df75908d.myoffer.pro Open in urlscan Pro
2606:4700:e0::ac40:651b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fishingrods.nicolejungg.com/
Effective URL:
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
Submission: On June 08 via manual (June 8th 2020, 10:42:57 pm UTC) from US

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 57 HTTP transactions. The main IP is 2606:4700:e0::ac40:651b, located in United States and belongs to CLOUDFLARENET, US. The main domain is df75908d.myoffer.pro.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 11th 2019. Valid for: a year.

This is the only time df75908d.myoffer.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3033::681f:5d3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	116.202.209.183 116.202.209.183	24940 (HETZNER-AS) (HETZNER-AS)
11	2606:4700::68... 2606:4700::6812:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.202.63.247 34.202.63.247	14618 (AMAZON-AES) (AMAZON-AES)
1 3	198.143.165.221 198.143.165.221	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
12	2606:4700:e0:... 2606:4700:e0::ac40:651b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	104.18.27.20 104.18.27.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	9

21 2606:4700:3033::681f:5d3f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fishingrods.nicolejungg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.209.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.183.209.202.116.clients.your-server.de

fast-redirecting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.63.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-63-247.compute-1.amazonaws.com

pritha-ner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.221 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

c.redirect750.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:e0::ac40:651b (United States)

ASN13335 (CLOUDFLARENET, US)

df75908d.myoffer.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.20 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nicolejungg.com 1 redirects fishingrods.nicolejungg.com	308 KB
12	myoffer.pro df75908d.myoffer.pro	81 KB
10	pinimg.com i.pinimg.com	441 KB
4	hcaptcha.com 1 redirects hcaptcha.com assets.hcaptcha.com	22 KB
4	gstatic.com fonts.gstatic.com	32 KB
3	redirect750.us 1 redirects c.redirect750.us	6 KB
3	fast-redirecting.com fast-redirecting.com	21 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
1	pritha-ner.com 1 redirects pritha-ner.com	548 B
1	pinterest.com assets.pinterest.com	21 KB
57	10

	Domain	Requested by
21	fishingrods.nicolejungg.com	1 redirects fishingrods.nicolejungg.com
12	df75908d.myoffer.pro	c.redirect750.us df75908d.myoffer.pro
10	i.pinimg.com	fishingrods.nicolejungg.com
4	fonts.gstatic.com	ajax.googleapis.com
3	assets.hcaptcha.com	df75908d.myoffer.pro assets.hcaptcha.com
3	c.redirect750.us	1 redirects fast-redirecting.com c.redirect750.us
3	fast-redirecting.com	fishingrods.nicolejungg.com fast-redirecting.com
1	hcaptcha.com	1 redirects
1	pritha-ner.com	1 redirects
1	assets.pinterest.com	fishingrods.nicolejungg.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	fishingrods.nicolejungg.com
57	12

This site contains links to these domains. Also see Links.

Domain
premedic.info
chrome.google.com
www.cloudflare.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-05-10` - `2020-10-09`	5 months	crt.sh
fast-redirecting.com Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh
*.pinimg.com DigiCert SHA2 High Assurance Server CA	`2020-05-28` - `2021-06-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-05-28` - `2021-06-10`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
Frame ID: 61F8FF404F8A7F2C4C81080698323E8F
Requests: 55 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/03ff895/static/hcaptcha-challenge.html
Frame ID: 945AAEBE6572CB751A6250C4D70B8BE7
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/03ff895/static/hcaptcha-checkbox.html
Frame ID: 9766802484B7DA6154DBF50E0C3F10FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fishingrods.nicolejungg.com/ HTTP 301
https://fishingrods.nicolejungg.com/ Page URL
https://fast-redirecting.com/sl/1142fa39?d=1&r=0.7833529208099315 Page URL
http://pritha-ner.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keyword... HTTP 302
https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-12... Page URL
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream... Page URL
http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
http://c.redirect750.us/proc.php?53b148ac8850fa9619f648711d5d14cbcc09923d HTTP 302
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /zepto.*\.js/i

Page Statistics

57
Requests

96 %
HTTPS

60 %
IPv6

10
Domains

12
Subdomains

9
IPs

2
Countries

935 kB
Transfer

1943 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://premedic.info/sixpenny.php?showtopic=669
Title: table

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/privacy-pass/ajhmfdgkijocedmfjonnpjfojldioehi
Title: Chrome Web Store

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fishingrods.nicolejungg.com/ HTTP 301
https://fishingrods.nicolejungg.com/ Page URL
https://fast-redirecting.com/sl/1142fa39?d=1&r=0.7833529208099315 Page URL
http://pritha-ner.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3395&extclickid=4a81f8be457601a41c6ec411232b961e&fallbackUrl=https%3A%2F%2Ffast-redirecting.com%2Fsl%2F1142fa39%3Fr%3D0.7833529208099315%26nwe%3D3287 HTTP 302
https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d Page URL
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=bb453abb9792d1e080f449c80e33ae49 Page URL
http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
http://c.redirect750.us/proc.php?53b148ac8850fa9619f648711d5d14cbcc09923d HTTP 302
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fishingrods.nicolejungg.com/ HTTP 301
https://fishingrods.nicolejungg.com/

