URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Submission: On December 29 via api from US

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 44 HTTP transactions. The main IP is 2606:4700:30::681b:92cf, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pixelrz.com.
This is the only time pixelrz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:1b::84 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 14 104.19.135.78 13335 (CLOUDFLAR...)
1 2 88.212.201.216 39134 (UNITEDNET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 3 2.16.186.80 20940 (AKAMAI-ASN1)
2 2 35.212.212.222 19527 (GOOGLE-2)
1 23.105.245.5 7979 (SERVERS)
2 2 18.185.81.183 16509 (AMAZON-02)
1 2 52.7.10.110 14618 (AMAZON-AES)
2 2 54.72.122.154 16509 (AMAZON-02)
1 104.19.138.80 13335 (CLOUDFLAR...)
2 2 216.58.206.2 15169 (GOOGLE)
1 151.101.112.84 54113 (FASTLY)
44 16
Domain Requested by
8 pixelrz.com pixelrz.com
5 cm.mgid.com jsc.mgid.com
4 s-img.mgid.com
4 apis.google.com pixelrz.com
apis.google.com
3 b.scorecardresearch.com 1 redirects jsc.mgid.com
3 fonts.gstatic.com pixelrz.com
jsc.mgid.com
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
2 i.liadm.com 1 redirects
2 x.bidswitch.net 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 counter.yadro.ru 1 redirects pixelrz.com
2 jsc.mgid.com 1 redirects pixelrz.com
2 connect.facebook.net pixelrz.com
connect.facebook.net
2 assets.pinterest.com pixelrz.com
2 fonts.googleapis.com pixelrz.com
1 c.mgid.com
1 log.pinterest.com assets.pinterest.com
1 cm.steepto.com
1 cm.lentainform.com
1 cdn.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 accounts.google.com apis.google.com
44 25

This site contains links to these domains. Also see Links.

Domain
twitter.com
widgets.mgid.com
brainberries.co
www.liveinternet.ru
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.apis.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2019-06-05 -
2020-07-22
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-12-06 -
2020-03-05
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
ssl382684.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-07 -
2020-05-15
6 months crt.sh
accounts.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.lentainform.com
Go Daddy Secure Certificate Authority - G2
2018-11-21 -
2020-01-20
a year crt.sh
*.liadm.com
Amazon
2019-12-28 -
2021-01-28
a year crt.sh
ssl382690.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-07 -
2020-05-15
6 months crt.sh

This page contains 7 frames:

Primary Page: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Frame ID: 9936D834FCCA4C739C3B7A642C6A4663
Requests: 39 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fpixelrz.com&url=http%3A%2F%2Fpixelrz.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
Frame ID: A74C1FF2D700275060145EDEFF318D34
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Frame ID: B1D7EC0EE6E75A66D282B78746AF6DC2
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fpixelrz.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
Frame ID: 5636FB19CBA17DCE53E8C0B2E312B112
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 5A25E5057B1087AFAA523C7B7E581676
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2034ae49c1ee74%26domain%3Dpixelrz.com%26origin%3Dhttp%253A%252F%252Fpixelrz.com%252Ff8bc3eb11c54b8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpixelrz.com%2F&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=55
Frame ID: 8BABE67F42A1F74DDE4BC7FDBB435852
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1577625907435392581766
Frame ID: 06B829EDF0D5ABB1709637775BC08B0A
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

75 %
HTTPS

42 %
IPv6

17
Domains

25
Subdomains

16
IPs

5
Countries

416 kB
Transfer

970 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://assets.pinterest.com/js/pinit.js HTTP 307
  • https://assets.pinterest.com/js/pinit.js
Request Chain 14
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 16
  • http://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913 HTTP 301
  • https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Request Chain 17
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282 HTTP 302
  • http://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282
Request Chain 19
  • http://assets.pinterest.com/js/pinit_main.js?0.8504548171539605 HTTP 307
  • https://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
Request Chain 36
  • http://b.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&c9=
Request Chain 37
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=edef03f3-511a-45c6-942d-8bfa9c3625a6
Request Chain 39
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=jbt7TpAr7ip5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=jbt7TpAr7ip5 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25 HTTP 303
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25&_li_chk=true&previous_uuid=8b492a7d57244c9b92891df92c91c202
Request Chain 40
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=ee8f18e9-a21e-422e-8bf4-67c8f2a19d27&ttl=1580217907
Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=amJ0N1RwQXI3aXA1&muidn=jbt7TpAr7ip5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=amJ0N1RwQXI3aXA1&muidn=jbt7TpAr7ip5&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=jbt7TpAr7ip5&google_ula={guid},5&google_gid=CAESEN15QDHCrzbg7s2eO5f7vK4&google_cver=1

