source Level URL
Text
network error URL: https://coveredbetting.com/18/4a/e3/184ae3006454ac540dace6956238e8cf.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://coveredbetting.com/18/4a/e3/184ae3006454ac540dace6956238e8cf.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 369)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 369)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://coveredbetting.com/d2477c7cf6443c4393b988eb1119740e/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 445)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/14bc31ff8d137840a3a613c1a0dae6ee/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 445)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/14bc31ff8d137840a3a613c1a0dae6ee/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://coveredbetting.com/14bc31ff8d137840a3a613c1a0dae6ee/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 458)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 458)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://coveredbetting.com/833585ded3bc191e73ac004f2c161a8a/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 471)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mlml.ga/2021/12/16/hitman-holla-twitter/(Line 471)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://coveredbetting.com/734b0b50db7d155a16285de384fc9bab/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
accounts.google.com
adsco.re
apiujquery.com
bedrapiona.com
c.adsco.re
coveredbetting.com
d13nu0oomnx5ti.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
dmg0877nfcvqj.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
iclickcdn.com
mlml.ga
my.rtmark.net
onmarshtompor.com
qnsqac9rwvfz.l4.adsco.re
qnsqac9rwvfz.n4.adsco.re
qnsqac9rwvfz.s4.adsco.re
st-n.ads5-adnow.com
static.adop.co
ulbackground.com
withexdcel.biz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.xadsmart.com
xadsmart.com
4.adsco.re
6.adsco.re
104.153.197.251
139.45.195.8
139.45.197.234
139.45.197.243
151.139.128.11
162.0.215.48
162.252.214.5
185.200.116.90
185.200.118.90
192.243.59.12
2600:9000:21ec:1a00:1b:50e1:aac0:21
2600:9000:21ec:9800:1c:b3e3:eb40:21
2600:9000:21ec:ac00:13:652b:c180:21
2600:9000:21ec:ba00:3:b5aa:ad80:21
2606:4700:20::ac43:4b09
2606:4700:3030::6815:2dcf
2606:4700:3031::ac43:8d86
2606:4700::6811:a6ba
2607:f8b0:4006:816::200d
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:822::2003
2a02:6ea0:c400::13
2a03:2880:f13a:83:face:b00c:0:25de
2a03:90c0:9996::9996
38.132.109.186
51.178.8.230
99.84.191.8
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0552507c8b0827de53b8dc9d18a2a0427d8aedcb398d6a23b39835f9ac6eec38
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
191ad1290fa99a20bbc8a427ee681c205abc3b440520735fb8c365f568e74be0
1c2e739f79795e414bec0a1b8dd8b0038709b8319e3feccd7a260cbe55b72a87
1cc9e58ed0923645d80c29a8cd413acad8aefd811b203bc6f7f910670964b1a2
1dd6d4426b6b9b8900cfae66a3e80c9bfec42c27dbc7858e031f0aa3ea0db441
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6
2f8db58e8a749a3f2493ac7d6cc0fe2952cbc312f91ce23a585d4e91cb48a90d
3289ffb885f7662d2a1dc61b9605c2338bc20963675d1b8d5d47e7db1919c500
37965a8c9363c0b7c55721c4a14a90a9eed634f94fa66c9bc6e4695c25872fde
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
52930411185b12d8a2b922e55d65be7ecb5324b283251968a80fd66ed86a1da2
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
661de38d28a2da59e3cc720d817707bf0fde5c092933dc209d20c884d29902eb
69a5cc6598399abf486d364264eebd2591bbd39018f72b942581b2ff16f1c00d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711fb28fefc6e8b78bd3d4bc06eaf101a063a5a5194295e1b5dd9989cb8dabdf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e988397539153ae45a5d522910a313f9e566279693517319b3564dba6dc027b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f164282197a912d01c9846a3301751ec296992b2c3da0326781b7725972ddf
861198d5d11650572a1664acf98b248b804f568401e18f5376d44e11f8aa6a23
8f67f737e85a8d24b86cf2441f88ea065179970f5e92c3dc2aed406f639c0d62
9064b3368b65c9e47e057f59538af8739a43ff3e3b9713bf2675916a2d586b88
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9c568e211f2a01191a8e6f30c7e7efc29706c0da7de1acd45c84c45c3b698ffa
9c6ce7b0c6df1f16a194be60fca2ca5cff0726696f21fca2ae30d63009e221de
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6162fc6d57eea1323cf7a8dc8400049d9b41b75fc2faf94016705a5fc984cc3
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
a9d9fe26fe599fb585940670c53f3f409b1fa8b14b61b52ce64fc120220d27a3
ad67d20341c19422d75da7ba070e95f161ec6c665c57b4ce671276e08cdcdcd2
b25095baeabcbbbd201fe9eaaf5fe41a2c2c28d3c089474560c31763e9319002
b684dd040789421a46a73d15a17624fca22594a692d2200d4b8362f497a59948
bd34140174ef6276a381c00cf93dd97ba367f826d7d2cc7825cc6ec70f7b4b97
c793f90bf90df2f166c8b984f490bdad7466d326ecc31ba7b492c0a3fc197df3
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca9914ced179e98c8f0aaf4b3b322f0f42a5940868e54f6095b35cf5a83ba95f
ce5175b26873b12417b1253159ccd3cb0f93953fe7e6de1916d6cdf3f0d7f29b
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f1d4113d23d979e74edee449405d274367bbc8f80454319e4c334436a26bf8bb
f3e1a0fa37cb773c73e8ccfb69798b22febaded38f88db48e604a0e9a3810942
f4c9117d8aa3c3791bbee2049b85349d067262ea6776840129f183164ea5be3b
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d