secure.tagged.com Open in urlscan Pro
135.84.35.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.taggedmail.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25NzA&current_user_id=35...
Effective URL:
https://secure.tagged.com/phished.html
Submission: On July 24 via api (July 24th 2020, 5:28:13 am UTC) from US

Summary HTTP 136 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 34 domains to perform 136 HTTP transactions. The main IP is 135.84.35.166, located in San Francisco, United States and belongs to TAGGED-ASN, US. The main domain is secure.tagged.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 5th 2019. Valid for: 2 years.

This is the only time secure.tagged.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 8	135.84.35.166 135.84.35.166	36080 (TAGGED-ASN) (TAGGED-ASN)
15	135.84.35.171 135.84.35.171	36080 (TAGGED-ASN) (TAGGED-ASN)
3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
7	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.246.210.224 54.246.210.224	16509 (AMAZON-02) (AMAZON-02)
4	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2.21.37.92 2.21.37.92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.214.39 104.111.214.39	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:a400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	3.127.95.92 3.127.95.92	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
2	104.111.215.68 104.111.215.68	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.215.51 104.111.215.51	16625 (AKAMAI-AS) (AKAMAI-AS)
136	43

8 135.84.35.166 (San Francisco, United States) 4 redirects

ASN36080 (TAGGED-ASN, US)

www.taggedmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tagged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.tagged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 135.84.35.171 (San Francisco, United States)

ASN36080 (TAGGED-ASN, US)

secure-static.tagged.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:81b (United States)

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)

backend.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.210.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.87 (Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.37.92 (France)

ASN20940 (AKAMAI-ASN1, EU)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)

freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.39 (Netherlands)

ASN16625 (AKAMAI-AS, US)

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.238.139 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:a400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.95.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.68 (Netherlands)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.51 (Netherlands)

ASN16625 (AKAMAI-AS, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	tagged.com 3 redirects www.tagged.com secure.tagged.com secure-static.tagged.com	316 KB
20	googlesyndication.com a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	263 KB
11	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	96 KB
8	pub.network a.pub.network d.pub.network c.pub.network	247 KB
6	openx.net 2 redirects freestar-d.openx.net eu-u.openx.net	1 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	4 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
6	googletagservices.com www.googletagservices.com	152 KB
6	google.com www.google.com adservice.google.com	1 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
4	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	178 B
4	districtm.io dmx.districtm.io cdn.districtm.io	618 B
4	quantserve.com edge.quantserve.com secure.quantserve.com pixel.quantserve.com	17 KB
3	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	4 KB
3	upapi.net mrb.upapi.net backend.upapi.net	233 KB
3	google.de adservice.google.de	504 B
2	indexww.com js-sec.indexww.com
2	criteo.net static.criteo.net	44 KB
2	quantcount.com rules.quantcount.com	1 KB
2	media.net hbx.media.net	9 KB
2	lijit.com ap.lijit.com	1 KB
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	yieldmo.com ads.yieldmo.com	450 B
2	criteo.com bidder.criteo.com	294 B
2	facebook.net connect.facebook.net	60 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	sharethrough.com btlr.sharethrough.com	114 B
1	googleapis.com fonts.googleapis.com	535 B
1	facebook.com www.facebook.com
1	ad-delivery.net ad-delivery.net	629 B
1	videoplayerhub.com freestar-io.videoplayerhub.com	27 KB
1	gstatic.com www.gstatic.com	130 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
1	taggedmail.com 1 redirects www.taggedmail.com	701 B
136	34

	Domain	Requested by
15	secure-static.tagged.com	secure.tagged.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net secure.tagged.com
6	www.googletagservices.com	a.pub.network securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	sb.scorecardresearch.com	2 redirects a.pub.network secure.tagged.com
5	secure.tagged.com	1 redirects secure.tagged.com secure-static.tagged.com
4	eu-u.openx.net	2 redirects a.pub.network
4	ib.adnxs.com	a.pub.network
4	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
3	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
3	d.pub.network	a.pub.network
3	a.pub.network	secure.tagged.com a.pub.network
3	www.google.com	secure.tagged.com www.gstatic.com
2	acdn.adnxs.com	a.pub.network
2	js-sec.indexww.com	a.pub.network
2	cdn.districtm.io	a.pub.network
2	ads.pubmatic.com	a.pub.network
2	c.pub.network	a.pub.network
2	static.criteo.net	a.pub.network static.criteo.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	pixel.quantserve.com	secure.tagged.com
2	rules.quantcount.com	secure.quantserve.com
2	hbx.media.net	a.pub.network hbx.media.net
2	freestar-d.openx.net	a.pub.network
2	fastlane.rubiconproject.com	a.pub.network
2	ap.lijit.com	a.pub.network
2	hbopenbid.pubmatic.com	a.pub.network
2	as-sec.casalemedia.com	a.pub.network
2	ads.yieldmo.com	a.pub.network
2	dmx.districtm.io	a.pub.network
2	bidder.criteo.com	a.pub.network
2	connect.facebook.net	secure-static.tagged.com connect.facebook.net
2	mrb.upapi.net	freestar-io.videoplayerhub.com mrb.upapi.net
2	www.google-analytics.com	www.googletagmanager.com secure.tagged.com
2	www.tagged.com	2 redirects
1	eus.rubiconproject.com	a.pub.network
1	btlr.sharethrough.com	a.pub.network
1	a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	secure-static.tagged.com
1	secure.quantserve.com	a.pub.network
1	backend.upapi.net	mrb.upapi.net
1	www.facebook.com	connect.facebook.net
1	ad-delivery.net	secure.tagged.com
1	ad.doubleclick.net	secure.tagged.com
1	freestar-io.videoplayerhub.com	a.pub.network
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	secure.tagged.com
1	edge.quantserve.com	secure.tagged.com
1	www.taggedmail.com	1 redirects
136	52

This site contains links to these domains. Also see Links.

