urlscan.io logo urlscan.io
SecurityTrails logo

9065d0m.uk.com Open in urlscan Pro
2606:4700:3035::6812:364a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://is.gd/RZHtrOXzoj
Effective URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Submission: On April 06 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 21 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3035::6812:364a, located in United States and belongs to CLOUDFLARENET, US. The main domain is 9065d0m.uk.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 2nd 2019. Valid for: 10 months.
This is the only time 9065d0m.uk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 2.16.31.65 16625 (AKAMAI-AS)
1 147.75.85.120 54825 (PACKET)
1 178.63.12.147 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.22.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 92.122.215.24 20940 (AKAMAI-ASN1)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 35.227.208.151 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.232.229.80 14618 (AMAZON-AES)
1 52.30.151.94 16509 (AMAZON-02)
40 25
1    2606:4700:20::6819:ea35 (United States)

ASN13335 (CLOUDFLARENET, US)
is.gd
4    2606:4700:3035::6812:364a (United States)

ASN13335 (CLOUDFLARENET, US)
9065d0m.uk.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    2a02:26f0:6c00:180::268b (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
scdn.cxense.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a02:26f0:6c00:184::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
c.go-mpulse.net
3    2.16.31.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    147.75.85.120 (Parsippany, United States)

ASN54825 (PACKET, US)
api.cxense.com
1    178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com
scomcluster.cxense.com
1    2a00:1450:4001:824::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    92.122.215.24 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-122-215-24.deploy.static.akamaitechnologies.com
www.infobae.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.227.208.151 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com
web-sdk.urbanairship.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2600:9000:2156:2600:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
1    3.232.229.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-229-80.compute-1.amazonaws.com
ping.chartbeat.net
1    52.30.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-151-94.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
Domain Requested by
5 www.infobae.com 9065d0m.uk.com
4 www.facebook.com 9065d0m.uk.com
4 9065d0m.uk.com 9065d0m.uk.com
3 sb.scorecardresearch.com 1 redirects 9065d0m.uk.com
3 www.google.com 1 redirects 9065d0m.uk.com
2 connect.facebook.net 9065d0m.uk.com
connect.facebook.net
2 c.go-mpulse.net 9065d0m.uk.com
c.go-mpulse.net
2 www.google.de 9065d0m.uk.com
2 www.google-analytics.com 1 redirects 9065d0m.uk.com
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 ping.chartbeat.net 9065d0m.uk.com
1 rum-static.pingdom.net 9065d0m.uk.com
1 static.chartbeat.com 9065d0m.uk.com
1 www.youtube.com 9065d0m.uk.com
1 web-sdk.urbanairship.com 9065d0m.uk.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 adservice.google.com 9065d0m.uk.com
1 securepubads.g.doubleclick.net 9065d0m.uk.com
1 storage.googleapis.com 9065d0m.uk.com
1 scomcluster.cxense.com 9065d0m.uk.com
1 api.cxense.com 9065d0m.uk.com
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com 9065d0m.uk.com
1 www.googleadservices.com 9065d0m.uk.com
1 scdn.cxense.com 9065d0m.uk.com
1 s.ytimg.com 9065d0m.uk.com
1 is.gd 1 redirects
40 27
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-12-02 -
2020-10-09		 10 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2019-04-16 -
2020-06-14		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
star.arcpublishing.com
Let's Encrypt Authority X3		 2020-03-04 -
2020-06-02		 3 months crt.sh
*.urbanairship.com
DigiCert ECC Secure Server CA		 2018-06-20 -
2020-06-24		 2 years crt.sh
*.chartbeat.com
Gandi Standard SSL CA 2		 2019-04-10 -
2020-04-10		 a year crt.sh
*.pingdom.net
DigiCert SHA2 High Assurance Server CA		 2019-11-08 -
2021-01-19		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2019-12-16 -
2020-12-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Frame ID: D1603458F4EE161BC66405265CE2FD97
Requests: 57 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/VSGA2-YTLVV-VY5L5-HB56H-W3YTX
Frame ID: 589F46CBC1F333F61F283714FF92D5D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://is.gd/RZHtrOXzoj HTTP 301
    https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