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
7 KB
3 KB
Document
General
Full URL
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.3.3
Resource Hash
e810e7854ea505e79ce219d4a8e7d63465272df0afb9e42058548b8652502c21

Request headers

Host
pixelrz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:06 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfc4e2013a71e413f74041566b46dc36b1577625905; expires=Tue, 28-Jan-20 13:25:05 GMT; path=/; domain=.pixelrz.com; HttpOnly; SameSite=Lax
X-Powered-By
PHP/5.3.3
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54cc1916fe02dfe7-FRA
Content-Encoding
gzip
style.css
pixelrz.com/css/
755 B
727 B
Stylesheet
General
Full URL
http://pixelrz.com/css/style.css
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9f0cb81fc899879de173a45532436e677b1501dd42f5864fafacd7fc697c3e

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:21:53 GMT
Server
cloudflare
Age
6565
ETag
W/"58075751-2f3"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191eaf0ddfe7-FRA
jquery.fancybox.css
pixelrz.com/fancybox/
5 KB
1 KB
Stylesheet
General
Full URL
http://pixelrz.com/fancybox/jquery.fancybox.css
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e651e8828ff91736f6dc0fe39ba7d2f6cba105a0665903e5e79b6f5330b880

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:22:02 GMT
Server
cloudflare
Age
6566
ETag
W/"5807575a-130f"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191f1968c2db-FRA
jquery-1.8.2.min.js
pixelrz.com/js/
91 KB
33 KB
Script
General
Full URL
http://pixelrz.com/js/jquery-1.8.2.min.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e55f3f3ad93f101fb28094410ee4a9bac9627207ee0af04276b464f8618d924

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:22:23 GMT
Server
cloudflare
Age
6566
ETag
W/"5807576f-16cfc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191f1ece9742-FRA
jquery.easing.1.3.js
pixelrz.com/fancybox/
8 KB
2 KB
Script
General
Full URL
http://pixelrz.com/fancybox/jquery.easing.1.3.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:22:01 GMT
Server
cloudflare
Age
6566
ETag
W/"58075759-1fa1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191f1a9ec286-FRA
jquery.fancybox-1.2.1.pack.js
pixelrz.com/fancybox/
8 KB
4 KB
Script
General
Full URL
http://pixelrz.com/fancybox/jquery.fancybox-1.2.1.pack.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d093c8c939f78224d6830b4b58683e18fce128d0bd6b38dd16cbf7b7db1466

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:22:02 GMT
Server
cloudflare
Age
6566
ETag
W/"5807575a-206f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191f1800c2c2-FRA
jquery.waitforimages.js
pixelrz.com/js/
7 KB
2 KB
Script
General
Full URL
http://pixelrz.com/js/jquery.waitforimages.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7513fa1cbfb27a625d51c8aa2c5dda10f81703a30ef69f31a8536307c985824e

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 19 Oct 2016 11:22:25 GMT
Server
cloudflare
Age
6566
ETag
W/"58075771-1cbc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191f2828971e-FRA
css
fonts.googleapis.com/
4 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c410ec936d045177f84f0e8f3205d5b576bf74fff1297b0a3ac9221d0d9ac40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 29 Dec 2019 13:25:06 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 29 Dec 2019 13:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 29 Dec 2019 13:25:06 GMT
css
fonts.googleapis.com/
821 B
409 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Vampiro+One
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1e0f80dd992556a91a7318a2dd73c3a75e06d12f926c79946291343f83476fc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 29 Dec 2019 13:25:06 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 29 Dec 2019 13:25:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 29 Dec 2019 13:25:06 GMT
logo.png
pixelrz.com/
16 KB
16 KB
Image
General
Full URL
http://pixelrz.com/logo.png
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:92cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
304f61ad87e3c1e88f7e0eb7af5abfa09d16343186de98c25d19b65f90fd9a5c

