Submitted URL: http://jjtk.nathankroeker.com/
Effective URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&su...
Submission: On September 22 via manual from CA

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 44 HTTP transactions. The main IP is 156.67.37.18, located in Germany and belongs to CQINT-NL, DE. The main domain is demy.idates.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on December 5th 2016. Valid for: 3 years.
This is the only time demy.idates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.164.72.128 50673 (SERVERIUS-AS)
1 212.32.237.136 60781 (LEASEWEB-...)
1 88.208.45.27 39572 (ADVANCEDH...)
1 1 138.68.123.185 14061 (DIGITALOC...)
1 1 88.85.84.123 35415 (WEBZILLA)
1 1 5.187.3.40 44066 (DE-FIRSTC...)
1 1 217.140.66.110 20640 (TITAN-NET...)
1 156.67.37.18 25418 (CQINT-NL)
36 69.16.175.10 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
44 8
Domain Requested by
36 lpmedia.justservingfiles.net demy.idates.com
2 maxcdn.bootstrapcdn.com demy.idates.com
2 jjtk.nathankroeker.com jjtk.nathankroeker.com
1 ajax.googleapis.com demy.idates.com
1 demy.idates.com leadnote.me
1 o-2538.prodtraff.com 1 redirects
1 tovpotok.com 1 redirects
1 latest-511839.dingligh.ru 1 redirects
1 newsfresh.pro 1 redirects
1 nativesp.pro leadnote.me
1 leadnote.me jjtk.nathankroeker.com
44 11

This site contains links to these domains. Also see Links.

Domain
www.idates.com
www.mydates.com
Subject Issuer Validity Valid
leadnote.me
Let's Encrypt Authority X3
2019-08-23 -
2019-11-21
3 months crt.sh
nativesp.pro
Sectigo RSA Domain Validation Secure Server CA
2019-07-17 -
2020-07-16
a year crt.sh
*.idates.com
COMODO RSA Domain Validation Secure Server CA
2016-12-05 -
2019-12-05
3 years crt.sh
*.justservingfiles.net
COMODO RSA Domain Validation Secure Server CA
2016-12-20 -
2019-12-20
3 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.googleapis.com
GTS CA 1O1
2019-09-05 -
2019-11-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Frame ID: F5E3E906B36664EB9419058B7323CEC7
Requests: 45 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://jjtk.nathankroeker.com/ Page URL
  2. https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjo... Page URL
  3. https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1= HTTP 302
    http://latest-511839.dingligh.ru/click/rtb?node=150&winPrice=0.1825247316079651&winCurrency=USD&id=1569118140... HTTP 302
    http://tovpotok.com/gz7V?sub1=443408-1024148 HTTP 302
    https://o-2538.prodtraff.com/dd8b0881-8d53-4e43-91ac-a8a870f18f62?clicktag=5D86D7DD005B7A6129034255&subPu... HTTP 302
    https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_P... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

44
Requests

95 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

8
IPs

3
Countries

457 kB
Transfer

729 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jjtk.nathankroeker.com/ Page URL
  2. https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1= Page URL
  3. https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1= HTTP 302
    http://latest-511839.dingligh.ru/click/rtb?node=150&winPrice=0.1825247316079651&winCurrency=USD&id=1569118140000-2309 HTTP 302
    http://tovpotok.com/gz7V?sub1=443408-1024148 HTTP 302
    https://o-2538.prodtraff.com/dd8b0881-8d53-4e43-91ac-a8a870f18f62?clicktag=5D86D7DD005B7A6129034255&subPublisher=39376&o_id=2661&TID=5D86D7DD005B7A6129034255&host=tovpotok.com HTTP 302
    https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
jjtk.nathankroeker.com/
10 KB
6 KB
Document
General
Full URL
http://jjtk.nathankroeker.com/
Protocol
HTTP/1.1
Server
185.164.72.128 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
56e19564388838cc17834196e3e84926ac02f34b32b89616c2fca46c1a394a74