40
Requests

100 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

25
IPs

5
Countries

4016 kB
Transfer

11322 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://is.gd/RZHtrOXzoj HTTP 301
    https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1248056677&t=pageview&_s=1&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABE~&jid=320026350&gjid=2009823069&cid=1524855295.1586163690&tid=UA-759511-1&_gid=572549837.1586163690&_r=1&z=493406737 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_gid=572549837.1586163690&gjid=2009823069&_v=j77&z=493406737 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737&slf_rd=1&random=4168259383
Request Chain 15
  • https://sb.scorecardresearch.com/b?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9=

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
9065d0m.uk.com/ikflerlg/
Redirect Chain
  • https://is.gd/RZHtrOXzoj
  • https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
7 MB
3 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
9065d0m.uk.com
:scheme
https
:path
/ikflerlg/index.html?utm_campaign=facebook
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Mon, 06 Apr 2020 09:01:29 GMT
content-type
text/html
set-cookie
__cfduid=d6f1c4b573b48170cddd0003fede97c081586163688; expires=Wed, 06-May-20 09:01:28 GMT; path=/; domain=.9065d0m.uk.com; HttpOnly; SameSite=Lax
cache-control
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57fa530f0c0b645b-FRA
content-encoding
br

Redirect headers

status
301
date
Mon, 06 Apr 2020 09:01:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dae52c7cdf58ec9078d74377a5ea9aedf1586163688; expires=Wed, 06-May-20 09:01:28 GMT; path=/; domain=.is.gd; HttpOnly; SameSite=Lax; Secure
location
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57fa530e1918978a-FRA
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflPBjLfx/www-widgetapi.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 05:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185302
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
8141
x-xss-protection
0
last-modified
Tue, 16 Jul 2019 21:36:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sun, 12 Apr 2020 05:33:07 GMT
cx.js
scdn.cxense.com/ 		101 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2a02:26f0:6c00:180::268b , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2b122249c383e80a8de4a0620a41de5dc83881fdac07aad7ee104f030a34b986

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 09:01:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Mar 2020 13:51:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24547
Expires
Mon, 06 Apr 2020 10:01:30 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10549
x-xss-protection
0
server
cafe
etag
3671743730490399190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Apr 2020 09:01:30 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T26B9Z2
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c05421dd7f2965177a1a47c616aae8b8980d80d73ddce7575d8ea4397e39083f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
31180
x-xss-protection
0
expires
Mon, 06 Apr 2020 09:01:30 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1678
date
Mon, 06 Apr 2020 08:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 06 Apr 2020 10:33:32 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1248056677&t=pageview&_s=1&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&ul=en-us&de=UTF-8&sd=24-bit&sr=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_gid=572549837.1586163690&gjid=2009823069&_v=j77&z=493406737
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737&slf_rd=1&random=4168259383
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737&slf_rd=1&random=4168259383
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-759511-1&cid=1524855295.1586163690&jid=320026350&_v=j77&z=493406737&slf_rd=1&random=4168259383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VSGA2-YTLVV-VY5L5-HB56H-W3YTX
c.go-mpulse.net/boomerang/ Frame 589F 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/boomerang/VSGA2-YTLVV-VY5L5-HB56H-W3YTX
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:184::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 09:01:30 GMT
Content-Encoding
br
Last-Modified
Wed, 11 Mar 2020 19:43:06 GMT
Server
Akamai Resource Optimizer
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, s-maxage=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51580
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 09:01:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 07 Apr 2020 09:01:30 GMT
/
www.google.com/pagead/1p-user-list/967466772/ 		42 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/967466772/?random=1562555198501&cv=9&fst=1562554800000&num=1&guid=ON&u_h=994&u_w=1922&u_ah=954&u_aw=1922&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.infobae.com%2Famerica%2F&tiba=Am%C3%A9rica%3A%20hacemos%20periodismo%20-%20Infobae&async=1&fmt=3&cdct=2&is_vtc=1&random=1429754234&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.cxense.com/profile/user/ 		77 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCBk8o8wo4rtiu7lunr&persisted=7d0209d69a346c1349de49c4b6c6b2dd551c363e&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22k8o8wo4o51rl5ijl%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.120 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.2.z-SNAPSHOT) /
Resource Hash
cd54ab897f40a720d39ada9707c38af6aa42ffca70df3a7514306a705e8fada0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
server
Jetty(9.2.z-SNAPSHOT)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript; charset=UTF-8
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
rep.gif
scomcluster.cxense.com/Repo/ 		43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=k8o8wo3st18z19f9&acc=0&sid=1133924222409750064&loc=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&ref=&gol=&pgn=&ltm=1586163689992&new=1&arf=0&tzo=-120&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&cks=k8o8wo4nc4im5aqe&ckp=k8o8wo4o51rl5ijl&glb=&chs=UTF-8&wsz=1600x1200&fls=0&flv=
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de715.cxense.com
Software
Jetty(9.2.z-SNAPSHOT) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 09:01:30 GMT
Server
Jetty(9.2.z-SNAPSHOT)
Content-Type
image/gif
Content-Length
43
P3P
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adcase-s.js
storage.googleapis.com/adcase.io/dist/4/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adcase.io/dist/4/adcase-s.js?1762404
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7509260d0009811c47548d96397472d75feba0dd46473523dbc8cd0e4ca30c62