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 10 Nov 2016 10:05:40 GMT
Server
cloudflare
Age
6566
ETag
"58244674-3fae"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
54cc191f287adfe7-FRA
Content-Length
16302
plusone.js
apis.google.com/js/
48 KB
18 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ccb1e2b6ebb830115670acb58cbb1b7b93179cae94fbac05cbe8889daecdb5e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-8lS0Deq3q10i1PnYfrOh2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"b19bdf7157d1a9fd2bbe332e574e80e5"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Sun, 29 Dec 2019 13:25:06 GMT
pinit.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit.js
  • https://assets.pinterest.com/js/pinit.js
355 B
410 B
Script
General
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
x-cdn
fastly
access-control-allow-origin
*
etag
"8dd5359092b2e6296dc231b56e768864"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
status
200
access-control-max-age
86400
cache-control
max-age=300
content-length
181
access-control-expose-headers
X-CDN

Redirect headers

Location
https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason
HSTS
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQc/rs=AGLTcCMtH3dgjriX481Rb7quselpe-HGkQ/
139 KB
49 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQc/rs=AGLTcCMtH3dgjriX481Rb7quselpe-HGkQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3e3bd0c6249aec8fcbfc491ab635c3287b76e3206daa0c21fe2d63947f6f2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 17:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 21:13:14 GMT
server
sffe
age
1539575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49922
x-xss-protection
0
expires
Thu, 10 Dec 2020 17:45:32 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQc/rs=AGLTcCMtH3dgjriX481Rb7quselpe-HGkQ/
96 KB
34 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQc/rs=AGLTcCMtH3dgjriX481Rb7quselpe-HGkQ/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91df31c32059541caddcda51fd8bbff9a4c05c0cf96a1de5a491007d7bdd2ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 17:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 21:13:14 GMT
server
sffe
age
1539571
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
34362
x-xss-protection
0
expires
Thu, 10 Dec 2020 17:45:36 GMT
fastbutton
apis.google.com/se/0/_/+1/ Frame A74C
0
0
Document
General
Full URL
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fpixelrz.com&url=http%3A%2F%2Fpixelrz.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fpixelrz.com&url=http%3A%2F%2Fpixelrz.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
accept-encoding
gzip, deflate, br
cookie
NID=194=WhVvxI98sTanOVzqZN1gMTX04LZcyF124868gGO3fmJBPuhGnxU0VMhG3tRC2sBczpnYBQfQLHUs-AefVU9NSiU6oPDZkgSkQm3sIv_pkqFCQCQAX-HnhbhRIGzlaRZoqGy-wUgUMxzB6KfGOI0y5TpyR5noNGdtUGvzkjeGlP4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/

Response headers

status
404
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 29 Dec 2019 13:25:07 GMT
content-security-policy-report-only
script-src 'report-sample' 'nonce-G+MvptiaeK005NzB+e8NzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8b7d0920889328df760b72ed3d76d2cceedec77dae3424eb2662a91d24e70008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9XYLlIeult3tcw2xdRkFJw==
status
200
date
Sun, 29 Dec 2019 13:25:07 GMT
expires
Sun, 29 Dec 2019 13:43:27 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1778
x-fb-debug
TOQkFr4iqNCg7Tj6vcSNjMNAqldCrCNyvoFtHZ2jCyAqAFfmSyKY4gy8qF42GiusDyxkgy3bZybYnnWl1PKofw==
x-fb-trip-id
420120009
x-fb-content-md5
9175eed5a91f6a2bedfbd5fabb7daade
etag
"fefc5f51d8ae60f7293b8e35fa8ad2e8"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
gokqH6DoDl5yXvJytFsdLnqguPlqoa3L.woff2
fonts.gstatic.com/s/vampiroone/v10/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vampiroone/v10/gokqH6DoDl5yXvJytFsdLnqguPlqoa3L.woff2
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b99431131aefe1b36f0f83ae27c4cca777bc931434dba74cbc83d3758ccaa7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Vampiro+One
Origin
http://pixelrz.com