Request headers

Host
jjtk.nathankroeker.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 22 Sep 2019 02:09:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
ETag
W/"276e-PB4fNestUVGWZ9T4yjjE27xLHl4"
Content-Encoding
gzip
script.js
jjtk.nathankroeker.com/
713 B
957 B
Script
General
Full URL
http://jjtk.nathankroeker.com/script.js
Requested by
Host: jjtk.nathankroeker.com
URL: http://jjtk.nathankroeker.com/
Protocol
HTTP/1.1
Server
185.164.72.128 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Referer
http://jjtk.nathankroeker.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:29 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
ETag
W/"2c9-ZDUaB0bodX5k8pqqLyj0nCDt/5A"
Content-Length
713
Content-Type
text/javascript; charset=utf-8
Cookie set bot-captcha-2
leadnote.me/
96 KB
69 KB
Document
General
Full URL
https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1=
Requested by
Host: jjtk.nathankroeker.com
URL: http://jjtk.nathankroeker.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.237.136 Hoofddorp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.15.11 /
Resource Hash
b72d1655c12b3cd6ac27c6ae141fae592d215d7ee6f918f9ed5ae248e692c256

Request headers

Host
leadnote.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://jjtk.nathankroeker.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://jjtk.nathankroeker.com/

Response headers

Server
nginx/1.15.11
Date
Sun, 22 Sep 2019 02:09:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
truniq=1; expires=Mon, 23-Sep-2019 02:09:29 GMT; Max-Age=86400; path=/; domain=leadnote.me
Content-Encoding
gzip
truncated
/
58 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc2340f7a2e000a63eb54991696b4b3190cf9cd246d8d084489b6693b93c955

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
rpe
nativesp.pro/
0
67 B
XHR
General
Full URL
https://nativesp.pro/rpe?a=1&s=1&act=7&src=2&p=1002668&st=1024148&wd=40642&d=leadnote.me&tpl=57&rnd=0.817197439231736&sbid=&sbid2=
Requested by
Host: leadnote.me
URL: https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.45.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 22 Sep 2019 02:09:29 GMT
server
nginx
access-control-allow-origin
*
content-length
0
Primary Request Cookie set fb4205-v2
demy.idates.com/landing/
Redirect Chain
  • https://newsfresh.pro/tb?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1=
  • http://latest-511839.dingligh.ru/click/rtb?node=150&winPrice=0.1825247316079651&winCurrency=USD&id=1569118140000-2309
  • http://tovpotok.com/gz7V?sub1=443408-1024148
  • https://o-2538.prodtraff.com/dd8b0881-8d53-4e43-91ac-a8a870f18f62?clicktag=5D86D7DD005B7A6129034255&subPublisher=39376&o_id=2661&TID=5D86D7DD005B7A6129034255&host=tovpotok.com
  • https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8...
54 KB
9 KB
Document
General
Full URL
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Requested by
Host: leadnote.me
URL: https://leadnote.me/bot-captcha-2?h=waWQiOjEwMDI2NjgsInNpZCI6MTAyNDE0OCwid2lkIjo0MDY0Miwic3JjIjoyfQ==eyJ&si1=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.67.37.18 , Germany, ASN25418 (CQINT-NL, DE),
Reverse DNS
Software
nginx /
Resource Hash
b93acfd0a3653e7e9ee2fe747788412bfcfd4079ef40765d01ed546448ef8765

Request headers

Host
demy.idates.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Server
nginx
Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Set-Cookie
PHPSESSID=4da58eabf07d94286ffff91bb773b909; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache no-cache
Content-Encoding
gzip

Redirect headers

Date
Sun, 22 Sep 2019 02:09:33 GMT
Transfer-Encoding
chunked
Location
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Set-Cookie
attrk=yes;Version=1;Max-Age=86400 vcid=%7B%22id%22%3A%220b69e26e-cd04-4f80-9eed-1733734123fb%22%2C%22firstTime%22%3A%22Sep+22%2C+2019+2%3A09%3A33+AM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Sep+22%2C+2019+2%3A09%3A33+AM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D;Version=1;Domain=prodtraff.com;Path=/;Max-Age=2147483647;Expires=Fri, 10 Oct 2087 05:23:40 GMT
server
sgm.cloud/1
form.css
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/
4 KB
1 KB
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.css?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
d002c9afbe21d4a74a0014a7a76e9181029a880598035d5257759cf8ef7cd492