Request Chain 39

http://pritha-ner.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3395&extclickid=4a81f8be457601a41c6ec411232b961e&fallbackUrl=https%3A%2F%2Ffast-redirecting.com%2Fsl%2F1142fa39%3Fr%3D0.7833529208099315%26nwe%3D3287 HTTP 302
https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d

Request Chain 52

https://hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit HTTP 302
https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
fishingrods.nicolejungg.com/
Redirect Chain

http://fishingrods.nicolejungg.com/
https://fishingrods.nicolejungg.com/

63 KB
11 KB

1029ms
943ms

Document
text/html

2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.31 PleskLin
Resource Hash: 580c0b37eef4340530f5be1df7f0c3da2c1e5ed22b4283d79b8f86c80470d145

Request headers

:method: GET
:authority: fishingrods.nicolejungg.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 08 Jun 2020 22:42:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9b92f247fcdd84e87bb2b25bbbf6e8ea1591656158; expires=Wed, 08-Jul-20 22:42:38 GMT; path=/; domain=.nicolejungg.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.2.31 PleskLin
x-ua-compatible: IE=edge
link: <https://fishingrods.nicolejungg.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
cf-request-id: 0337b2ac4a0000c2724b80f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a06208d4cd7c272-FRA
content-encoding: br

Redirect headers

Date: Mon, 08 Jun 2020 22:42:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 08 Jun 2020 23:42:38 GMT
Location: https://fishingrods.nicolejungg.com/
cf-request-id: 0337b2abe2000097721dac0200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5a06208c98fb9772-FRA

GET
H2 200 style.min.css
fishingrods.nicolejungg.com/wp-includes/css/dist/block-library/ 52 KB
7 KB 18ms
16ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Apr 2020 15:32:14 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5ea3067e-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933ddac272-FRA
cf-request-id: 0337b2afff0000c2724b842200000001

GET
H2 200 theme.min.css
fishingrods.nicolejungg.com/wp-includes/css/dist/block-library/ 2 KB
678 B 16ms
14ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/css/dist/block-library/theme.min.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Feb 2020 21:03:31 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5e3c7f23-7a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933ddbc272-FRA
cf-request-id: 0337b2afff0000c2724b843200000001

GET
H2 200 styles.css
fishingrods.nicolejungg.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
745 B 13ms
11ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 20:59:58 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5e6e974e-6d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933dddc272-FRA
cf-request-id: 0337b2afff0000c2724b844200000001

GET
H2 200 front.min.css
fishingrods.nicolejungg.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/cookie-notice/css/front.min.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb5fe511b68861796157104f45c01546db651f8d831390c388af04fb0b0d3039

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Apr 2020 19:33:08 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5e936cf4-155d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933ddec272-FRA
cf-request-id: 0337b2afff0000c2724b845200000001

GET
H2 200 style.css
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/ 423 KB
64 KB 18ms
17ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/style.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 539290580bb0abf5ac8368e8e983801c6b63b1c4d3c79f1feaf2800f5d1ceb3e

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5c44493e-69c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933ddfc272-FRA
cf-request-id: 0337b2afff0000c2724b846200000001

GET
H2 200 skin.css
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/ilightbox/dark-skin/ 7 KB
1 KB 14ms
12ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/ilightbox/dark-skin/skin.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5c44493e-1c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933de0c272-FRA
cf-request-id: 0337b2b0000000c2724b847200000001

GET
H2 200 jquery.js Show response
fishingrods.nicolejungg.com/wp-includes/js/jquery/ 95 KB
32 KB 19ms
18ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/js/jquery/jquery.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5cde37d2-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933de1c272-FRA
cf-request-id: 0337b2b0000000c2724b848200000001

GET
H2 200 jquery-migrate.min.js Show response
fishingrods.nicolejungg.com/wp-includes/js/jquery/ 10 KB
4 KB 16ms
14ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"573eaa90-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933de2c272-FRA
cf-request-id: 0337b2b0000000c2724b849200000001

GET
H2 200 front.min.js Show response
fishingrods.nicolejungg.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/cookie-notice/js/front.min.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Apr 2020 19:33:08 GMT
server: cloudflare
age: 5596
x-powered-by: PleskLin
etag: W/"5e936cf4-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620933de3c272-FRA
cf-request-id: 0337b2b0000000c2724b84a200000001

GET
H2 200 pinit.js Show response
fishingrods.nicolejungg.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 782 B
409 B 22ms
19ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 5596
x-powered-by: PleskLin
status: 200
cf-request-id: 0337b2b0430000c2724b853200000001
last-modified: Mon, 30 Mar 2020 14:26:42 GMT
server: cloudflare
etag: W/"30e-5a2133d6a2c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-accel-version: 0.01
cache-control: max-age=14400
cf-ray: 5a0620939e84c272-FRA

GET
H/1.1 200
OK 1142fa39 Show response
fast-redirecting.com/sl/ 2 KB
2 KB 220ms
75ms Script
text/javascript 116.202.209.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fast-redirecting.com/sl/1142fa39?d=0&r=0.7833529208099315
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.209.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.183.209.202.116.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a3f815cf25407834c09f560ae6f906e9309dbdf204708748ffee2d4d9bd1111