Response headers

date
Thu, 19 Dec 2019 22:31:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:02:19 GMT
server
sffe
age
831188
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10372
x-xss-protection
0
expires
Fri, 18 Dec 2020 22:31:59 GMT
wesharepics.info.242487.js
jsc.mgid.com/w/e/ Frame B1D7
Redirect Chain
  • http://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
  • https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
142 KB
36 KB
Script
General
Full URL
https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
256ad35d3b62e3133ef902b7935beb202b02e10cd1f8aef90bb6e85ffcea0585

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
cf-cache-status
HIT
age
324
cf-polished
origSize=159632
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id
5914F78ADADAF774
x-amz-id-2
WgMjxiqdPqPhjD4cAo3Wae/o/utvYEX8YoFogMzYyiD1JbVE8wyAANCShLOICiYhUy8adPa0n8c=
last-modified
Thu, 28 Nov 2019 13:03:01 GMT
server
cloudflare
etag
W/"5c2e8d6aca7b77716817f21765a12670"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
expires
Sun, 29 Dec 2019 14:25:07 GMT
cache-control
public, max-age=3600
cf-ray
54cc192019bf69cf-LHR
cf-bgj
minify

Redirect headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54cc191fae94bbb8-LHR
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Expires
Sun, 29 Dec 2019 14:25:07 GMT
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282
  • http://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282
140 B
509 B
Image
General
Full URL
http://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
0W/0.8c /
Resource Hash
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Dec 2019 13:25:07 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
140
Expires
Fri, 28 Dec 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 29 Dec 2019 13:25:07 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttp%3A//pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/;0.8364502687791282
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Fri, 28 Dec 2018 21:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 5636
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fpixelrz.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQc/rs=AGLTcCMtH3dgjriX481Rb7quselpe-HGkQ/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Lj/UNwkyASNtPkFeSq/XMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fpixelrz.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DAQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtH3dgjriX481Rb7quselpe-HGkQ%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
accept-encoding
gzip, deflate, br
cookie
NID=194=WhVvxI98sTanOVzqZN1gMTX04LZcyF124868gGO3fmJBPuhGnxU0VMhG3tRC2sBczpnYBQfQLHUs-AefVU9NSiU6oPDZkgSkQm3sIv_pkqFCQCQAX-HnhbhRIGzlaRZoqGy-wUgUMxzB6KfGOI0y5TpyR5noNGdtUGvzkjeGlP4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 29 Dec 2019 13:25:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-Lj/UNwkyASNtPkFeSq/XMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pinit_main.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
  • https://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
65 KB
18 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::84 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
03d7c05eeb32a80208bba6a6977305749a7becd232c463549b5a1e7a6885a456

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
x-cdn
fastly
access-control-allow-origin
*
etag
"ea9a7b57799dfe26a1f131d700275439"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
status
200
access-control-max-age
86400
cache-control
max-age=300
content-length
17984
access-control-expose-headers
X-CDN

Redirect headers

Location
https://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_US/
190 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=10860f8f2ab8db2e26c7d480b70aabcf&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f7a8160b6306d35a6150191a977e2be6b212a30bcf119f2ad4c607d32b7f1003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Origin
http://pixelrz.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
S7KkrMaV4KNEBb3FAIXz5g==
status
200
date
Sun, 29 Dec 2019 13:25:07 GMT
expires
Mon, 28 Dec 2020 12:43:33 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
57675
x-fb-debug
aUhg+4P1e6/rfpM4p5Mzo3A/swnnlLhXQ4CKjZhhLjHxY2ompjDmQ4HpZzC9CLdqSw3T+gnd+kqYwfmGtJNFEA==
x-fb-trip-id
420120009
x-fb-content-md5
a98023626300835fd1d3be0122041e4a
etag
"d5a266154ef8fe1ae6f11373d382bc75"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 5A25
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=10860f8f2ab8db2e26c7d480b70aabcf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:48:35 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
H9xxIoZ7iCiXqAIme/FuMlFfpFtg37LiJebG7csl85+wEOWvLAQtTIwc2lz2RvvS5vM32TSWceS2hanmwYyulA==
content-length
12381
x-fb-trip-id
420120009
date
Sun, 29 Dec 2019 13:25:07 GMT
alt-svc
h3-24=":443"; ma=3600
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
632 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: pixelrz.com
URL: http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Origin
http://pixelrz.com