Domain
www.tagged.com
ifwe.co
freestar.io

Subject Issuer	Validity	Valid
tagged.com COMODO RSA Organization Validation Secure Server CA	`2019-01-05` - `2021-01-04`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2020-03-17` - `2021-05-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.upapi.net Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://secure.tagged.com/phished.html
Frame ID: B57BF6404C88DD2B77A407217FFA2E3F
Requests: 93 HTTP requests in this frame

Frame: https://secure.tagged.com/blank.html
Frame ID: 55A2FC87041211EE24CD935F91EA8E5A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=mos648yyd5m4
Frame ID: A1104DDD732189763A49C0CAA1F8D5DB
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2
Frame ID: 5188545C6BE2CAFCA54D856EB306712D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Frame ID: A845897B8F6EB16925F5730164C3C83A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82qj1Z_hjykDFkBa2C0kbiDaITF5ahLB-E-1AjFDIk7VJ14qbVFnZtIvIDI4ZuHB0GloOxC-FC-5jqJHoqYYJua_M663WGDzuJQzrpj9EIhY_9TYB4obeL-Af9vHMljYkISQ-8yz0JngD81srchQp1K7ak8Yd48iqIy0qKSzzxx_MXNAozxv7YibqgRRvOAvLZVCfZNKmWTYgBQStF_oMIeU_YLZjJAac4Y_YkhlpiM69cItc8k2ERMmXCETs0MVkYSGkraURXAaPIBDynXI&sai=AMfl-YT3qfQweNoLqNEX657yuOrlcxX6CJQjzLxwVeQoMQiawJoV46MbcQSJvERltCovCXVMqNgiYojkqC7IqxfKGd0jsBPG6T7pFuYq_auk8H2M2P73ZY3tEI9DA46C_ew&sig=Cg0ArKJSzIi3yQ-KmtipEAE&urlfix=1&adurl=
Frame ID: C194411A0A126B197E3AA0B337C9A3E5
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=3sedpy3qrivr
Frame ID: D7C30B249192D7EB8116EE304A0BFA28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html
Frame ID: DE46A4012BB90A8E23461FB18C3DCDC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031634&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568469168&bpp=22&bdt=241&idt=63&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=2&ga_vid=246163585.1595568468&ga_sid=1595568469&ga_hid=644696067&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1070&biw=1600&bih=1200&isw=728&ish=90&ifk=2474037241&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=1246338231799639&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vu6dbhv6ulkv&fsb=1&dtd=91
Frame ID: 30AAF10F87693DA2C532AA4C85A969CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 47945B10AA6BCDC51A89D0A1DD22DE4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: F852052F960F183A86E3F8A13F55EC5C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgp2KuuChm_2rIVll37I20VGT_rWsrk8YG3v5XTyo2IhGsunBF35Ibl1cAGGIZyPObs4qcbEuUn0C3QDnbbWPLIXiXgXKZQ913HIwMIqNyIe4bxo_z7aFpax8TblgsQGpzA2F4zFGrbF5HPUTUcUmrmW4Wnb8uxWSYY6FVSkacIKsPgl-teX9qqfbIyva5LvszMEzN2CaKtA88cOyIEvG4O7H3eRESynad4d22Xtug7DLkde5VVBt2QCLUpg97tiBEYfY_ysc1aCypIpWOX-JzwnAVG1t5i5AN5ZZtDq8HD7N1G3Ce6yLnOzQ&sig=Cg0ArKJSzGzVuY_SEZo-EAE&urlfix=1&adurl=
Frame ID: FAC1DE17D9AFCF6E78E59BFD5B813400
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031645&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568470308&bpp=4&bdt=38&idt=104&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=1&ga_vid=246163585.1595568468&ga_sid=1595568470&ga_hid=779996887&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=52&biw=1600&bih=1200&isw=728&ish=90&ifk=730374371&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=3419431418424742&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yesqw4tnzece&fsb=1&dtd=112
Frame ID: 59FCBE6D516046394DF7197AE26FB835
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 0B64F81B87E5C7D5854C57CD5E95E230
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: FDCDC811D653E83EE7683F47A966C90E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 32B0A72C2ADE0B565EB8D3E89DE0B9DA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 66500754C3AF03F6BD499BD32EA98079
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1C359A3315D2550FA39D73FBB3029739
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5739D1FF1A592415949AFAA34198E000
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 02107687ABBD6634EC1B342E7FD75A0E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Frame ID: 2FE44A5C4133AE1F15AB13667DD02472
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 0EEA67D39661C48D6D1674C329154A01
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 58CC83513BA57228AA986E4C5DC2D13E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 212A1338766B0CDCA81931639410B8FA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: BC8C92AECADD7A1670DBFDCC402C0721
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.taggedmail.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25Nz... HTTP 302
http://www.tagged.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25Nz... HTTP 302
http://www.tagged.com/edit_fields.html?field=editemail&eaId=35300569&bl=1&r=http%3A%2F%2Fwww.tagge... HTTP 302
https://secure.tagged.com/account_info.html HTTP 302
https://secure.tagged.com/phished.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

136
Requests

100 %
HTTPS

43 %
IPv6

34
Domains

52
Subdomains

43
IPs

6
Countries

1686 kB
Transfer

4858 kB
Size

19
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tagged.com/home.html?dataSource=Tagged&ll=nav
Title:

Search URL Search Domain Scan URL

URL: http://www.tagged.com/home.html?dataSource=Feed&ll=nav
Title: Home

Search URL Search Domain Scan URL

URL: http://www.tagged.com/profile.html?dataSource=Profile&ll=nav
Title: Profil

Search URL Search Domain Scan URL

URL: http://www.tagged.com/messages.html?source=h&dataSource=Messages&ll=nav
Title: Nachrichten

Search URL Search Domain Scan URL

URL: http://www.tagged.com/browse
Title: Durchsuchen

Search URL Search Domain Scan URL

URL: http://www.tagged.com/meetme
Title: Triff Mich

Search URL Search Domain Scan URL

URL: http://www.tagged.com/apps/pets.html?dataSource=Pets&ll=nav
Title: Pets3

Search URL Search Domain Scan URL

URL: http://www.tagged.com/photo_gallery.html?dataSource=Photos&ll=nav
Title: Fotos

Search URL Search Domain Scan URL

URL: http://www.tagged.com/tags.html?dataSource=Tags&ll=nav
Title: Tags

Search URL Search Domain Scan URL

URL: http://www.tagged.com/luv.html?dataSource=Luv&ll=nav
Title: Herz

Search URL Search Domain Scan URL

URL: http://www.tagged.com/wink.html?dataSource=Wink&ll=nav
Title: Wink

Search URL Search Domain Scan URL

URL: http://www.tagged.com/friends.html?dataSource=Friends&ll=nav
Title: Freunde

Search URL Search Domain Scan URL

URL: http://www.tagged.com/find_groups.html?dataSource=Groups&ll=nav
Title: Gruppen

Search URL Search Domain Scan URL

URL: http://www.tagged.com/apps/cafe.html?dataSource=Cafe&ll=nav
Title: Cafe

Search URL Search Domain Scan URL

URL: http://www.tagged.com/notifications.html?dataSource=Notifications&ll=nav
Title: Benachrichtigungen

Search URL Search Domain Scan URL

URL: http://www.tagged.com/birthdays.html?dataSource=Birthdays&ll=nav
Title: Geburtstage

Search URL Search Domain Scan URL

URL: http://www.tagged.com/vip/subscribe.html?dataSource=vip_reminder&ll=alert_dropdown
Title: Mit Premium herausstechen!