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jun 2020 22:42:39 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 wp-emoji-release.min.js Show response
fishingrods.nicolejungg.com/wp-includes/js/ 14 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Nov 2019 22:04:02 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5dc1f1d2-364d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620939e85c272-FRA
cf-request-id: 0337b2b0430000c2724b854200000001

GET
H2 200 56e48d2a756fa7d5ca8ab3de720f8195.jpg
i.pinimg.com/originals/56/e4/8d/ 41 KB
41 KB 201ms
175ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/56/e4/8d/56e48d2a756fa7d5ca8ab3de720f8195.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5170cff6cd368be5e9653986e37d6b35cb9aa01b33efdb0ef778f238fb92760c

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "7c20d6b693b40c4d5842e01516adad6f"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c87705d0-FRA
content-length: 41880
cf-request-id: 0337b2b05a000005d0babc6200000001
server: cloudflare

GET
H2 200 432ebbe82a91203bb4169cb36f22ad94.jpg
i.pinimg.com/originals/43/2e/bb/ 7 KB
7 KB 221ms
195ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/43/2e/bb/432ebbe82a91203bb4169cb36f22ad94.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6fde18852563044c087661e03a9b01a2996afb0b1c80c352bf4b1408cbe6536

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "5690e16b93e032cfeb0773da864b11db"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c87c05d0-FRA
content-length: 6685
cf-request-id: 0337b2b05a000005d0babc7200000001
server: cloudflare

GET
H2 200 1fe73fdafa1e06a367e1bec7d08b08f6.jpg
i.pinimg.com/originals/1f/e7/3f/ 28 KB
28 KB 188ms
162ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1f/e7/3f/1fe73fdafa1e06a367e1bec7d08b08f6.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6ac80894da21378a993ddce0b4e2b0ccc721a65d4a610edad99606b2294176

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "ff160967a7a17badf8c3aab49c5b39f2"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c87d05d0-FRA
content-length: 28269
cf-request-id: 0337b2b05a000005d0babc8200000001
server: cloudflare

GET
H2 200 e7788a274892d31c1d7fa9865f6e30e2.jpg
i.pinimg.com/originals/e7/78/8a/ 21 KB
21 KB 230ms
204ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e7/78/8a/e7788a274892d31c1d7fa9865f6e30e2.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfda550fd2e72f6773236c30b2e6f1e8a63b530dea2719e64e8842f94cf590be

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "9c17a5557c27723e04fb7f389a003669"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c87e05d0-FRA
content-length: 21440
cf-request-id: 0337b2b05a000005d0babc9200000001
server: cloudflare

GET
H2 200 8e761017eaf62a42d4d37311670774ed.jpg
i.pinimg.com/originals/8e/76/10/ 66 KB
66 KB 53ms
28ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/8e/76/10/8e761017eaf62a42d4d37311670774ed.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387f4c4fa76414b03aa53eba48e14c956d93b64e523d2fb95426246921dec60d

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "94c9456e38eb163783db46e4b664da74"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c87f05d0-FRA
content-length: 67148
cf-request-id: 0337b2b05a000005d0babca200000001
server: cloudflare

GET
H2 200 6546818756e45a52776f0cb29e86b14d.jpg
i.pinimg.com/originals/65/46/81/ 26 KB
26 KB 48ms
22ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/65/46/81/6546818756e45a52776f0cb29e86b14d.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4606197b26e0a107fae0220edbba00f5d50aaa57e7e0b2c94f2608a237dba4f

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
cf-bgj: h2pri
x-cdn: cloudflare
etag: "45b9749389412229d4e7b8bd2743201a"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c88005d0-FRA
content-length: 26935
cf-request-id: 0337b2b05a000005d0babcb200000001
server: cloudflare

GET
H2 200 226d89d43961f207ae2b797753bf0130.jpg
i.pinimg.com/originals/22/6d/89/ 43 KB
43 KB 22ms
21ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/22/6d/89/226d89d43961f207ae2b797753bf0130.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824e9c030ac369c48450bfd5835bc0c58a600d3e51d05ea92f3bb3690182f70d

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
cf-bgj: h2pri
x-cdn: cloudflare
etag: "229c5e93f328f3c7d3bfd6e20c6cc509"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c88105d0-FRA
content-length: 44166
cf-request-id: 0337b2b05a000005d0babcc200000001
server: cloudflare

GET
H2 200 d61e0fc4ca0267f10eefc752a36c7d69.jpg
i.pinimg.com/originals/d6/1e/0f/ 63 KB
63 KB 121ms
120ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d6/1e/0f/d61e0fc4ca0267f10eefc752a36c7d69.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50fd0ea206034eaa395752d4c36222045aaafcb1d92464b9bec0fb4980173658

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
cf-bgj: h2pri
x-cdn: cloudflare
etag: "45b8f7209a966d444be21957964eb4ec"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c88305d0-FRA
content-length: 64643
cf-request-id: 0337b2b05a000005d0babcd200000001
server: cloudflare