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-f50"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds002.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1075
login_form.css
lpmedia.justservingfiles.net/widgets/loginFormBuilder/
1 KB
811 B
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/widgets/loginFormBuilder/login_form.css?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
4eabf80bb8137daf3c28a7051991840525ccbb12e92a3ccfd5732fd312576372

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-426"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds022.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
382
flexslider.css
lpmedia.justservingfiles.net/style/plugins/
2 KB
1 KB
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/plugins/flexslider.css?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0abc4c8a965b5c843fa84b2651f6ba77a6288ab3dfce1b1e6e338f18a221eea3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-698"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds012.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
731
corner.css
lpmedia.justservingfiles.net/widgets/corner/
246 B
629 B
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/widgets/corner/corner.css?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-f6"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds011.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
201
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Sep 2019 02:09:34 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
135 B
507 B
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/style.css?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
7ea6bd973c5ebf0e45072195eaeb59e07803a3626a1a5875626318ae5b7f3000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-87"
X-HW
1569118174.dop141.fr8.t,1569118174.cds086.fr8.shn,1569118174.dop141.fr8.t,1569118174.cds131.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
80
idates_w.png
lpmedia.justservingfiles.net/img/_logos/
5 KB
5 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_logos/idates_w.png
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
1f29e59a77159bddbf49d1364ba27ebae5badb0cef8c3147352b98d08b4047ce

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:18 GMT
Server
nginx
ETag
"5d8485e6-1331"
X-HW
1569118174.dop141.fr8.t,1569118174.cds086.fr8.shn,1569118174.dop141.fr8.t,1569118174.cds001.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4913
fb-bar.png
lpmedia.justservingfiles.net/img/_btns/
1014 B
1 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_btns/fb-bar.png
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
58a994f4cfbfa42374821315cb80a65e1f6ef4a02dd09f35348302fe7f8f12d2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:18 GMT
Server
nginx
ETag
"5d8485e6-3f6"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds024.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1014
fb01.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
15 KB
15 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/fb01.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
b23f2f98d7a875be540f711fc021454b24749affdbb30878823206da45dcfe33

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-3a4a"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds006.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
14922
f1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
12 KB
12 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f1.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
efd75d64276545e18142aa700556e214dbfca7c874366dfbd20af9dcf55bdf1d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-2ec0"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds036.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11968
f2.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
15 KB
15 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f2.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
5275ef0e1e2df038f97d774490df9ef105dd48baea90e6f211ee23eca31fc15e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-3b00"
X-HW
1569118174.dop141.fr8.t,1569118174.cds086.fr8.shn,1569118174.dop141.fr8.t,1569118174.cds034.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15104
f3.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
11 KB
11 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f3.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
4e561e9c4694fed590c1c5530abb9ad20c71cdc60a1d872bca1426a547475c37

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-2bed"
X-HW
1569118174.dop141.fr8.t,1569118174.cds086.fr8.shn,1569118174.dop141.fr8.t,1569118174.cds025.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11245
f4.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
12 KB
12 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f4.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
eb6c4db3575869c7a38683c444dd0de04227bdcded1107945d82d4da980eb27c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-2f5d"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds013.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12125
f5.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
9 KB
10 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f5.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
8100213a426e5000d1fb4e8dc0e90f768c4fecd5b65c5a1e322921005ceb46a4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-24b9"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds051.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9401
f6.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
10 KB
11 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f6.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
60d4bc4015ccae4a51436f4663b2c812f63f28d6adc6442106004a1cab2e5fef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-293d"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds014.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10557
f9.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
8 KB
9 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f9.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
c636b8e6f6d88f125bb645dfe094a84cbd6c45a609e10e33d712e01f81a6ede2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-21db"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds022.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8667
8.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/
21 KB
22 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/8.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
31f8d20c6d634b8604ee4f201bed179c5d8952a2c72274afc52798da47cc41d8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-55a4"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds015.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21924
f10.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
16 KB
16 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f10.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
c52cf97d0f3e5d13fe46657e6ccb898fd107042127ea692b270c28831d20a60e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-3ff4"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds012.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16372
f11.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
13 KB
13 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f11.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
99254dfbada0acb2d32a06537cbef6b646a73fa4c19c16e8ea4459392bc41023