Response headers

date
Thu, 21 Nov 2019 04:08:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
3316621
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15556
x-xss-protection
0
expires
Fri, 20 Nov 2020 04:08:06 GMT
like.php
www.facebook.com/plugins/ Frame 8BAB
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2034ae49c1ee74%26domain%3Dpixelrz.com%26origin%3Dhttp%253A%252F%252Fpixelrz.com%252Ff8bc3eb11c54b8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpixelrz.com%2F&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=55
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=10860f8f2ab8db2e26c7d480b70aabcf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2034ae49c1ee74%26domain%3Dpixelrz.com%26origin%3Dhttp%253A%252F%252Fpixelrz.com%252Ff8bc3eb11c54b8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpixelrz.com%2F&layout=box_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
+/Q8/Lz2/viPJRPQmHQjwjbX9Gw4y7it+w4RQq1nd34CoY5ldZxUjjRLBJY5KYMJrlsHtGsUNSb7cUs9TwHsOg==
date
Sun, 29 Dec 2019 13:25:07 GMT
alt-svc
h3-24=":443"; ma=3600
1
servicer.mgid.com/242487/
4 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/242487/1?w=780&h=216&p3_w=187&p3_h=196&cols=4&pv=5&cbuster=1577625907337103474914&ref=&lu=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&pageView=1&pvid=16f51d4f08a94ab0a29&implVersion=10&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a2cc091a352246c2f2d147237ddecb338678f1c5219f9a75c9f60a175cc2be

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
application/x-javascript; charset=utf-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
54cc1920fa2a69cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
i.js
cm.mgid.com/
683 B
346 B
Script
General
Full URL
https://cm.mgid.com/i.js?cbuster=1577625907430709982034
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f4781b998f18efbfd815a4d0b8b37a0e65ae88eaecd8ce01dfd9c38f641eb1

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
54cc19218a8d69cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
Origin
http://pixelrz.com

Response headers

date
Fri, 20 Dec 2019 05:09:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
807366
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16224
x-xss-protection
0
expires
Sat, 19 Dec 2020 05:09:01 GMT
i-noref.js
cm.mgid.com/ Frame 06B8
19 B
191 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1577625907435392581766
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
54cc19218a9269cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
19
beacon.js
b.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/e/wesharepics.info.242487.js?t=119112913
Protocol
HTTP/1.1
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Mon, 30 Dec 2019 13:25:07 GMT
by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
content-encoding
br
cf-cache-status
HIT
age
800
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id
1DA48E4E68F72EDE
x-amz-id-2
2QWmz/oWhzaUHelrfKb+69OTX98+Ej7x73dHGUYSOJAlwrINCUv5rcrzCRkk8XYu+nxahoIwbGU=
last-modified
Mon, 18 Nov 2019 15:04:17 GMT
server
cloudflare
etag
W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
54cc19219a9e69cf-LHR
expires
Sun, 29 Dec 2019 17:25:07 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM0NDQ0NWFlZGIwMDRlNDg1MjA1YzcwZmIxNGZiZWY3LmpwZz90PTE0OTgxNjA3MTExNDk*.webp
s-img.mgid.com/g/3805593/492x328/0x94x1081x720/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805593/492x328/0x94x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM0NDQ0NWFlZGIwMDRlNDg1MjA1YzcwZmIxNGZiZWY3LmpwZz90PTE0OTgxNjA3MTExNDk*.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0cbae8a23f1c5a7647e2141a4b4d4325d3b26670814a9e1dc216762ba53cac