GET
H2 200 27c9354f006d22b2c1d398673592830c.jpg
i.pinimg.com/originals/27/c9/35/ 32 KB
33 KB 18ms
17ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/27/c9/35/27c9354f006d22b2c1d398673592830c.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 126365921f5db7768e944e41f92d442be5a542cb345a20777f16c3820161f05d

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
x-cdn: cloudflare
etag: "99837bd33ece637ebfdb13b8c1520848"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c88405d0-FRA
content-length: 33030
cf-request-id: 0337b2b05a000005d0babce200000001
server: cloudflare

GET
H2 200 646236ae028330761c4ab32cec1d8086.jpg
i.pinimg.com/originals/64/62/36/ 113 KB
113 KB 29ms
28ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/64/62/36/646236ae028330761c4ab32cec1d8086.jpg
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a7fe61d94e68bfe63e0def73d38b8bdcf374c6489f6d4a26149721c353f306

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
cf-bgj: h2pri
x-cdn: cloudflare
etag: "95892267fccaf4d6588ef45b97acd506"
vary: Origin, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 5a062093c88605d0-FRA
content-length: 115846
cf-request-id: 0337b2b05a000005d0babcf200000001
server: cloudflare

GET
H2 200 woo.css
fishingrods.nicolejungg.com/wp-content/plugins/featured-image-from-url/includes/html/css/ 76 B
201 B 10ms
10ms Stylesheet
text/css 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 5596
x-powered-by: PleskLin
status: 200
cf-request-id: 0337b2b0250000c2724b84c200000001
last-modified: Sun, 10 May 2020 18:25:21 GMT
server: cloudflare
etag: W/"4c-5a54f5a632640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=14400
cf-ray: 5a0620936e3bc272-FRA

GET
H2 200 scripts.js Show response
fishingrods.nicolejungg.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 15ms
15ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 15 Mar 2020 20:59:58 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5e6e974e-3868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620936e3dc272-FRA
cf-request-id: 0337b2b0250000c2724b84d200000001

GET
H2 200 scripts.js Show response
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/js/ 264 KB
76 KB 18ms
17ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/js/scripts.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4a6a92778aa42ab10b998859e69872830e2a1c6ea5a13984c59091878cbd74db

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5c44493e-41e64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620938e5fc272-FRA
cf-request-id: 0337b2b0330000c2724b84e200000001

GET
H2 200 wp-embed.min.js Show response
fishingrods.nicolejungg.com/wp-includes/js/ 1 KB
806 B 17ms
14ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-includes/js/wp-embed.min.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5db39083-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620939e7fc272-FRA
cf-request-id: 0337b2b0430000c2724b850200000001

GET
H2 200 image.js Show response
fishingrods.nicolejungg.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 3 KB
879 B 16ms
13ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?3_0_5
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bdce3ca22825c33fc55ce0b96fcdb0d0dc71c9466c607692fb0f62e350e2ea73

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 May 2020 18:25:21 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5eb84711-b54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620939e81c272-FRA
cf-request-id: 0337b2b0430000c2724b851200000001

GET
H2 200 sliders.js Show response
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/js/ 73 KB
16 KB 21ms
18ms Script
application/javascript 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/js/sliders.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a8a29da97e2aa7eb4be9a7433f95f62670d556e52d06e6f3b6a26b4db5a926e

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
age: 895
x-powered-by: PleskLin
etag: W/"5c44493e-12415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a0620939e83c272-FRA
cf-request-id: 0337b2b0430000c2724b852200000001

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 May 2020 19:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2085498
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 May 2021 19:24:21 GMT

GET
H2 200 fontawesome-webfont.woff2
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
76 KB 34ms
33ms Font
font/woff2 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/style.css
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "5c44493e-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a062093bea9c272-FRA
content-length: 77160
cf-request-id: 0337b2b04e0000c2724b85c200000001

GET
H2 200 tiefonticon.ttf
fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/fonts/tiefonticon/ 9 KB
5 KB 32ms
32ms Font
application/font-sfnt 2606:4700:3033::681f:5d3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.ttf
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:5d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fishingrods.nicolejungg.com/wp-content/themes/jannah/assets/css/style.css
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 20 Jan 2019 10:11:10 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5c44493e-22d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-sfnt
status: 200
cache-control: max-age=14400
cf-ray: 5a062093beabc272-FRA
cf-request-id: 0337b2b04e0000c2724b85d200000001

GET
H2 200 css
fonts.googleapis.com/ 5 KB
684 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Jun 2020 22:42:39 GMT
server: ESF
date: Mon, 08 Jun 2020 22:42:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jun 2020 22:42:39 GMT

GET
H/1.1 200
OK Cookie set 1142fa39 Show response
fast-redirecting.com/sl/ 25 KB
10 KB 81ms
80ms Document
text/html 116.202.209.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fast-redirecting.com/sl/1142fa39?d=1&r=0.7833529208099315
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/1142fa39?d=0&r=0.7833529208099315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.209.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.183.209.202.116.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 834c3f565473212d03ecd403c705c511070f57059009604bede8e645fd4c73ea