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 08:56:18 GMT
age
312
status
200
x-guploader-uploadid
AEnB2Up2IUbF9jgkAlPFk3OrV_MWt9wH2AwWvPJF7kSUdU7nTOGRCXCkx9UuLeBoyjxD_XguLp61QO_Q5GKd-9nvpFHCqRT5ig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
34085
last-modified
Fri, 07 Sep 2018 15:51:49 GMT
server
UploadServer
etag
"47e374b6e239bb82d87382b067c896a0"
x-goog-hash
crc32c=H1yRQg==, md5=R+N0tuI5u4LYc4KwZ8iWoA==
x-goog-generation
1536335509857830
cache-control
public, max-age=3600
x-goog-stored-content-length
34085
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 06 Apr 2020 09:56:18 GMT
pubads_impl_2019062401.js
securepubads.g.doubleclick.net/gpt/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019062401.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
e0f09beb5ea460cffea7b53b219f1e88baf6a0c9c2d125294652998209addc15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jun 2019 13:05:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
56392
x-xss-protection
0
expires
Mon, 06 Apr 2020 09:01:30 GMT
integrator.sync.js
adservice.google.com/adsid/ 		113 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.sync.js?domain=9065d0m.uk.com
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
108
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/967466772/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967466772/?random=1586163690086&cv=9&fst=1586163690086&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&ig=1&frm=0&url=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b85d4881b415ae9003912d73d4050bf473c9fccf8542911e323b367df45227c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1001
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9=
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 09:01:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=8030908&ns__t=1586163690156&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&c9=
Pragma
no-cache
Date
Mon, 06 Apr 2020 09:01:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c683bb931d0b8d02a00688cf88a1cfeb471472ef29f72666c6b25e958f9d564f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0557fa0c9c7ce11a2028277bff78dc893be8eedde537085ec28bbc105066e517

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		176 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9957b142a22456b68f05ba726c21c08bf33ee55fed84df36f1bfdd3c7c84212

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
8IYCcVJTuJFgvI5ERq/Rfv+cCvro909KmS947+xQAvdphRv4Ul6LE8dVYhsc/PFB6R0t2gXgxC5WiHQXyVRjhQ==
x-fb-trip-id
420120009
date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
t_8a1fb0d3407f4fabbb114301677ee593_name_MMD_VD_20190612_HTH_IND_SaludNinos_1HG3I2_es.jpg
www.infobae.com/new-resizer/za7Ls2jjl8CicTcJrkCt7Y_3zDI=/960x540/filters:quality(80)/infobae-thumbnails.s3.amazonaws.com/06-12-2019/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.infobae.com/new-resizer/za7Ls2jjl8CicTcJrkCt7Y_3zDI=/960x540/filters:quality(80)/infobae-thumbnails.s3.amazonaws.com/06-12-2019/t_8a1fb0d3407f4fabbb114301677ee593_name_MMD_VD_20190612_HTH_IND_SaludNinos_1HG3I2_es.jpg
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.215.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-215-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48fc63322db8473ca3c53a8a51fc68e2d99eeae42054e291d380467294bf1645
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
x-check-cacheable
YES
x-serial
116
etag
"5c83d3e8e3c7635c62126e5be6752d27094c8b10"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
status
200
cache-control
private, no-transform, max-age=900
last-modified
Thu, 02 Apr 2020 01:55:32 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-length
70511
expires
Mon, 06 Apr 2020 09:16:30 GMT
fontawesome-webfont.woff2
9065d0m.uk.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://9065d0m.uk.com/fonts/fontawesome-webfont.woff2?v=4.6.0
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Origin
https://9065d0m.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
status
404
cache-control
max-age=14400
cf-ray
57fa5317face645b-FRA
content-length
0
truncated
/ 		443 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f77bde092431f5847ec5e948285ad51b9d93d6b4c8fd4d30426ae3851daee44