Search URL Search Domain Scan URL

URL: http://www.tagged.com/add_photo_interstitial.html?dataSource=profile_photo&ll=alert_dropdown
Title: Kein Profilfoto!

Search URL Search Domain Scan URL

URL: http://www.tagged.com/friends.html?source=findalert&dataSource=find_friend&ll=alert_dropdown#tab=3
Title: Weitere Freunde finden

Search URL Search Domain Scan URL

URL: http://www.tagged.com/apps/pets.html?ll=alert_dropdown&dataSource=pets
Title: Aktualisierung Pets

Search URL Search Domain Scan URL

URL: http://www.tagged.com/gold.html?ll=alert_dropdown&showtab=1&dataSource=gold_2
Title: Neue Gold-Angebote

Search URL Search Domain Scan URL

URL: http://www.tagged.com/gold.html?dataSource=GetGold&ll=nav
Title: Mehr Gold!

Search URL Search Domain Scan URL

URL: http://www.tagged.com/vip/subscribe.html?dataSource=VipSubscribe&ll=nav
Title: Tritt Premium bei

Search URL Search Domain Scan URL

URL: http://www.tagged.com/support.html?dataSource=ContactUs&ll=nav
Title: Unterstützung

Search URL Search Domain Scan URL

URL: http://www.tagged.com/tagged_mobile.html
Title: Mobil

Search URL Search Domain Scan URL

URL: http://ifwe.co/
Title: Firma

Search URL Search Domain Scan URL

URL: http://ifwe.co/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.tagged.com/terms_of_service.html#privacy_policy
Title: Privatsphäre

Search URL Search Domain Scan URL

URL: http://www.tagged.com/terms_of_service.html
Title: Bedingungen

Search URL Search Domain Scan URL

URL: http://www.tagged.com/safety_practices.html
Title: Safety

Search URL Search Domain Scan URL

URL: http://www.tagged.com/support.html
Title: Unterstützung

Search URL Search Domain Scan URL

URL: https://freestar.io/?utm_medium=stickyFooter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.taggedmail.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25NzA&current_user_id=35068132&email_log_id=343324288601&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=pet_link_0&isPetsEmail=pet_link&fragment=home%2F HTTP 302
http://www.tagged.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25NzA&current_user_id=35068132&email_log_id=343324288601&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=pet_link_0 HTTP 302
http://www.tagged.com/edit_fields.html?field=editemail&eaId=35300569&bl=1&r=http%3A%2F%2Fwww.tagged.com%2Fapps%2Fpets.html%3Fect%3Dlwls32lo%26fid%3DB55ECA10E2539F09%26al%3D1%26current_user_id%3D35068132%26email_log_id%3D343324288601%26template_name%3Dpets_suggestions-1-1-232-20%26tn%3DcGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw%26linkId%3Dpet_link_0 HTTP 302
https://secure.tagged.com/account_info.html HTTP 302
https://secure.tagged.com/phished.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1

Request Chain 65

https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1

Request Chain 70

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t

Request Chain 129

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0

Request Chain 136

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request phished.html Show response
secure.tagged.com/
Redirect Chain

http://www.taggedmail.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25NzA&current_user_id=35068132&email_log_id=343324288601&template_name=pets_suggestions-1-1-232-20&...
http://www.tagged.com/apps/pets.html?ect=lwls32lo&fid=B55ECA10E2539F09&al=2qgoA9u-kx-j.1uyL_s.25NzA&current_user_id=35068132&email_log_id=343324288601&template_name=pets_suggestions-1-1-232-20&tn=c...
http://www.tagged.com/edit_fields.html?field=editemail&eaId=35300569&bl=1&r=http%3A%2F%2Fwww.tagged.com%2Fapps%2Fpets.html%3Fect%3Dlwls32lo%26fid%3DB55ECA10E2539F09%26al%3D1%26current_user_id%3D350...
https://secure.tagged.com/account_info.html
https://secure.tagged.com/phished.html

19 KB
6 KB

553ms
553ms

Document
text/html

135.84.35.166
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.tagged.com/phished.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

4301485ff544ef56e036a960e7735150c29c6249ec971486b5c401506b4efa3c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: secure.tagged.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: S=8as5io4kil4rbgi1l9abmmnns0; B=b=AF6A6F503C14FD50&remember_me=; L=3qL7G1O7KgF5.1v6D5h.25NzA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-FRAME-OPTIONS: DENY
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5770
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 24 Jul 2020 05:27:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://secure.tagged.com/phished.html
Content-Length: 0
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK oUORqk0u6.css
secure-static.tagged.com/dyn/css/z/ 13 KB
4 KB 596ms
199ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/z/oUORqk0u6.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 2899bfd42faca1e75293701c0b599f5b41fb69a7d31ce540d9a6fe92cfa17e9e

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 20:02:05 GMT
Server: Apache
ETag: "3397-59585464429e1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 3249
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK d0wPZKdDO.css
secure-static.tagged.com/dyn/css/V/ 55 KB
10 KB 610ms
205ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/V/d0wPZKdDO.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: f0a194b382cc100fe913fb166c5916d56343186ae287395e24e182f1e6f27050

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Dec 2019 21:29:29 GMT
Server: Apache
ETag: "db19-5997452ea7637-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 9770
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK mElnZ1Bk6_cl.js Show response
secure-static.tagged.com/dyn/js/2/ 110 KB
40 KB 627ms
214ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 17f11260e32fe25cb8c572482f049be5901fb39f26fdacfeca588c8e8f5e3c25

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 May 2019 18:30:15 GMT
Server: Apache
ETag: "1b69f-58955ec6d4ae6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 40802
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK tagged_logo_basic.png
secure-static.tagged.com/im/headers/default/ 1 KB
2 KB 399ms
201ms Image
image/png 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-static.tagged.com/im/headers/default/tagged_logo_basic.png
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 35ca40cd00ec12c376791e23fe8e95b1bff7fcb786bcc1d23bfa524d022b95cb