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-32db"
X-HW
1569118174.dop141.fr8.t,1569118174.cds086.fr8.shn,1569118174.dop141.fr8.t,1569118174.cds001.fr8.pr
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13019
16.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/
22 KB
22 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/16.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
275b84cfc89398ec5b8553d5c56696d1cbcfc17c1f32331625adadaff6fc6600

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-565a"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds025.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
22106
f12.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/
17 KB
17 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/s/various_square/f12.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
125d7dc89f4ec9b3f11a3fedee597206bcfb5eae295bd83751d472c2e0c977d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-43a9"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds056.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
17321
ta1.jpg
lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/
31 KB
31 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_pictures/fsk14/m/various/ta1.jpg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
87b729e06d54b7742f0bb7d93e4027218011be988fb23151ccd196fcf3d1ea44

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:21 GMT
Server
nginx
ETag
"5d8485e9-7b8f"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds017.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
31631
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 08:21:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2310489
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 08:21:25 GMT
validation.js
lpmedia.justservingfiles.net/js/helpers/
5 KB
2 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/js/helpers/validation.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
1e6035f680a93f6caaa9503fa0cafd4dd0ea04f65f2bea8070669b9a81e9992d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:38 GMT
Server
nginx
ETag
"5d8485fa-15ce"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds053.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1370
form_helper.js
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/
2 KB
1 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form_helper.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
14dba260a885d145d1af7bc353ac4dca9aeb43c93271d1e0ed66c07b26a38cff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-868"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds052.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
633
form.js
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/
4 KB
1 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/form.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
d5db5dba10eb17b6a17200d511308a45f025fbda16e41a822ff3634107c47146

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-f2a"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds144.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1053
step.js
lpmedia.justservingfiles.net/widgets/registrationFormBuilder/
3 KB
1 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/widgets/registrationFormBuilder/step.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
3759f393068944edfc0965372f8f37305c58252c2f43b100950fe180215810d6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-aa6"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds135.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
867
login_form.js
lpmedia.justservingfiles.net/widgets/loginFormBuilder/
5 KB
2 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/widgets/loginFormBuilder/login_form.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
641e54983395541f7a8e5925b0fa8723901e202f2a4263a13d62caa6cb311b03

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-13f7"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds022.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1362
jquery.flexslider.js
lpmedia.justservingfiles.net/js/plugins/
54 KB
12 KB
Script
General
Full URL
https://lpmedia.justservingfiles.net/js/plugins/jquery.flexslider.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
5d7bbad207e6689ac31858d421ef9ed79c96ffb3fc8f6fd88e4d20ea78eb12aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:38 GMT
Server
nginx
ETag
"5d8485fa-d774"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds017.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11849
popwin.js
lpmedia.justservingfiles.net/js/
1 KB
968 B
Script
General
Full URL
https://lpmedia.justservingfiles.net/js/popwin.js?496899
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:39 GMT
Server
nginx
ETag
"5d8485fb-499"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds015.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
525
default.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
812 B
841 B
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/default.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
de5bc57ebc1514c1af79157f0c33f1befd3ffb0ce0ea3b0b58ac97503355872a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-32c"
X-HW
1569118174.dop009.fr8.t,1569118174.cds085.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds024.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
412
header.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
8 KB
2 KB
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/header.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
08059b0cfde0c7a84eebd60e1727abdd7133bbee39a29d95e53d768d4b8a3820