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		116 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa5af4f157fb0d7b1619ec66d827ae9fa04a882e004fabb67fcaa74dba666024

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		433 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ac6f6590c2d6a3f70d117afc27d7c0f37a0a8d179bbffc91d628d8905cd3f32

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
/
www.google.com/pagead/1p-user-list/967466772/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/967466772/?random=1586163690086&cv=9&fst=1586163600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&async=1&fmt=3&is_vtc=1&random=2876334180&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/967466772/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/967466772/?random=1586163690086&cv=9&fst=1586163600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&async=1&fmt=3&is_vtc=1&random=2876334180&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
336383993555320
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/336383993555320?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b0979467b99599418a40ccf74f1fc02ef6f57c5f61017c2a57da8d2a5448ee7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
115175
x-xss-protection
0
pragma
public
x-fb-debug
5wUUu1k5l9GeAJgZCYZ90gt8rwB0mUp2yyBP5xRArkbpry8V2in+vqlHw3OgRHbeZj7GG860UVwQp5Vs8CSZwA==
x-fb-trip-id
420120009
date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		513 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d14cf7cf4bcc813c1a75a578367833799f3ff958160b13a245f1e3f82ca7362

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		229 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54a92c69627cf6d2b94b6b48d1415c5e1024dd4ac0725ed1423aecdc95a326b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6f464c2b3d5ef05fc4d51b3b34ede0899836fd7d54960e68de43a1eff51213

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f4a8eb0037f5ced9b9fa666ec0d9a2500f0f52ae8832fe87279f4817b388c3b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39b83432b7e6120f315debe31cbbcb3ab0ecf491a86bd7b005a8b1875434c245

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b952819a7edce205fea1a448ae7e9ac2b659c73c00703096b29464672c28eac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0721d4416ec2cafbe06c8ef1271c43fe6ea3346737e437638109fa6488af417e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		44 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=336383993555320&ev=PageView&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&rl=&if=false&ts=1586163690397&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1586163690397.1246101340&it=1586163690306&coo=false&rqm=GET
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 06 Apr 2020 09:01:30 GMT
/
www.facebook.com/tr/ 		44 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=336383993555320&ev=ViewContent&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&rl=&if=false&ts=1586163690398&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1586163690397.1246101340&it=1586163690306&coo=false&rqm=GET
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 06 Apr 2020 09:01:30 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c528855685c4d5735f193ae10ef252e2412bb21d4409e166ccf43736c02cef44

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a0ffb9ba4d58fdf42e17452dea4f46ea923a10c97a96537e5ff436d56919603

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		87 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9dd2f0a7b903ccdd2b4a702bc3fcf70745d4765478c92aee86038e6ab55418d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		50 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6348dbd14e1271ab09db7323e2df83efcb3cc44c81a8636f5950eb72e76816ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		140 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e2dce4252135eb41c72644219c254ff77983d3793b894d193b4ff7f83af9a27