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Last-Modified: Thu, 23 Jul 2020 20:25:42 GMT
Server: Apache
ETag: "4c9-5ab21a90d2ea5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 1225
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
548 B 15ms
15ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa3d7a81033aa528fcb9e450d51011de199b00b03693595d186eb78191653fd4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 1; mode=block
expires: Fri, 24 Jul 2020 05:27:47 GMT

GET
H/1.1 200
OK I6qoNGT1-_cl.js Show response
secure-static.tagged.com/dyn/js/O/ 5 KB
2 KB 204ms
203ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/O/I6qoNGT1-_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: b95cabafcf9ef68db4877eaa8dd3672c8d0ecb1cded2fa380f0f594f5ebafbf4

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2018 22:28:36 GMT
Server: Apache
ETag: "135f-563f1c4684e14-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 1656
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK ymbr2rdFa_cl.js Show response
secure-static.tagged.com/dyn/js/u/ 85 KB
26 KB 237ms
236ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/u/ymbr2rdFa_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 78bce966a34a7d059566d15ab371236a97b12daa31b93869433a830cdfebc6b3

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 May 2019 18:37:38 GMT
Server: Apache
ETag: "15206-5895606d8704e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 25803
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK OZdSMA8xJ.css
secure-static.tagged.com/dyn/css/H/ 3 KB
1 KB 199ms
197ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/H/OZdSMA8xJ.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: efe5376f6eba8ac2fe298720db0b8323f8eae62a798ca0809325663fbcf0084d

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2016 20:05:57 GMT
Server: Apache
ETag: "ad6-544d19d0c4e67-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 904
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK DSM1P_Rp6.css
secure-static.tagged.com/dyn/css/y/ 3 KB
1 KB 209ms
202ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: ea55489a5a88e01c3b3c70777df6747d0b7b415717721f6ba59ed87cf487bd80

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Dec 2016 20:05:56 GMT
Server: Apache
ETag: "d07-544d19d03904e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 1098
Expires: Sun, 23 Aug 2020 05:27:47 GMT

GET
H/1.1 200
OK o4rvqBFka_cl.js Show response
secure-static.tagged.com/dyn/js/s/ 287 KB
86 KB 459ms
222ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/s/o4rvqBFka_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: d37bf9276b80ea3631ee24ace6e559c3e9dd482f3c7a168a43c8c86bb16b333c

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Jul 2019 15:12:01 GMT
Server: Apache
ETag: "47b85-58e6ebb316604-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H/1.1 200
OK PLigaE1VH.css
secure-static.tagged.com/dyn/css/h/ 54 KB
11 KB 591ms
199ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/h/PLigaE1VH.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 7eef757b4075316d57944a1e25b9d9e64725f16a61479ebd3fd75918c17c44ae

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jul 2018 23:07:36 GMT
Server: Apache
ETag: "d763-571b2b616546d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 11168
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H/1.1 200
OK XPJdIHB4P.css
secure-static.tagged.com/dyn/css/L/ 7 KB
2 KB 607ms
202ms Stylesheet
text/css 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/css/L/XPJdIHB4P.css
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 5c51ca8caec5815d423c6da7e2350081a3468d64325c650ae3d32dbcf49fd4d7

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 22:00:12 GMT
Server: Apache
ETag: "1d94-570ac41155f29-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 2017
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H/1.1 200
OK fP_hAz_Th_cl.js Show response
secure-static.tagged.com/dyn/js/Y/ 6 KB
3 KB 383ms
207ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/Y/fP_hAz_Th_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: e85be082883035d0bd23d3b6f8677291b3ae0222692d3e6109309bc30c41074e

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2018 22:20:32 GMT
Server: Apache
ETag: "19f1-563f1a78393b8-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 2499
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H/1.1 200
OK 90aZLCiBM_cl.js Show response
secure-static.tagged.com/dyn/js/H/ 55 KB
13 KB 198ms
197ms Script
application/javascript 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-static.tagged.com/dyn/js/H/90aZLCiBM_cl.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: cbb6377affa885057ccdc52bfea351359866c203e4d14c69fd531aacee9fae42

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jan 2020 20:08:34 GMT
Server: Apache
ETag: "dc5b-59c0b0a469524-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 12599
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 22 KB
8 KB 25ms
8ms Script
application/x-javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.quantserve.com/quant.js

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:47 GMT
content-encoding: gzip
last-modified: Fri, 24-Jul-2020 05:27:47 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Fri, 31 Jul 2020 05:27:47 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/tagged-com/ 290 KB
77 KB 48ms
30ms Script
application/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/tagged-com/pubfig.min.js
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493eb651929532632f6fedad9155baa3e72d811d370a92d233b32665d9333b9a

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:47 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUlEYKcHAoAVYLKy0LS7OJreyoHIj_YdhwynbqcWRpVNx_8msMhZXZiugzeQg1ghpE9PcPM8w0HlP5vGrUNCWQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
cf-request-id: 0420e3c7c300001f21222d3200000001
last-modified: Mon, 20 Jul 2020 16:52:25 GMT
server: cloudflare
etag: W/"f34bc8ecdccf9413758eb99bc487c71a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=krmD+Q==, md5=80vI7NzPlBN1jrmbxIfHGg==
x-goog-generation: 1595263945378773
cache-control: public, max-age=1800
x-goog-stored-content-length: 297310
cf-ray: 5b7b3bec69f71f21-FRA
expires: Mon, 20 Jul 2020 23:56:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 65 KB
26 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFVG9B

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b020e15612a28aa06aaf988b7ec8284934abbdf1e8b95ee23fe853bb254e4abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:47 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26461
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jul 2020 05:27:47 GMT

GET
H/1.1 200
OK blank.html Show response
secure.tagged.com/ Frame 55A2 69 B
291 B 203ms
202ms Document
text/html 135.84.35.166
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.tagged.com/blank.html
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 587cdc48d51a7732ad2019d0d9099c3d1c50ecbc25083cb607db301422373df1