Request headers

Host: fast-redirecting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://fishingrods.nicolejungg.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: user_key=1599432159%7CZGE4ODIxMjFiNmYwYWNhMTZlNWU4M2I2YjVlZTM2YTg%3D%7C6d4351ad42ff937d42ef5a6003f07c5859647541; visited.1142fa39=1591699359%7CYToxOntpOjEzNDY7aToxO30%3D%7C405a01762f2f244923558cc397c00abbc6146124; visited_time.1142fa39=1591699359%7CMTU5MTY5OTM1OQ%3D%3D%7C114ce719f5277c292a0d005507f41b47f54d1395; tracking.0.1142fa39=1591742559%7CMQ%3D%3D%7C45ab6d3b140ad1115dd3ab3376490c9681e6595e; tracking.0.1142fa39-1346=1591915359%7CMQ%3D%3D%7Ccb200b519059bf791040dd9d41d41fdddc49c067
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fishingrods.nicolejungg.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 08 Jun 2020 22:42:39 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: user_key=1599432159%7CZGE4ODIxMjFiNmYwYWNhMTZlNWU4M2I2YjVlZTM2YTg%3D%7C6d4351ad42ff937d42ef5a6003f07c5859647541; path=/; expires=Sun, 06-Sep-2020 22:42:39 UTC tracking.1.1142fa39=1591742559%7CMQ%3D%3D%7C45ab6d3b140ad1115dd3ab3376490c9681e6595e; path=/; expires=Tue, 09-Jun-2020 22:42:39 UTC visited.1142fa39=1591699359%7CYToyOntpOjEzNDY7aToxO2k6MzI4NztpOjE7fQ%3D%3D%7C1d6010f8a97dcdd33a6469b5abcb02c248f2a47a; path=/; expires=Tue, 09-Jun-2020 10:42:39 UTC visited_time.1142fa39=1591699359%7CMTU5MTY5OTM1OQ%3D%3D%7C114ce719f5277c292a0d005507f41b47f54d1395; path=/; expires=Tue, 09-Jun-2020 10:42:39 UTC tracking.1.1142fa39-3287=1591915359%7CMQ%3D%3D%7Ccb200b519059bf791040dd9d41d41fdddc49c067; path=/; expires=Thu, 11-Jun-2020 22:42:39 UTC
Content-Encoding: gzip

GET
H2 200 pinit_main.js
assets.pinterest.com/js/ 69 KB
21 KB 44ms
27ms Script
application/javascript 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: fishingrods.nicolejungg.com
URL: https://fishingrods.nicolejungg.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://fishingrods.nicolejungg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:39 GMT
content-encoding: br
x-cdn: cloudflare
status: 200
etag: W/"e8887b4f8f70f289103ee0c74e6b81d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-cdn
cache-control: max-age=300
cf-ray: 5a062096ad9ddfdf-FRA
cf-request-id: 0337b2b2290000dfdfe7219200000001
server: cloudflare

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Tue, 19 May 2020 04:07:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1794894
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7968
x-xss-protection: 0
expires: Wed, 19 May 2021 04:07:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Wed, 20 May 2020 05:40:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:14 GMT
server: sffe
age: 1702926
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7960
x-xss-protection: 0
expires: Thu, 20 May 2021 05:40:33 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Wed, 27 May 2020 03:00:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1107758
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
expires: Thu, 27 May 2021 03:00:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin
Origin: https://fishingrods.nicolejungg.com

Response headers

date: Sat, 16 May 2020 07:38:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 2041449
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Sun, 16 May 2021 07:38:30 GMT

GET
H/1.1

200
OK

Cookie set 1142fa39 Show response
fast-redirecting.com/sl/
Redirect Chain

http://pritha-ner.com/www.faceebook.com?adTagId=5d272000-76a7-11e6-8ec7-0e6b810b9917&cpm=0&keywords=Facebook&domainid=3395&extclickid=4a81f8be457601a41c6ec411232b961e&fallbackUrl=https%3A%2F%2Ffast...
https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d

25 KB
10 KB

83ms
82ms

Document
text/html

116.202.209.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/1142fa39?d=1&r=0.7833529208099315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.209.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.183.209.202.116.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44fa40126bcd66204779a211c836c7706997bcae99c43f13ea60d9b750d07fc7

Request headers

Host: fast-redirecting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fast-redirecting.com/sl/1142fa39?d=1&r=0.7833529208099315&l=1

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 08 Jun 2020 22:42:40 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: user_key=1599432160%7CNDk4OTY2NzNiN2VlMmIyY2U1ZmFhMDg0MTQ2MDg3ZWY%3D%7C8f24cce5e58368dae2b8b3c27e917666ac303e9d; path=/; expires=Sun, 06-Sep-2020 22:42:40 UTC visited.1142fa39=1591699360%7CYToxOntpOjEzNDY7aToxO30%3D%7Cc2fd9f7bb12c445f731364b25d8c0c1c0cf67f22; path=/; expires=Tue, 09-Jun-2020 10:42:40 UTC visited_time.1142fa39=1591699360%7CMTU5MTY5OTM2MA%3D%3D%7C1789431e227ff33c5649bb53cb5f3482f1c0180e; path=/; expires=Tue, 09-Jun-2020 10:42:40 UTC tracking.1.1142fa39=1591742560%7CMQ%3D%3D%7Caa38f20e7b819fd289c78ca8ed7ef64fe3dea4c6; path=/; expires=Tue, 09-Jun-2020 22:42:40 UTC tracking.1.1142fa39-1346=1591915360%7CMQ%3D%3D%7Ce6f899d3c6b3a140f82a2038b2283e31b893a3c2; path=/; expires=Thu, 11-Jun-2020 22:42:40 UTC
Content-Encoding: gzip