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Aug 2019 17:34:20 GMT
server
cloudflare
age
7538985
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
54cc19219aa169cf-LHR
access-control-allow-origin
*
content-length
11850
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9kZDA0YWYzZjNlNDc1YTk5OTM3MjRlYjhkOTYyZWRiYi5qcGVn.webp
s-img.mgid.com/g/3805661/492x328/0x0x695x463/
44 KB
44 KB
Image
General
Full URL
https://s-img.mgid.com/g/3805661/492x328/0x0x695x463/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9kZDA0YWYzZjNlNDc1YTk5OTM3MjRlYjhkOTYyZWRiYi5qcGVn.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9503348d58a806dbdb05647d8d017b144ac9254afb47fba047e5890ee47aea48

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2019 13:46:06 GMT
server
cloudflare
age
2791267
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
54cc19219a9f69cf-LHR
access-control-allow-origin
*
content-length
45350
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzEyNWZjYjY3NGI4NjkyM2Y0ZTYwYjM1ZmEzMDVmMWNiLmpwZWc*.webp
s-img.mgid.com/g/4723157/492x328/45x0x674x449/
20 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/4723157/492x328/45x0x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzEyNWZjYjY3NGI4NjkyM2Y0ZTYwYjM1ZmEzMDVmMWNiLmpwZWc*.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5029c5b80549a2d724fb1f820315c8959cc6c5ed3ee26d3a71ed1e0e5a55136c

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
HIT
last-modified
Mon, 16 Dec 2019 00:39:19 GMT
server
cloudflare
age
1169148
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
54cc19219aa269cf-LHR
access-control-allow-origin
*
content-length
20352
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc*.webp
s-img.mgid.com/g/4147885/492x328/61x13x950x633/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/4147885/492x328/61x13x950x633/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzQ1MDYwOWQzMzJlMTA0Y2NiNjIyNjFkMDI4ODAzZDBhLmpwZWc*.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
93486ae47829bc410ac6afcea4295e3cfb64c0b4632eecf4c19a58207a2d924d

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Sep 2019 16:07:57 GMT
server
cloudflare
age
9493877
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
54cc19219aa069cf-LHR
access-control-allow-origin
*
content-length
12276
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-re...
  • http://b.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-r...
0
248 B
Image
General
Full URL
http://b.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&c9=
Protocol
HTTP/1.1
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Dec 2019 13:25:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1577625907509&ns_c=UTF-8&cv=3.1e&c8=Jeffrey%20Reimer%20Dpt%20Pays%20Victim&c7=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&c9=
Pragma
no-cache
Date
Sun, 29 Dec 2019 13:25:07 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=edef03f3-511a-45c6-942d-8bfa9c3625a6
43 B
429 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=287839&c=edef03f3-511a-45c6-942d-8bfa9c3625a6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
54cc19269df869cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
43