Request headers

Host: secure.tagged.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: S=8as5io4kil4rbgi1l9abmmnns0; B=b=AF6A6F503C14FD50&remember_me=; L=3qL7G1O7KgF5.1v6D5h.25NzA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Date: Fri, 24 Jul 2020 05:27:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 63
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 929 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb4911d3c669ad53701bf5223261d8c01d1f435fe7245e6d791f357b070b6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H/1.1 200
OK tag_icon_sprite_v4.1.png
secure-static.tagged.com/im/icons/ 104 KB
104 KB 388ms
200ms Image
image/png 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-static.tagged.com/im/icons/tag_icon_sprite_v4.1.png
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1649d4b9bdc31e9d7f6f96ce093ac3c8b35545192500835c1056cc00cdc45d94

Request headers

Referer: https://secure-static.tagged.com/dyn/css/V/d0wPZKdDO.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Last-Modified: Thu, 23 Jul 2020 20:25:44 GMT
Server: Apache
ETag: "19fbd-5ab21a93196f6"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 106429
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/ 330 KB
130 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 16:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 04:04:52 GMT
server: sffe
age: 305307
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133183
x-xss-protection: 0
expires: Tue, 20 Jul 2021 16:39:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFVG9B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3245
date: Fri, 24 Jul 2020 04:33:42 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 24 Jul 2020 06:33:42 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=179909060&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&ul=en-us&de=UTF-8&dt=Account%20Phished%20-%20Tagged&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=432244209&gjid=1483660949&cid=246163585.1595568468&tid=UA-1982760-1&_gid=1709644903.1595568468&_r=1&gtm=2wg7f0NFVG9B&z=1481743621

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
465 B 761ms
188ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0c8a20d675efc09da6e0792b94eb47a49d0c2373e541e77d6f574317f8bb7b06

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.tagged.com
Date: Fri, 24 Jul 2020 05:27:48 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597bbadc4f7f9dc4b276d21802fbe3c91d69b593ced7f2e5974490915459cbd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "580 / 514 of 1000 / last-modified: 1595542314"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16535
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:47 GMT

GET
H2 200 gallery.js Show response
freestar-io.videoplayerhub.com/ 111 KB
27 KB 50ms
17ms Script
application/javascript 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19233c488a51fe89b394049bb2f6f32aaff5a1a0971cae4b684a3757afb61112

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3772
x-cache: Hit from cloudfront
status: 200
content-encoding: br
content-type: application/javascript
cf-request-id: 0420e3c83a00009abc288e1200000001
last-modified: Thu, 23 Jul 2020 14:23:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _sij6jYePbf56AM2Db_2qvC7xKr3EVK0
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
cf-ray: 5b7b3bed2d7c9abc-FRA
x-amz-cf-id: mp4dYmX8w57TnKxc4g3iyQ_PtGDaQGHxbq6pvbNk-hXmUH7Q8yf3LA==

GET
H2 200 prebid-analytics-3.22.0.js Show response
a.pub.network/core/ 405 KB
114 KB 32ms
31ms Script
text/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b51739707b00a84e01765241550afc02caafa77177348c8c8e40405e0bb366

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUkdhb9tjlUJhH3ZasjqpX1NM7b9Fl_MxH-hHtAMldTQBBl5pMUMOg1WH6rrLt-NFqM1Q5CB4W-cgdW1mRT5Mg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 0420e3c82f00001f21222db200000001
last-modified: Thu, 25 Jun 2020 19:05:23 GMT
server: cloudflare
etag: W/"f053eae5608f1e1fb57531b9a7f84448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=lLoJ9w==, md5=8FPq5WCPHh+1dTG5p/hESA==
x-goog-generation: 1593111923764694
cache-control: private, max-age=86400
x-goog-stored-content-length: 414713
cf-ray: 5b7b3bed1b151f21-FRA
expires: Fri, 23 Jul 2021 23:55:21 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 49 B
489 B 756ms
188ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef52c6d7ef921438fa252b40c6c11a8cd1a661cc96f4c7c84f6037801aa9eebd

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.tagged.com
Date: Fri, 24 Jul 2020 05:27:48 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020071601.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
90 KB 246ms
87ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a92639b8eb1f5bfc907f31827f7d16fe1291aaa13cfea4daa251375d3c2804a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Jul 2020 18:22:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91596
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 org Show response
mrb.upapi.net/ 20 KB
9 KB 43ms
18ms Script
application/javascript 2606:4700:20::681a:81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b823fd8a12003ddf4a9ac3a9de2943050ebcd6985ae14804f3a143a644bcd0e5

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2761
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0420e3c87100006371ed039200000001
server: cloudflare
etag: W/"3e726fd6a173ba1cb72186aeadfaa19e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 5b7b3bed8aae6371-FRA

GET
H2 200 code Show response
mrb.upapi.net/ 703 KB
223 KB 50ms
49ms Script
application/javascript 2606:4700:20::681a:81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mrb.upapi.net/code?w=5695381855797248&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/org?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e85f369f5447c0ed912e8b54224f48150c7cd300d27b4bccb4fb26a871bc2a2

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2755
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0420e3c88e00006371ed03b200000001
server: cloudflare
etag: W/"8c21489caa2a0fc23a01fbe7b16937f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 5b7b3bedbabd6371-FRA

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js

Requested by

Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/u/ymbr2rdFa_cl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11ac6a75389cb6b85736c6c0d016c60ed9232f09c2ef5e2aea1c62cbee0138ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3tEtf4q4pSw0y1iHUy3DaA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "d1f542448f01682a5b1e6cac406ee609"
x-fb-debug: cMQPdpaOcRy0/HSnbix53LbJU8TiLF9Yd1wxd4fb3m84/t3ev02+15vEqinC0vtUTTemhgYgfaG0KOeY5SbWYw==
x-fb-trip-id: 664085054
x-fb-content-md5: e1726d916153c9d515d24bc23a8cc622
x-frame-options: DENY
date: Fri, 24 Jul 2020 05:27:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Jul 2020 05:44:10 GMT

GET
H/1.1 200
OK dropup_triangle.png
secure-static.tagged.com/im/chrome/ 1 KB
2 KB 314ms
192ms Image
image/png 135.84.35.171
TAGGED-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-static.tagged.com/im/chrome/dropup_triangle.png
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 69bfe4c7727e5ae4b1d3985caad51225d832445b6988fb0998770d7c792e1009

Request headers

Referer: https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Last-Modified: Thu, 23 Jul 2020 20:25:39 GMT
Server: Apache
ETag: "4c1-5ab21a8e330d7"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=300
Content-Length: 1217
Expires: Sun, 23 Aug 2020 05:27:48 GMT