Redirect headers

Date: Mon, 08 Jun 2020 22:42:40 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Location: https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d
Server: ZeroPark-Traffic

GET
H/1.1 200
OK Cookie set / Show response
c.redirect750.us/ 3 KB
2 KB 301ms
259ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=bb453abb9792d1e080f449c80e33ae49
Requested by: Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/1142fa39?r=0.7833529208099315&nwe=3287&clickid=5bc361b3-a9d9-11ea-b99c-122b7c1baf0d
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: ea2284e5787afb2e5744b4b58a8b90678771994de39e98a13440a133db22b7f4

Request headers

Host: c.redirect750.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 08 Jun 2020 22:42:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=61a8102d61bf4defc7bd2afde36c2034; expires=Tue, 08-Jun-2021 22:42:40 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
c.redirect750.us/ 9 KB
3 KB 158ms
158ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Requested by: Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=bb453abb9792d1e080f449c80e33ae49
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: e88328d12fc36d9af38503197602ddb4075c120eb1dc078c006b5e1140d2f363

Request headers

Host: c.redirect750.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=bb453abb9792d1e080f449c80e33ae49
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: u=61a8102d61bf4defc7bd2afde36c2034
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=bb453abb9792d1e080f449c80e33ae49

Response headers

Server: nginx
Date: Mon, 08 Jun 2020 22:42:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H2

403

Primary Request 48584c8e13 Show response
df75908d.myoffer.pro/oc/
Redirect Chain

http://c.redirect750.us/proc.php?53b148ac8850fa9619f648711d5d14cbcc09923d
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

10 KB
5 KB

183ms
20ms

Document
text/html

2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Requested by

Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0c74cb4e8162efc880badd02a34e1d969fd16a9bf43311bbfc4ecf1842474b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: df75908d.myoffer.pro
:scheme: https
:path: /oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://c.redirect750.us/?utm_term=6836111153693721075&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d#

Response headers

status: 403
date: Mon, 08 Jun 2020 22:42:41 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
set-cookie: __cfduid=d7bfb7316279aed589686a7c52d4ae49d1591656161; expires=Wed, 08-Jul-20 22:42:41 GMT; path=/; domain=.myoffer.pro; HttpOnly; SameSite=Lax
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
cf-request-id: 0337b2b71800001f21041da200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5a06209e8afd1f21-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Mon, 08 Jun 2020 22:42:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

GET
H2 200 cf.errors.css
df75908d.myoffer.pro/cdn-cgi/styles/ 28 KB
5 KB 18ms
17ms Stylesheet
text/css 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dba22a9ee028e3aa09baa7c36e14c86effba2516862aad01019c06e757b375

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ed635c9-6eeb"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=7200, public
cf-ray: 5a06209ecb7e1f21-FRA
cf-request-id: 0337b2b73c00001f21041db200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 zepto.min.js Show response
df75908d.myoffer.pro/cdn-cgi/scripts/ 24 KB
9 KB 13ms
13ms Script
application/javascript 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/scripts/zepto.min.js

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
etag: W/"5ed635c9-618f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5a06209ecb7f1f21-FRA
cf-request-id: 0337b2b73c00001f21041dc200000001
expires: Wed, 10 Jun 2020 22:42:41 GMT

GET
H2 200 cf.common.js Show response
df75908d.myoffer.pro/cdn-cgi/scripts/ 4 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/scripts/cf.common.js

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
etag: W/"5ed635c9-1138"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5a06209ecb811f21-FRA
cf-request-id: 0337b2b73c00001f21041dd200000001
expires: Wed, 10 Jun 2020 22:42:41 GMT

GET
H2 200 hcaptcha.challenge.js Show response
df75908d.myoffer.pro/cdn-cgi/scripts/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/scripts/hcaptcha.challenge.js

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eff766fe814feec55954a6f8d3935be7e732cdb0a87f94bedf5d8ce3e29b4ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
etag: W/"5ed635c9-2fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5a06209edba71f21-FRA
cf-request-id: 0337b2b74900001f21041de200000001
expires: Wed, 10 Jun 2020 22:42:41 GMT

GET
H2 200 transparent.gif
df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
153 B 11ms
10ms Image
image/gif 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5a06209e8afd1f21

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ed635c9-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5a06209efbd01f21-FRA
content-length: 42
cf-request-id: 0337b2b75800001f21041e0200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 browser-bar.png
df75908d.myoffer.pro/cdn-cgi/images/ 916 B
1016 B 15ms
14ms Image
image/png 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://df75908d.myoffer.pro/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3073ea23a66b474cdb02c3ec5a76a4510830bcf41671cad9247a6a0baa23f816