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=336383993555320&ev=ViewContent&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&rl=&if=false&ts=1586163690450&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.2.1586163690397.1246101340&it=1586163690306&coo=false&rqm=GET
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 06 Apr 2020 09:01:30 GMT
fontawesome-webfont.woff
9065d0m.uk.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://9065d0m.uk.com/fonts/fontawesome-webfont.woff?v=4.6.0
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Origin
https://9065d0m.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
status
404
cache-control
max-age=14400
cf-ray
57fa53197bd3645b-FRA
content-length
0
ua-sdk.min.js
web-sdk.urbanairship.com/notify/v1/ 		111 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.urbanairship.com/notify/v1/ua-sdk.min.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.208.151 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.208.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e1f786abedd69e37d079a7d52737ed58ca6a9b27c744157b8485daf50baee0f3

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:00:38 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1584982563
age
52
status
200
x-guploader-uploadid
AEnB2UpKSQWMgFPoYOJfesqzw5T5BSPptDs93B51oJlscNH32AvPKOfrbfmnFZswUQeL-qux3u6-6RTP5suJD2u578kIGoDXwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24422
last-modified
Mon, 23 Mar 2020 16:56:04 GMT
server
UploadServer
etag
"93ae95afa2458a6985d149371d231ab9"
vary
Accept-Encoding
x-goog-hash
crc32c=FAk9gg==, md5=k66Vr6JFimmF0Uk3HSMauQ==
x-goog-generation
1584982564339778
cache-control
public, max-age=300
x-goog-stored-content-length
24422
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 06 Apr 2020 09:05:38 GMT
iframe_api
www.youtube.com/ 		859 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16fe07ce7e34ab800aecb7705b902106841919bebb7b0a7e80b5000159e2b9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
chartbeat.js
static.chartbeat.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:2600:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 08:00:06 GMT
content-encoding
gzip
last-modified
Tue, 29 Oct 2019 02:24:02 GMT
server
nginx
age
3683
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=7200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
W0KchKq0mektBgavhvdU-SIHA3Lxla0RFJ5SMINq_J521aaHqWAgUw==
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
expires
Mon, 06 Apr 2020 10:00:06 GMT
alcaldes-cdmx.jpg
www.infobae.com/new-resizer/fys223pYD6UjdXGHskKF5PSJepU=/999x398/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07212344/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.infobae.com/new-resizer/fys223pYD6UjdXGHskKF5PSJepU=/999x398/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07212344/alcaldes-cdmx.jpg
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.215.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-215-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b07594e81b6b4f0be3479a866d86d33bdb8f7216bfdb97d36da119c328c3912f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:31 GMT
x-check-cacheable
YES
x-serial
1021
etag
"76baacfdd4628a1767bbb9b2946da23d4137ec51"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=900
last-modified
Mon, 06 Apr 2020 04:54:51 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-length
48916
expires
Mon, 06 Apr 2020 09:16:31 GMT
aguas-negras-en-lagunas-1.jpg
www.infobae.com/new-resizer/j5DCpjf4phEByGGR2gAFsqDIJ3E=/999x561/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07223726/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.infobae.com/new-resizer/j5DCpjf4phEByGGR2gAFsqDIJ3E=/999x561/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07223726/aguas-negras-en-lagunas-1.jpg
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.215.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-215-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4d77a2152f42be1d87c4c1baf28379b75bf598e2058347d49a28d832101bc2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Mon, 30 Mar 2020 05:31:37 GMT
etag
"cdadf502a3cb1cf0a4cf82d7400ff85bcc0bfd49"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=1974577
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-length
88758
expires
Wed, 29 Apr 2020 05:31:07 GMT
Alianza-del-Pac%C3%ADfico1.jpg
www.infobae.com/new-resizer/hwOfyaJEjXU5zI8doiFulVmgrPI=/999x398/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07033059/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.infobae.com/new-resizer/hwOfyaJEjXU5zI8doiFulVmgrPI=/999x398/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/07033059/Alianza-del-Pac%C3%ADfico1.jpg
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.215.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-215-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1629423442b94a4d5cca9289993e008d54e4fba079eaa0b65c9434c48c66e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:31 GMT
x-check-cacheable
YES
x-serial
112
etag
"6d6d1c7d3724c45dac9f58ec413511c74298e6dd"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=900
last-modified
Sat, 21 Mar 2020 21:14:06 GMT
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-length
51512
expires
Mon, 06 Apr 2020 09:16:31 GMT
farc-portada.jpg
www.infobae.com/new-resizer/FjrhbPpik-m5dyzj9vEzZE2Xlgc=/999x561/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/05210751/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.infobae.com/new-resizer/FjrhbPpik-m5dyzj9vEzZE2Xlgc=/999x561/filters:quality(100)/s3.amazonaws.com/arc-wordpress-client-uploads/infobae-wp/wp-content/uploads/2019/07/05210751/farc-portada.jpg
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.215.24 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-122-215-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00c5462538bfbcef20e5c44337db655dbbfe9008300a9d814e1b6f808bf25812
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Mon, 06 Apr 2020 04:54:53 GMT
etag
"c1d359dd05dea8f0cfc94e6045593e4264897ae5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=2577200
content-security-policy
upgrade-insecure-requests; media-src https: blob:; child-src https: blob:; default-src https: wss: 'unsafe-inline' 'unsafe-eval' data:; font-src https: data:; img-src https: data:;
content-length
143290
expires
Wed, 06 May 2020 04:54:50 GMT
pa-5c88199a1872b500160008d5.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5c88199a1872b500160008d5.js
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44cbb64ed582912cf3838772876351eaf3ae12ff4994761ec8a194226accd5f6