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 192 KB
58 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js?hash=534b84d36b47cae6dbdd8661d1cd484d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5bf0dadc649ea5dffdb088c930e098fc3a20b4f585f183c2642534689cf53bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html
Origin: https://secure.tagged.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: h6lRbGPgQi4sGse5hlkguQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58779
etag: "54cef7c59345e611398a5ace8dfcea1a"
x-fb-debug: kr+GaKH8wbF8VAJbPrK3MlprJtVFsVZOPb9PUenPa1IxPkjhDefNeTbojDgLNGYpwwrqMSZdXlti0s726Yg6JA==
x-fb-trip-id: 664085054
x-fb-content-md5: 94ff84a547dc861c0c3b001d72eff059
x-frame-options: DENY
date: Fri, 24 Jul 2020 05:27:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 24 Jul 2021 05:18:30 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
489 B 235ms
75ms Image
image/x-icon 216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3440
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 25 Jul 2020 04:30:28 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
629 B 36ms
14ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8376924290031296
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 360
x-cache: Hit from cloudfront
status: 200
content-type: image/gif
content-length: 43
cf-request-id: 0420e3c8f30000175e1a02d200000001
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5b7b3bee5f4d175e-FRA
x-amz-cf-id: 83F5Uk2xfpYVdOHlTnZZL8Zam4oKODXSWmECvIjJHlsxNSnAteHcTg==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 48ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=123049054388972&input_token&origin=1&redirect_uri=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=534b84d36b47cae6dbdd8661d1cd484d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.tagged.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: FjKqmdx9+taPJiAfii0r/m9aSpKZJteVCYn3dIrDBGJ4Bf9d8EhSWozYDZH3IRGeikytsdE35R4T+pGTJMiiVQ==
fb-s: unknown
status: 200
date: Fri, 24 Jul 2020 05:27:48 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secure.tagged.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 177ms
76ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:19:25 GMT
content-encoding: gzip
server: Server
age: 502
etag: b586b236f6b3db3c4ca9410451195336
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w-GJ6DvRbFpy7M2czuCdVUfP88dsLZ0wgxy7HdBHFs4Bvtn10hf8kw==
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 2 KB
2 KB 555ms
215ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=640desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: c0bb0e426848ea9cc0d1c62f40c0b940f91da55f96f9a6d942b4ef228193b35a

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.tagged.com
Date: Fri, 24 Jul 2020 05:27:48 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 pv Show response
backend.upapi.net/ 0
109 B 354ms
217ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.upapi.net/pv?pid=YV8fDVIr&br=chrome&sid=otbRgsDEMh&w=5695381855797248&cv=20f6c786-v2&r=false&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5695381855797248&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 05:27:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://secure.tagged.com
alt-svc: clear
content-length: 0
via: 1.1 google

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 720 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 181ms
58ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22.0&cb=23114764924
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:48 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://secure.tagged.com
timing-allow-origin: *
vary: Origin

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
427 B 159ms
54ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
cf-ray: 5b7b3bf0c927723f-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0420e3ca790000723f4a25d200000001

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 205ms
71ms XHR
text/plain 54.246.210.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%22Tagged_Sticky_728x90%22%2C%22callback_id%22%3A%22114db87f42eb6b7%22%2C%22sizes%22%3A%5B%5B1%2C1%5D%2C%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222398673139543253080%22%7D%5D&page_url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&bust=1595568468469&pr=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&scrd=1&dnt=false&e=0&description=&title=Account%20Phished%20-%20Tagged&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=279e35a8-f224-4eef-a529-9e756edb90ad&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22640%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.210.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:48 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
834 B 179ms
61ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

35a1bb8fc8ab9c85146c896011d7013c65bf1d71b1a22b1ff9bc3fce55b80a22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid: 9dc3535b-cc9b-4da9-b40c-5e79c1641fd0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
991 B 233ms
134ms XHR
application/json 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=337556&v=7.2&r=%7B%22id%22%3A%2214287d03617137f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2215092813d3afe2d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22161addee7711dcd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221746f700aa05e9e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22640%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 2b4a932e1993b070983bfe3038defe1663e7c10a3a9e60d669b4fc28566bef3d

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 24 Jul 2020 05:27:48 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 166ms
60ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://secure.tagged.com

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
581 B 157ms
52ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.22.0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b0b6b805c8359f76a1ed09e7db6ccba93a93ab6e2838b75c54e5879da9fe7cf4

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://secure.tagged.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
3 KB 277ms
130ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1101098&size_id=2&alt_size_ids=55%2C221&gdpr=0&rp_schain=1.0,1!freestar.io,640,1,,,&rf=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&tk_flint=pbjs_lite_v3.22.0&x_source.tid=503c2308-4765-4401-aace-e7b9c8076517&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.11918019668242663
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ce81e088c59d7f8599b86546461ddeb4868c811ace5c8cc8c14c265ec4d79c90

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1622
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 174 B
563 B 270ms
118ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=503c2308-4765-4401-aace-e7b9c8076517&nocache=1595568468485&gdpr_consent=&gdpr=0&pubcid=279e35a8-f224-4eef-a529-9e756edb90ad&schain=1.0%2C1!freestar.io%2C640%2C1%2C%2C%2C&aus=1x1%2C728x90%2C970x90&divIds=Tagged_Sticky_728x90&auid=540959228
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.190.0 /
Resource Hash: 7818e75c759f3632bf6c8cf30511c5faa7ea10c8d50262c2be9f3e7d619f3aed

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure.tagged.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 172ms
64ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e220313fcdeeef14039a7f8686ce898447566d6854fe754b4cb39bf3b5a30896

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: 4b207bd5-72aa-4be3-921b-4b3df26a3493
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 11ms
9ms Script
application/x-javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
last-modified: Fri, 24-Jul-2020 05:27:48 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Fri, 31 Jul 2020 05:27:48 GMT

GET
H2 200 bxl.js Show response
hbx.media.net/ 23 KB
9 KB 205ms
70ms Script
text/javascript 104.111.214.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.tagged.com&version=&https=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

a7e47dc3b76ff7597c28bf870f8e656e6ce7f7169567416e6eb4962fe9f3c047

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 24 Jul 2020 05:27:48 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=86400
content-length: 8894
x-mnet-hl2: E
expires: Sat, 25 Jul 2020 05:27:48 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 171ms
56ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 25 Jul 2020 05:27:48 GMT