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ed635c9-394"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5a06209efbd31f21-FRA
content-length: 916
cf-request-id: 0337b2b75800001f21041e1200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 error_icons.png
df75908d.myoffer.pro/cdn-cgi/images/ 11 KB
11 KB 15ms
14ms Image
image/png 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://df75908d.myoffer.pro/cdn-cgi/images/error_icons.png

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6276600a8879318ffd1752e37c4702ebe5aafa18d5a1c43fa4efef9ab899347b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ed635c9-2c20"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5a06209efbd41f21-FRA
content-length: 11296
cf-request-id: 0337b2b75800001f21041e2200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 opensans-300.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 15 KB
14 KB 13ms
13ms Font
application/font-woff 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-300.woff

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059fb5b9c3140723dd817f3e0a6dd38b62465864cc6922727ff23a4c4fb157a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin: https://df75908d.myoffer.pro

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ed635c9-3dfc"
vary: Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: max-age=7200, public
cf-ray: 5a06209efbd61f21-FRA
cf-request-id: 0337b2b75800001f21041e3200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 opensans-400.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 16 KB
14 KB 14ms
14ms Font
application/font-woff 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-400.woff

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d3578fac745f8a18cd8068a55f0c45d68c37532e2f85b98be69f32d8ab23ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin: https://df75908d.myoffer.pro

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ed635c9-3e40"
vary: Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: max-age=7200, public
cf-ray: 5a06209efbd81f21-FRA
cf-request-id: 0337b2b75800001f21041e4200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2 200 opensans-600.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 16 KB
15 KB 13ms
13ms Font
application/font-woff 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-600.woff

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8662216acfc2aebb92efb59860305bf049548c55dbf3c7507df48d36ec4ae09f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin: https://df75908d.myoffer.pro

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ed635c9-3eb8"
vary: Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: max-age=7200, public
cf-ray: 5a06209efbda1f21-FRA
cf-request-id: 0337b2b75800001f21041e5200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

GET
H2

200

hcaptcha.min.js Show response
assets.hcaptcha.com/captcha/v1/03ff895/
Redirect Chain

https://hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit
https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit

64 KB
21 KB

158ms
156ms

Script
application/javascript

104.18.27.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit

Requested by

Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98d6c98f33861e8d85834743ce90eec967641b8d4034a106cd48ffcd4a9d51c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-request-id: 1D70FE44F0DAF570
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 21164
x-amz-id-2: q3ojLCRQyU3bwZdfAaXfR46mqKosr/0k9zis2DSQf2ptboEYEpsoGkx/uxxjm4kz5JN+X5Mp800=
last-modified: Mon, 08 Jun 2020 21:30:20 GMT
server: cloudflare
etag: "78d9d8fa5b44ddf7188ac8696496e308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
cf-request-id: 0337b2b83f0000fa6cf923c200000001
accept-ranges: bytes
cf-ray: 5a0620a06ff6fa6c-AMS

Redirect headers

date: Mon, 08 Jun 2020 22:42:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: text/html; charset=utf-8
location: https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit
vary: Accept-Encoding
cf-ray: 5a06209fef71fa6c-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0337b2b7ed0000fa6cf923a200000001

GET
H2 200 hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/03ff895/static/ Frame 945A 0
0 281ms
281ms Document
text/html 104.18.27.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/03ff895/static/hcaptcha-challenge.html

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: assets.hcaptcha.com
:scheme: https
:path: /captcha/v1/03ff895/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Response headers

status: 200
date: Mon, 08 Jun 2020 22:42:41 GMT
content-type: text/html
set-cookie: __cfduid=d594c80ae1218692e580990a6f155a1221591656161; expires=Wed, 08-Jul-20 22:42:41 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: WpD/atubylKr7/oqY8dXZqqW/wHoD4PbYJ+BAGePPX7ijcOZSjuDsf748aqUw5LXlzNdvUcjMfA=
x-amz-request-id: 46CE1B9D86763A88
last-modified: Mon, 08 Jun 2020 21:30:16 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0337b2b9060000fa6cf923f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5a0620a1a92ffa6c-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/03ff895/static/ Frame 9766 0
0 171ms
171ms Document
text/html 104.18.27.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.hcaptcha.com/captcha/v1/03ff895/static/hcaptcha-checkbox.html

Requested by

Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/03ff895/hcaptcha.min.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: assets.hcaptcha.com
:scheme: https
:path: /captcha/v1/03ff895/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z

Response headers

status: 200
date: Mon, 08 Jun 2020 22:42:41 GMT
content-type: text/html
set-cookie: __cfduid=d594c80ae1218692e580990a6f155a1221591656161; expires=Wed, 08-Jul-20 22:42:41 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: 6IhNgPvN2uF9PdeQfl/3oOQkwyvCLVLEdW5IcK3KPt/4lDwOu9l6N6y8oDJYi0Q7hpj50DxhJ2Q=
x-amz-request-id: 5293F7E2373E9112
last-modified: Mon, 08 Jun 2020 21:30:16 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0337b2b9100000fa6cf9241200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5a0620a1b944fa6c-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 transparent.gif
df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/js/h/ 42 B
125 B 7ms
7ms Image
image/gif 2606:4700:e0::ac40:651b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/js/h/transparent.gif?ray=5a06209e8afd1f21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:651b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6836111153693721075&pubid=965-ac39164z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Jun 2020 22:42:41 GMT
last-modified: Tue, 02 Jun 2020 11:19:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ed635c9-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5a0620a1887f1f21-FRA
content-length: 42
cf-request-id: 0337b2b8f200001f2104202200000001
expires: Tue, 09 Jun 2020 00:42:41 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.myoffer.pro/	1970-01-19 10:50:48	Name: __cfduid Value: d7bfb7316279aed589686a7c52d4ae49d1591656161