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2019 09:19:43 GMT
server
cloudflare
age
268
etag
W/"5d1338af-1878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=86400
cf-ray
57fa531a7b561f39-FRA
access-control-allow-origin
*
expires
Mon, 06 Apr 2020 09:02:02 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=9065d0m.uk.com&p=%2Fikflerlg%2Findex.html&u=DGEt4YCeJ5ZbDTU_Nm&d=9065d0m.uk.com&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=14842&o=1921&w=1185&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1990&_c=facebook&t=7XTZdiNlYwCCz7bDDLg2WFCSFyF9&V=113&tz=-120&sn=1&sv=DFoYlLhpu0l0UwaDpCawtxiQy&sd=1&im=06000000&_
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.229.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-229-80.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
pragma
no-cache
date
Mon, 06 Apr 2020 09:01:30 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
43
content-type
image/gif
config.json
c.go-mpulse.net/api/ Frame 589F 		68 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=VSGA2-YTLVV-VY5L5-HB56H-W3YTX&d=9065d0m.uk.com&t=5287212&v=1.632.0&if=&sl=0&si=0m1lum80s3tm-q8czqi&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by
Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/VSGA2-YTLVV-VY5L5-HB56H-W3YTX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:184::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Origin
https://9065d0m.uk.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Apr 2020 09:01:30 GMT
Cache-Control
public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
68
Content-Type
application/json
fontawesome-webfont.ttf
9065d0m.uk.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://9065d0m.uk.com/fonts/fontawesome-webfont.ttf?v=4.6.0
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Origin
https://9065d0m.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
status
404
cache-control
max-age=14400
cf-ray
57fa531aece9645b-FRA
content-length
0
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=336383993555320&ev=Microdata&dl=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html%3Futm_campaign%3Dfacebook&rl=&if=false&ts=1586163690905&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1185%2C%22w%22%3A1585%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FItemList%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.2.1586163690397.1246101340&it=1586163690306&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: 9065d0m.uk.com
URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:01:30 GMT, Mon, 06 Apr 2020 09:01:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 06 Apr 2020 09:01:30 GMT
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5c88199a1872b500160008d5&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=144&cE=167&dLE=144&dLS=130&fS=130&hS=149&rE=-1&rS=-1&reS=167&resS=828&resE=1899&uEE=-1&uES=-1&dL=836&dI=1959&dCLES=1959&dCLEE=1982&dC=2479&lES=2479&lEE=2482&s=nt&title=&path=https%3A%2F%2F9065d0m.uk.com%2Fikflerlg%2Findex.html&ref=&sId=ixy36bi0&sST=1586163691&sIS=1&rV=0&v=1.4.0
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5c88199a1872b500160008d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.151.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-151-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook
Origin
https://9065d0m.uk.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 06 Apr 2020 09:01:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_js_reporting_queue object| ggeac function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| google_tag_data function| ga object| gaplugins object| ns_ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| __core-js_shared__ object| core object| PoWaSettings object| google_tag_manager object| dataLayer object| FB object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter function| GooglemKTybQhCsO function| google_trackConversion function| udm_ object| _comscore object| COMSCORE object| cX function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage function| OptaCustomv2AfterInitCallback function| $ function| jQuery function| getUserSegmentIdsLocal object| isMobile number| mobile_browser number| iphone_browser number| ipad_browser number| android_browser number| android233_browser number| kindle_browser number| retina_browser number| mobile_tablet string| GoogleAnalyticsObject object| gaGlobal object| gaData number| BOOMR_lstart number| _sf_startpt object| ARC undefined| cXJsonpCBk8o8wo4rtiu7lunr function| uaSetup object| adcase object| googletag object| script object| closure_memoize_cache_ object| googleToken object| googleIMState function| processGoogleTokenSync object| BOOMR object| BOOMR_mq object| GooglebQhCsO object| ns_p undefined| google_measure_js_timing object| powaData function| setImmediate function| clearImmediate function| powaBoot object| scripts boolean| pageviewPresent function| fbq function| _fbq object| clavis object| pageBuilder object| logger object| youtubePlayers boolean| playing function| onPlayerReady object| $d object| $w object| $b function| formatDuration object| cookies function| Hammer function| initYouTubePlayers function| youtubeVideoLabelHide object| UA function| addVideoToList function| updateVideoListStatus function| checkForFBVideos object| fbVideos function| fbAsyncInit object| ytTag object| firstScriptTag function| onYouTubeIframeAPIReady function| onYTPlayerStateChange object| ytVideos function| beginrefresh function| handleAutoRefresh function| checkIfPowasPlaying function| checkIfSocialVideoPlaying function| getRefreshDuration function| isLiveBarPresent object| refreshTimeout object| _sf_async_config number| _sf_endpt object| opta_settings object| _optaParams object| _cb_shared object| d undefined| div object| ads string| divId object| tags undefined| tag object| key function| moveAdsMobile function| moveAdsArticle object| firstImageRow object| firstImage undefined| firstImageSrc undefined| templateId undefined| article_id undefined| section object| heightNavBar object| heightShareBar number| heightShell object| fullArticle object| headerWrapper object| heading object| byLineContent object| subHeadline object| figCredits object| contentRawHtml function| injectStyles undefined| link number| BOOMR_onload