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 21ms
6ms Script
application/x-javascript 2600:9000:2057:a400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:15:57 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
age: 712
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: a34GrBB-ORXfD3zwjLq5Txj1iHcXeyfV7-pfp2vxOPmzS7mbX7L4AA==
via: 1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 1 KB
535 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika

Requested by

Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e64c78fa9e0c2a54c1f9f25bec1b0a20a0077af1b551ac70b6a388d1838eb438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 05:07:00 GMT
server: ESF
date: Fri, 24 Jul 2020 05:27:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 pixel;r=1448470371;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F;fpan=1;fpa=P0-686911459-1595568468555;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;re...
pixel.quantserve.com/ 35 B
372 B 9ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1448470371;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F;fpan=1;fpa=P0-686911459-1595568468555;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=tagged.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1595568468555;tzo=-120;ogl=

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 115 B
502 B 149ms
149ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&pid=WcwKfvRfPyJOs&cb=0&ws=1600x1200&v=7.52.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2FTagged_Sticky_728x90%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 80c776971a06ee00b4a5d8dec4538712721a8593f5591f625b8316fc521a7500

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 126
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: WNrOYO2biidhdl9GOkO4vrvRYyRNDFOlaU-TbcLEpQucyhY7IRc0gw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 139ms
46ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 01:02:17 GMT
content-encoding: gzip
vary: Origin
age: 15932
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Y8nDmoGXYpZb46sU8PFWU5vn-8p0mtBJrre8Z6CaTqiHs3joaQ9J4A==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9...

0
528 B

115ms
56ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1595568468661&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-96ZHBHvG56-qg.js Show response
rules.quantcount.com/ 3 B
348 B 6ms
5ms Script
application/x-javascript 2600:9000:2057:a400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-96ZHBHvG56-qg.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 00:53:30 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:15:51 GMT
server: AmazonS3
age: 16459
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: ZeIgFht9UIDpxmgpKcUjlwYwsoZYW1Z0wzIGrfZiu6-vaVcEycLJdQ==

GET
H2 200 pixel;r=436687227;rf=3;uh=11c1aa60f34d8;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F;fpan=0;fpa=P0-686911459-1595568468555;ns=0;ce=1;qjs=1;qv=35f667c6-202007131114...
pixel.quantserve.com/ 35 B
210 B 7ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=436687227;rf=3;uh=11c1aa60f34d8;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F;fpan=0;fpa=P0-686911459-1595568468555;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=tagged.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1595568468670;tzo=-120;ogl=

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:48 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20Ph...
https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20P...

0
528 B

62ms
61ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1
Requested by: Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.tagged.com%2Fphished.html&c5=&c6=&c15=5af926887c325d474ca21bf3003d5f0826e0c7b4&ns__t=1595568468672&ns_c=UTF-8&cv=3.5&c8=Account%20Phished%20-%20Tagged&c7=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
secure.tagged.com/api/ 252 B
560 B 209ms
208ms XHR
application/json 135.84.35.166
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.tagged.com/api/?application_id=user&format=JSON
Requested by: Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 4b7290cdf7dd811dba251b5c15fb40cfa035902ef205110ffce879dc997495b6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.tagged.com/phished.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=300
Content-Length: 214
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK / Show response
secure.tagged.com/api/ 2 KB
931 B 421ms
212ms XHR
application/json 135.84.35.166
TAGGED-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.tagged.com/api/?application_id=user&format=JSON
Requested by: Host: secure-static.tagged.com
URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.35.166 San Francisco, United States, ASN36080 (TAGGED-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: afd78ac89061a81902479ffc6f93775133cee8e8a184337f41784f82b714e8d7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.tagged.com/phished.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:49 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=300
Content-Length: 585
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A110 0
0 28ms
28ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=mos648yyd5m4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8LqNkAK/iVezi/s/Igxkgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUudGFnZ2VkLmNvbTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=mos648yyd5m4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Jul 2020 05:27:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-8LqNkAK/iVezi/s/Igxkgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10540
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 checksync.php
hbx.media.net/ Frame 5188 0
0 267ms
266ms Document
text/html 104.111.214.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.tagged.com&version=&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C226%2C10000&usp_status=0&usp_consent=1&https=1&gdpr=1&gdprconsent=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Mon, 25 Jan 2021 05:27:48 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2385700689494757000V10; Expires=Sat, 24 Jul 2021 05:27:48 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=28800
expires: Fri, 24 Jul 2020 13:27:48 GMT
date: Fri, 24 Jul 2020 05:27:48 GMT
content-length: 6794

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame A845
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t

0
0

235ms
233ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A5XhcZyd5k0yvF6cFFT7JvE|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: Server
Date: Fri, 24 Jul 2020 05:27:49 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 190
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A5XhcZyd5k0yvF6cFFT7JvE; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 05:27:49 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 05:27:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Fri, 24 Jul 2020 05:27:48 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u_cnv_3lift&dcc=t
Set-Cookie: ad-id=A5XhcZyd5k0yvF6cFFT7JvE|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 05:27:48 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 121ms
121ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1875596183189920&correlator=4259841047892946&output=ldjh&impl=fifs&adsid=NT&eid=21066289%2C21066723%2C21066169&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200724&iu_parts=15184186%2CTagged_Sticky_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fphished.html%26freestar_domain%3Dtagged.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D3108dcaabb2d286%26hb_bidder%3Drubicon&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1595568468&dt=1595568468785&dlt=1595568467060&idt=1331&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1159&adks=3886414793&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&dssz=47&icsg=137482993664&std=2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=246163585.1595568468&ga_sid=1595568469&ga_hid=179909060&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9c9ff969bb9d30fb9a9041c032c1f32ce7d2d97f1defa3390859c7387b2a586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
google-lineitem-id: 5250187171
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138298521775
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secure.tagged.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 63ms
17ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C194 0
0 129ms
128ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82qj1Z_hjykDFkBa2C0kbiDaITF5ahLB-E-1AjFDIk7VJ14qbVFnZtIvIDI4ZuHB0GloOxC-FC-5jqJHoqYYJua_M663WGDzuJQzrpj9EIhY_9TYB4obeL-Af9vHMljYkISQ-8yz0JngD81srchQp1K7ak8Yd48iqIy0qKSzzxx_MXNAozxv7YibqgRRvOAvLZVCfZNKmWTYgBQStF_oMIeU_YLZjJAac4Y_YkhlpiM69cItc8k2ERMmXCETs0MVkYSGkraURXAaPIBDynXI&sai=AMfl-YT3qfQweNoLqNEX657yuOrlcxX6CJQjzLxwVeQoMQiawJoV46MbcQSJvERltCovCXVMqNgiYojkqC7IqxfKGd0jsBPG6T7pFuYq_auk8H2M2P73ZY3tEI9DA46C_ew&sig=Cg0ArKJSzIi3yQ-KmtipEAE&urlfix=1&adurl=