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://fishingrods.nicolejungg.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.hcaptcha.com
assets.pinterest.com
c.redirect750.us
df75908d.myoffer.pro
fast-redirecting.com
fishingrods.nicolejungg.com
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
i.pinimg.com
pritha-ner.com
104.18.27.20
116.202.209.183
198.143.165.221
2606:4700:3033::681f:5d3f
2606:4700::6812:eb0
2606:4700:e0::ac40:651b
2a00:1450:4001:800::2003
2a00:1450:4001:808::200a
2a00:1450:4001:815::200a
34.202.63.247
0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73
059fb5b9c3140723dd817f3e0a6dd38b62465864cc6922727ff23a4c4fb157a8
126365921f5db7768e944e41f92d442be5a542cb345a20777f16c3820161f05d
1a6ac80894da21378a993ddce0b4e2b0ccc721a65d4a610edad99606b2294176
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2a8a29da97e2aa7eb4be9a7433f95f62670d556e52d06e6f3b6a26b4db5a926e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3073ea23a66b474cdb02c3ec5a76a4510830bcf41671cad9247a6a0baa23f816
387f4c4fa76414b03aa53eba48e14c956d93b64e523d2fb95426246921dec60d
38d3578fac745f8a18cd8068a55f0c45d68c37532e2f85b98be69f32d8ab23ed
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4
44fa40126bcd66204779a211c836c7706997bcae99c43f13ea60d9b750d07fc7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6a92778aa42ab10b998859e69872830e2a1c6ea5a13984c59091878cbd74db
50fd0ea206034eaa395752d4c36222045aaafcb1d92464b9bec0fb4980173658
5170cff6cd368be5e9653986e37d6b35cb9aa01b33efdb0ef778f238fb92760c
539290580bb0abf5ac8368e8e983801c6b63b1c4d3c79f1feaf2800f5d1ceb3e
580c0b37eef4340530f5be1df7f0c3da2c1e5ed22b4283d79b8f86c80470d145
6276600a8879318ffd1752e37c4702ebe5aafa18d5a1c43fa4efef9ab899347b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7eff766fe814feec55954a6f8d3935be7e732cdb0a87f94bedf5d8ce3e29b4ef
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
824e9c030ac369c48450bfd5835bc0c58a600d3e51d05ea92f3bb3690182f70d
834c3f565473212d03ecd403c705c511070f57059009604bede8e645fd4c73ea
85f24e26f4dd4abf4d3e447425223fed15ac5489439dccec9ec4afa21ca1fa9a
8662216acfc2aebb92efb59860305bf049548c55dbf3c7507df48d36ec4ae09f
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
98d6c98f33861e8d85834743ce90eec967641b8d4034a106cd48ffcd4a9d51c4
9a3f815cf25407834c09f560ae6f906e9309dbdf204708748ffee2d4d9bd1111
b0c74cb4e8162efc880badd02a34e1d969fd16a9bf43311bbfc4ecf1842474b6
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bdce3ca22825c33fc55ce0b96fcdb0d0dc71c9466c607692fb0f62e350e2ea73
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
d4606197b26e0a107fae0220edbba00f5d50aaa57e7e0b2c94f2608a237dba4f
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
ddf3d45a29935c10a00179049cd6707e94d930840a57440214ca3eb2962dc562
dfda550fd2e72f6773236c30b2e6f1e8a63b530dea2719e64e8842f94cf590be
e2dba22a9ee028e3aa09baa7c36e14c86effba2516862aad01019c06e757b375
e88328d12fc36d9af38503197602ddb4075c120eb1dc078c006b5e1140d2f363
ea2284e5787afb2e5744b4b58a8b90678771994de39e98a13440a133db22b7f4
eb5fe511b68861796157104f45c01546db651f8d831390c388af04fb0b0d3039
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6fde18852563044c087661e03a9b01a2996afb0b1c80c352bf4b1408cbe6536
f9a7fe61d94e68bfe63e0def73d38b8bdcf374c6489f6d4a26149721c353f306

df75908d.myoffer.pro Open in urlscan Pro 2606:4700:e0::ac40:651b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

60 %IPv6

10 Domains

12 Subdomains

9 IPs

2 Countries

935 kBTransfer

1943 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

df75908d.myoffer.pro Open in urlscan Pro
2606:4700:e0::ac40:651b Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

60 %
IPv6

10
Domains

12
Subdomains

9
IPs

2
Countries

935 kB
Transfer

1943 kB
Size

1
Cookies

57 HTTP transactions
0 data transactions