Redirect headers

date
Sun, 29 Dec 2019 13:25:08 GMT
via
1.1 google
location
//cm.mgid.com/m?cdsp=287839&c=edef03f3-511a-45c6-942d-8bfa9c3625a6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
/
cm.lentainform.com/setmuidn/
0
329 B
Image
General
Full URL
https://cm.lentainform.com/setmuidn/?muidf=jbt7TpAr7ip5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.105.245.5 , Russian Federation, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.15.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
server
nginx/1.15.10
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
52164
i.liadm.com/s/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=jbt7TpAr7ip5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=jbt7TpAr7ip5
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25&_li_chk=true&previous_uuid=8b492a7d57244c9b92891df92c91c202
43 B
332 B
Image
General
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25&_li_chk=true&previous_uuid=8b492a7d57244c9b92891df92c91c202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.10.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-7-10-110.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Dec 2019 13:25:08 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
/s/52164?bidder_id=5298&licd=&bidder_uuid=24433df8-32c6-4cc3-88b0-5ca126f70a25&_li_chk=true&previous_uuid=8b492a7d57244c9b92891df92c91c202
Date
Sun, 29 Dec 2019 13:25:08 GMT
Connection
keep-alive
Content-Length
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=ee8f18e9-a21e-422e-8bf4-67c8f2a19d27&ttl=1580217907
43 B
300 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=371158&c=ee8f18e9-a21e-422e-8bf4-67c8f2a19d27&ttl=1580217907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
54cc19234c2069cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
x-aspnet-version
4.0.30319
location
https://cm.mgid.com/m?cdsp=371158&c=ee8f18e9-a21e-422e-8bf4-67c8f2a19d27&ttl=1580217907
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
/
cm.steepto.com/setmuidn/
0
279 B
Image
General
Full URL
https://cm.steepto.com/setmuidn/?muidf=jbt7TpAr7ip5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.138.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
54cc1922dabddbef-LHR
content-length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=amJ0N1RwQXI3aXA1&muidn=jbt7TpAr7ip5
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=amJ0N1RwQXI3aXA1&muidn=jbt7TpAr7ip5&google_tc=
  • https://cm.mgid.com/google?muidn=jbt7TpAr7ip5&google_ula={guid},5&google_gid=CAESEN15QDHCrzbg7s2eO5f7vK4&google_cver=1
0
47 B
Image
General
Full URL
https://cm.mgid.com/google?muidn=jbt7TpAr7ip5&google_ula={guid},5&google_gid=CAESEN15QDHCrzbg7s2eO5f7vK4&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Dec 2019 13:25:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
accept-ranges
bytes
cf-ray
54cc19235c2b69cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:07 GMT
server
HTTP server (unknown)
location
https://cm.mgid.com/google?muidn=jbt7TpAr7ip5&google_ula={guid},5&google_gid=CAESEN15QDHCrzbg7s2eO5f7vK4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
log.pinterest.com/
0
463 B
Script
General
Full URL
https://log.pinterest.com/?type=pidget&guid=v9_ERSCPede1&tv=2019040401&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fpixelrz.com%2Flists%2Fkeywords%2Fjeffrey-reimer-dpt-pays-victim%2F&callback=PIN_1577625907169.f.callback[0]
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.8504548171539605
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-pinterest-host
widgets.pinterest.com
date
Sun, 29 Dec 2019 13:25:08 GMT
via
1.1 varnish
server
envoy
x-timer
S1577625908.271375,VS0,VE102
x-cache-hits
0
x-cache
MISS
status
200
x-envoy-upstream-service-time
8
content-length
0
accept-ranges
bytes
x-pinterest-rid
9165598083302280
x-served-by
cache-hhn4036-HHN
c
c.mgid.com/ Frame B1D7
43 B
101 B
Image
General
Full URL
https://c.mgid.com/c?f=1&pv=3&v=187|125|12|1f6-j8fiaoJ0qcZvyEC8r0EyV72dDjRV_5tqfXsKJuYLVvNjREAXxg5SEk0HiTPX&fw=1&v=187|125|12|1f6-j8fiaoJ0qcZvyEC8r5o95VkU2aQiOi3S4XJ7pv_mDPEPHfPtOyJehQ17jfnR&v=187|125|12|1f6-j8fiaoJ0qcZvyEC8rzkyFgrvdhNXs4zn-gj4LbWfsYgP7BeWn7QfEuH4mcYS&v=187|125|12|1f6-j8fiaoJ0qcZvyEC8r4ng9BuxTNU1_skg5JrIr-jvpDhgaYGZTe02s8ENZY8i&cid=242487&h2=4B8OPrE2OdDHpgx1X5aOo_N-fy5S3o8nVYjDcujLCRw*&rid=a17cc621-2a3e-11ea-a615-d09466766346&tt=Direct&cbuster=1577625908510675020038&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://pixelrz.com/lists/keywords/jeffrey-reimer-dpt-pays-victim/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Dec 2019 13:25:08 GMT
cf-cache-status
DYNAMIC
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
54cc19285f0069cf-LHR
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| gapi object| ___jsl number| PIN_18259 object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| oauth2 object| FB object| PIN_1577625907169 object| PinUtils object| _mgIntExchangeNews object| onClickExcludes function| MarketGidLoadGoods242487 function| MarketGidCReject242487 function| AdskeeperLoadGoods242487 function| AdskeeperCReject242487 function| LentaInformLoadGoods242487 function| LentaInformCReject242487 function| IdealMediaLoadGoods242487 function| IdealMediaCReject242487 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| _mgPageView144021 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore function| LoadCriteoAllPlaces242487_0dbb4 function| udm_ object| ns_p object| COMSCORE object| _mgwcapping