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-20a8"
X-HW
1569118174.dop019.fr8.t,1569118174.cds019.fr8.shn,1569118174.dop019.fr8.t,1569118174.cds011.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1820
side-bar.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
3 KB
1 KB
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/side-bar.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
7c9629945b0d6360ce8cdd0f6546f6aace8aeede658f7d4ceb2d1bad2188aed3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-d6b"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds032.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
965
footer.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
992 B
814 B
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/footer.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
89c25835ae99853ae096b11bbd54ac9f3eaedf013045e872cb5123f500a9e676

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-3e0"
X-HW
1569118174.dop009.fr8.t,1569118174.cds020.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds036.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
385
form.css
lpmedia.justservingfiles.net/style/templates/faceboobs3/
7 KB
2 KB
Stylesheet
General
Full URL
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/form.css
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
fa5b2145bb3eef5250204b1fafee8a27e3e14d8530e13143d8224bcfb67baf3b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 07:55:47 GMT
Server
nginx
ETag
"5d848603-1c8e"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds052.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1791
icon-google-color.svg
lpmedia.justservingfiles.net/img/_btns/
688 B
1 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_btns/icon-google-color.svg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/form.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:18 GMT
Server
nginx
ETag
"5d8485e6-2b0"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds033.fr8.c
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
688
icon-facebook.svg
lpmedia.justservingfiles.net/img/_btns/
538 B
908 B
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_btns/icon-facebook.svg
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
79ea1b074cedd0938c7732254943552704349b0275d79318c7a899b077e9900e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/form.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:18 GMT
Server
nginx
ETag
"5d8485e6-21a"
X-HW
1569118174.dop009.fr8.t,1569118174.cds013.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds014.fr8.c
Content-Type
image/svg+xml
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
538
bg_select.png
lpmedia.justservingfiles.net/img/_btns/
1 KB
2 KB
Image
General
Full URL
https://lpmedia.justservingfiles.net/img/_btns/bg_select.png
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ee9dfe5a5d182cbe255f0740940a055ca3b1c1ee2de9646e57f67fc94bc2713a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://lpmedia.justservingfiles.net/style/templates/faceboobs3/form.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Sep 2019 02:09:34 GMT
Last-Modified
Fri, 20 Sep 2019 07:55:18 GMT
Server
nginx
ETag
"5d8485e6-480"
X-HW
1569118174.dop009.fr8.t,1569118174.cds017.fr8.shn,1569118174.dop009.fr8.t,1569118174.cds033.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=43200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1152
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: demy.idates.com
URL: https://demy.idates.com/landing/fb4205-v2?clickId=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tracker=SGM_Pro&publisher=2556&subPublisher=39376&hit_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a&tp_redirect_id=8bfe01d7-d0df-4594-8b38-c71f3b39357a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://demy.idates.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Sep 2019 02:09:34 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| $searchAgeFrom object| $searchAgeTo function| $ function| jQuery function| Validator function| goToStep function| countdownToNextStep function| activeProgressBar object| $btnOpenLogin object| $btnCloseLogin object| $loginFormHolder object| $errors object| $formLogin boolean| iDates function| loginFormAddRequiredError function| submitHttpRequest object| Popwin function| shake function| handleAfterGoNextStep function| randomNumber function| countUp

1 Cookies

Domain/Path Name / Value
demy.idates.com/ Name: PHPSESSID
Value: 4da58eabf07d94286ffff91bb773b909