12 Cookies

Domain/Path Name / Value
9065d0m.uk.com/ Name: _cb_svref
Value: null
9065d0m.uk.com/ Name: _chartbeat2
Value: .1586163690605.1586163690605.1.DFoYlLhpu0l0UwaDpCawtxiQy.1
.9065d0m.uk.com/ Name: _fbp
Value: fb.2.1586163690397.1246101340
9065d0m.uk.com/ Name: _cb
Value: DGEt4YCeJ5ZbDTU_Nm
.9065d0m.uk.com/ Name: cX_S
Value: k8o8wo4nc4im5aqe
.9065d0m.uk.com/ Name: _gat
Value: 1
.9065d0m.uk.com/ Name: _gid
Value: GA1.3.572549837.1586163690
9065d0m.uk.com/ikflerlg Name: pa
Value: pa=sid%3Dixy36bi0%26sst%3D1586163691%26sis%3D1%26rv%3D0
.9065d0m.uk.com/ Name: _ga
Value: GA1.3.1524855295.1586163690
.9065d0m.uk.com/ Name: __cfduid
Value: d6f1c4b573b48170cddd0003fede97c081586163688
9065d0m.uk.com/ Name: _cb_ls
Value: 1
.9065d0m.uk.com/ Name: cX_P
Value: k8o8wo4o51rl5ijl