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 194=WhVvxI98sTanOVzqZN1gMTX04LZcyF124868gGO3fmJBPuhGnxU0VMhG3tRC2sBczpnYBQfQLHUs-AefVU9NSiU6oPDZkgSkQm3sIv_pkqFCQCQAX-HnhbhRIGzlaRZoqGy-wUgUMxzB6KfGOI0y5TpyR5noNGdtUGvzkjeGlP4
pixelrz.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gO9MlMBDs%22%7D%2C%22C242487%22%3A%7B%22page%22%3A1%7D%7D
.pixelrz.com/ Name: __cfduid
Value: dfc4e2013a71e413f74041566b46dc36b1577625905

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.pinterest.com
b.scorecardresearch.com
c.mgid.com
cdn.mgid.com
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cm.steepto.com
connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
jsc.mgid.com
log.pinterest.com
match.adsrvr.org
pixelrz.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
servicer.mgid.com
staticxx.facebook.com
www.facebook.com
x.bidswitch.net
104.19.135.78
104.19.138.80
151.101.112.84
18.185.81.183
2.16.186.80
216.58.206.2
23.105.245.5
2606:4700:30::681b:92cf
2a00:1450:4001:808::200d
2a00:1450:4001:809::200a
2a00:1450:4001:817::2003
2a00:1450:4001:824::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::84
35.212.212.222
52.7.10.110
54.72.122.154
88.212.201.216
03d7c05eeb32a80208bba6a6977305749a7becd232c463549b5a1e7a6885a456
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
1e0f80dd992556a91a7318a2dd73c3a75e06d12f926c79946291343f83476fc0
256ad35d3b62e3133ef902b7935beb202b02e10cd1f8aef90bb6e85ffcea0585
26e651e8828ff91736f6dc0fe39ba7d2f6cba105a0665903e5e79b6f5330b880
304f61ad87e3c1e88f7e0eb7af5abfa09d16343186de98c25d19b65f90fd9a5c
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687
45d093c8c939f78224d6830b4b58683e18fce128d0bd6b38dd16cbf7b7db1466
4e9f0cb81fc899879de173a45532436e677b1501dd42f5864fafacd7fc697c3e
5029c5b80549a2d724fb1f820315c8959cc6c5ed3ee26d3a71ed1e0e5a55136c
5e55f3f3ad93f101fb28094410ee4a9bac9627207ee0af04276b464f8618d924
7513fa1cbfb27a625d51c8aa2c5dda10f81703a30ef69f31a8536307c985824e
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
7b0cbae8a23f1c5a7647e2141a4b4d4325d3b26670814a9e1dc216762ba53cac
81a2cc091a352246c2f2d147237ddecb338678f1c5219f9a75c9f60a175cc2be
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8b7d0920889328df760b72ed3d76d2cceedec77dae3424eb2662a91d24e70008
91df31c32059541caddcda51fd8bbff9a4c05c0cf96a1de5a491007d7bdd2ee6
93486ae47829bc410ac6afcea4295e3cfb64c0b4632eecf4c19a58207a2d924d
9503348d58a806dbdb05647d8d017b144ac9254afb47fba047e5890ee47aea48
a3e3bd0c6249aec8fcbfc491ab635c3287b76e3206daa0c21fe2d63947f6f2f0
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b99431131aefe1b36f0f83ae27c4cca777bc931434dba74cbc83d3758ccaa7f7
c410ec936d045177f84f0e8f3205d5b576bf74fff1297b0a3ac9221d0d9ac40a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccb1e2b6ebb830115670acb58cbb1b7b93179cae94fbac05cbe8889daecdb5e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e810e7854ea505e79ce219d4a8e7d63465272df0afb9e42058548b8652502c21
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
f7a8160b6306d35a6150191a977e2be6b212a30bcf119f2ad4c607d32b7f1003
f9f4781b998f18efbfd815a4d0b8b37a0e65ae88eaecd8ce01dfd9c38f641eb1