1 Console Messages

Source Level URL
Text
console-api log URL: http://jjtk.nathankroeker.com/(Line 69)
Message:
DEBUG: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
demy.idates.com
jjtk.nathankroeker.com
latest-511839.dingligh.ru
leadnote.me
lpmedia.justservingfiles.net
maxcdn.bootstrapcdn.com
nativesp.pro
newsfresh.pro
o-2538.prodtraff.com
tovpotok.com
138.68.123.185
156.67.37.18
185.164.72.128
2001:4de0:ac19::1:b:1a
212.32.237.136
217.140.66.110
2a00:1450:4001:820::200a
5.187.3.40
69.16.175.10
88.208.45.27
88.85.84.123
08059b0cfde0c7a84eebd60e1727abdd7133bbee39a29d95e53d768d4b8a3820
0abc4c8a965b5c843fa84b2651f6ba77a6288ab3dfce1b1e6e338f18a221eea3
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d
125d7dc89f4ec9b3f11a3fedee597206bcfb5eae295bd83751d472c2e0c977d1
14dba260a885d145d1af7bc353ac4dca9aeb43c93271d1e0ed66c07b26a38cff
1e6035f680a93f6caaa9503fa0cafd4dd0ea04f65f2bea8070669b9a81e9992d
1f29e59a77159bddbf49d1364ba27ebae5badb0cef8c3147352b98d08b4047ce
275b84cfc89398ec5b8553d5c56696d1cbcfc17c1f32331625adadaff6fc6600
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31f8d20c6d634b8604ee4f201bed179c5d8952a2c72274afc52798da47cc41d8
3759f393068944edfc0965372f8f37305c58252c2f43b100950fe180215810d6
4e561e9c4694fed590c1c5530abb9ad20c71cdc60a1d872bca1426a547475c37
4eabf80bb8137daf3c28a7051991840525ccbb12e92a3ccfd5732fd312576372
5275ef0e1e2df038f97d774490df9ef105dd48baea90e6f211ee23eca31fc15e
56e19564388838cc17834196e3e84926ac02f34b32b89616c2fca46c1a394a74
58a994f4cfbfa42374821315cb80a65e1f6ef4a02dd09f35348302fe7f8f12d2
5d7bbad207e6689ac31858d421ef9ed79c96ffb3fc8f6fd88e4d20ea78eb12aa
60d4bc4015ccae4a51436f4663b2c812f63f28d6adc6442106004a1cab2e5fef
641e54983395541f7a8e5925b0fa8723901e202f2a4263a13d62caa6cb311b03
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ea1b074cedd0938c7732254943552704349b0275d79318c7a899b077e9900e
7c9629945b0d6360ce8cdd0f6546f6aace8aeede658f7d4ceb2d1bad2188aed3
7ea6bd973c5ebf0e45072195eaeb59e07803a3626a1a5875626318ae5b7f3000
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
8100213a426e5000d1fb4e8dc0e90f768c4fecd5b65c5a1e322921005ceb46a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87b729e06d54b7742f0bb7d93e4027218011be988fb23151ccd196fcf3d1ea44
89c25835ae99853ae096b11bbd54ac9f3eaedf013045e872cb5123f500a9e676
99254dfbada0acb2d32a06537cbef6b646a73fa4c19c16e8ea4459392bc41023
b23f2f98d7a875be540f711fc021454b24749affdbb30878823206da45dcfe33
b72d1655c12b3cd6ac27c6ae141fae592d215d7ee6f918f9ed5ae248e692c256
b93acfd0a3653e7e9ee2fe747788412bfcfd4079ef40765d01ed546448ef8765
c52cf97d0f3e5d13fe46657e6ccb898fd107042127ea692b270c28831d20a60e
c636b8e6f6d88f125bb645dfe094a84cbd6c45a609e10e33d712e01f81a6ede2
d002c9afbe21d4a74a0014a7a76e9181029a880598035d5257759cf8ef7cd492
d5db5dba10eb17b6a17200d511308a45f025fbda16e41a822ff3634107c47146
de5bc57ebc1514c1af79157f0c33f1befd3ffb0ce0ea3b0b58ac97503355872a
eb6c4db3575869c7a38683c444dd0de04227bdcded1107945d82d4da980eb27c
ee9dfe5a5d182cbe255f0740940a055ca3b1c1ee2de9646e57f67fc94bc2713a
efd75d64276545e18142aa700556e214dbfca7c874366dfbd20af9dcf55bdf1d
fa5b2145bb3eef5250204b1fafee8a27e3e14d8530e13143d8224bcfb67baf3b
fbc2340f7a2e000a63eb54991696b4b3190cf9cd246d8d084489b6693b93c955