1 Console Messages

Source Level URL
Text
console-api warning URL: https://9065d0m.uk.com/ikflerlg/index.html?utm_campaign=facebook(Line 779)
Message:
The Facebook JSSDK is more than 7 days old.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9065d0m.uk.com
adservice.google.com
api.cxense.com
c.go-mpulse.net
connect.facebook.net
googleads.g.doubleclick.net
is.gd
ping.chartbeat.net
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.ytimg.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
storage.googleapis.com
web-sdk.urbanairship.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.infobae.com
www.youtube.com
147.75.85.120
172.217.22.98
178.63.12.147
2.16.31.65
216.58.207.66
2600:9000:2156:2600:18:1fcd:349:ca21
2606:4700:10::6814:14ef
2606:4700:20::6819:ea35
2606:4700:3035::6812:364a
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2010
2a00:1450:400c:c00::9a
2a02:26f0:6c00:180::268b
2a02:26f0:6c00:184::11a6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.232.229.80
35.227.208.151
52.30.151.94
92.122.215.24
00c5462538bfbcef20e5c44337db655dbbfe9008300a9d814e1b6f808bf25812
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0557fa0c9c7ce11a2028277bff78dc893be8eedde537085ec28bbc105066e517
0721d4416ec2cafbe06c8ef1271c43fe6ea3346737e437638109fa6488af417e
0b952819a7edce205fea1a448ae7e9ac2b659c73c00703096b29464672c28eac
0c6f464c2b3d5ef05fc4d51b3b34ede0899836fd7d54960e68de43a1eff51213
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16fe07ce7e34ab800aecb7705b902106841919bebb7b0a7e80b5000159e2b9b0
1ac6f6590c2d6a3f70d117afc27d7c0f37a0a8d179bbffc91d628d8905cd3f32
1f0a166a9d871f1e11e7f24c885812e39ece64afa502c72bfbb766568bc8013d
2b122249c383e80a8de4a0620a41de5dc83881fdac07aad7ee104f030a34b986
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
39b83432b7e6120f315debe31cbbcb3ab0ecf491a86bd7b005a8b1875434c245
44cbb64ed582912cf3838772876351eaf3ae12ff4994761ec8a194226accd5f6
48fc63322db8473ca3c53a8a51fc68e2d99eeae42054e291d380467294bf1645
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54a92c69627cf6d2b94b6b48d1415c5e1024dd4ac0725ed1423aecdc95a326b2
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b0979467b99599418a40ccf74f1fc02ef6f57c5f61017c2a57da8d2a5448ee7
6348dbd14e1271ab09db7323e2df83efcb3cc44c81a8636f5950eb72e76816ee
6a0ffb9ba4d58fdf42e17452dea4f46ea923a10c97a96537e5ff436d56919603
6d14cf7cf4bcc813c1a75a578367833799f3ff958160b13a245f1e3f82ca7362
6f77bde092431f5847ec5e948285ad51b9d93d6b4c8fd4d30426ae3851daee44
7509260d0009811c47548d96397472d75feba0dd46473523dbc8cd0e4ca30c62
7f4a8eb0037f5ced9b9fa666ec0d9a2500f0f52ae8832fe87279f4817b388c3b
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9e2dce4252135eb41c72644219c254ff77983d3793b894d193b4ff7f83af9a27
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4d77a2152f42be1d87c4c1baf28379b75bf598e2058347d49a28d832101bc2e
aa5af4f157fb0d7b1619ec66d827ae9fa04a882e004fabb67fcaa74dba666024
b07594e81b6b4f0be3479a866d86d33bdb8f7216bfdb97d36da119c328c3912f
b85d4881b415ae9003912d73d4050bf473c9fccf8542911e323b367df45227c5
b9957b142a22456b68f05ba726c21c08bf33ee55fed84df36f1bfdd3c7c84212
c05421dd7f2965177a1a47c616aae8b8980d80d73ddce7575d8ea4397e39083f
c528855685c4d5735f193ae10ef252e2412bb21d4409e166ccf43736c02cef44
c683bb931d0b8d02a00688cf88a1cfeb471472ef29f72666c6b25e958f9d564f
cd54ab897f40a720d39ada9707c38af6aa42ffca70df3a7514306a705e8fada0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9dd2f0a7b903ccdd2b4a702bc3fcf70745d4765478c92aee86038e6ab55418d
e0f09beb5ea460cffea7b53b219f1e88baf6a0c9c2d125294652998209addc15
e1629423442b94a4d5cca9289993e008d54e4fba079eaa0b65c9434c48c66e6f
e1f786abedd69e37d079a7d52737ed58ca6a9b27c744157b8485daf50baee0f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97818739ebb98f7e7158da11a697bd9369fcb59d5d2adabb78f406ebb99e48d
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629