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C194 87 KB
32 KB 59ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ce7bdd8fb8a14800254cf82d4a5b38930f83da7b7e0c0be1063af999d2ef0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32039
x-xss-protection: 0
server: cafe
etag: 12279102002755376539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C194 73 KB
28 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:48 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame D7C3 0
0 67ms
59ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=3sedpy3qrivr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LMDopzJdahRR8M3LAKT+zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=3sedpy3qrivr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Jul 2020 05:27:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-LMDopzJdahRR8M3LAKT+zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C194 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C194 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ Frame C194 221 KB
83 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84800
x-xss-protection: 0
server: cafe
etag: 9296453514141258119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jul 2020 05:27:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/ Frame DE46 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200723/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFIhtnAdaAQdOXL7IqGhk1ZBzLqjIxN0-qGb2myrg_sY7U2kgvmdgQORPF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 23 Jul 2020 04:18:38 GMT
expires: Thu, 06 Aug 2020 04:18:38 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 90551
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C194 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26e57db7e6b8dd0569cc23c8072439a1380ba7f2cc598d02db2bd97c2bcbf011

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 30AA 0
0 305ms
305ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031634&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568469168&bpp=22&bdt=241&idt=63&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=2&ga_vid=246163585.1595568468&ga_sid=1595568469&ga_hid=644696067&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1070&biw=1600&bih=1200&isw=728&ish=90&ifk=2474037241&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=1246338231799639&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vu6dbhv6ulkv&fsb=1&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031634&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568469168&bpp=22&bdt=241&idt=63&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=2&ga_vid=246163585.1595568468&ga_sid=1595568469&ga_hid=644696067&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1070&biw=1600&bih=1200&isw=728&ish=90&ifk=2474037241&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=1246338231799639&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vu6dbhv6ulkv&fsb=1&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFIhtnAdaAQdOXL7IqGhk1ZBzLqjIxN0-qGb2myrg_sY7U2kgvmdgQORPF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jul 2020 05:27:49 GMT
server: cafe
content-length: 19433
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C194 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:49 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C194 0
54 B 89ms
89ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTH1pkXLxe63BSimaxmxMXQU14R3gJbZt80Iekvl_8CJItP3L7F1H77YBuxxYtFpzGp_yxUXmEL7QfuJ_kNlIwpLPU-9YqMqtHaMq6JcZhd6BSPhQBQa-goxd5xgrETAXqzpYORQCYRUvBOMPm9SRAf9-hZBDFNWW5LM80K2nbGZ7UZw2wLOld2n5muNb-8Ktjjp00OYz7EheqQFieZF5WoQGqJe0zfrePR07Z0EI78UqGd1ek1lywR3QrTzsKl1dd5GsCIdoxG7PEp1RqI0c7cg&sai=AMfl-YT5tdzZUT5X7lv-RTxV53fQ6MnaTuA30KQy0P0VuECC_dXwvdDZDdD4aR8PuRM87LGkX-WLoridtjVOZNanWNkhRFgHSNJ0uAW5ZhTG5OlQPrXHwIg9NzRWjV34mbg&sig=Cg0ArKJSzDiMQFeTGBsJEAE&urlfix=1&adurl=

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C194 7 KB
6 KB 36ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71f983dba594ac42725ae0159214d74bb4db9ffeece1aac1a127640c390bbda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C194 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:49 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 4794 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 24 Jul 2020 02:38:02 GMT
expires: Sat, 24 Jul 2021 02:38:02 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10187
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 23ms
22ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020071601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c12ceb7fb6d74a26db567fcca461b5446e47daf403f57a9581243b51963bf73a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:49 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame F852 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 24 Jul 2020 02:38:02 GMT
expires: Sat, 24 Jul 2021 02:38:02 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10187
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C194 0
63 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=1246338231799639&bg=!BQalBh5Y9B0Qyt0Pa5ECAAAASFIAAAAXmQGOMGx_LGppi2S0odeKVcuBs9JWhXZsdEm5qzW_Xp3zJRqmd85lcOYtdHiHn_S1Gk1GSpYZQnIJl8StvyH45S2cbh3JAta5xAPe9C023SbRITEVHiYbsb6iLqpLx_4b7TdiTfrPpjpIMpaOw6Y6wUjgEN8SGc8LcBuiGNY-uhD-IAhaEW2VKP4UumUdGqpesn_g9us7d4tvMMLyDWpc9Y4E59IWD7R8qWhFedCgi1B-20DNk9-qj8KugdIJbg-IeHSzMxGvpstYuBr1XDaL78vslUPVhpHsS45Qn9I1Pg4hN3BwrBw13VpQAZu4DHLhwLO8lERAU9dYanXBybOxyMcaBdhiPgzsIDguqE7otV9DXZyktm0MdIe0MC8CgoOsMmsV9fX9n02sZzkUcz5Cz4HuhFYzL4xZ8hSbIWP3FBekLLhuBjTTfCEX98NgrxvK02ftJc1Ro1SEnMrDEKQOqmxCb5FutXKHcqNO3fRKBkuTg80q09D_d1Mw2mYHwWYvAUwT6uWkVtVcdVcIQ4uEWVE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020071601&jk=1875596183189920&bg=!X1ylXERYAuOtT4XxSPQCAAAAR1IAAAANmQGIwM7P2WS09ugXkSH19zcfwJ6uHgmVTopkwfSdDvPY9B0rLLm1Kj85AdU4pU41pAaxAe5VqI2X1l-2YlC32gDLLMlAhfUAtYJtSuzW2Wuc7K4SK5OKpYp4QyyRBICV3RFRO-cUdcGU1baAXckH5XpVPLUeXXbR6atAacm7VRU50wBRQPL8exhQiFmpAiayAoLnA5H1jhTebxHNFAz1ew9fIDv_tRe0xfuUJ2A1WFdGTjLBUO2gN-UkQQcKfcrHMBVUzwHXRCWi2ew2dgdm3KNqdN-UJAPOUnDF8XnsFrO7ApDieFMyE05nZ-s9G5X5TXrJR1KFe17pvuqYYU-RymnJwH5kXVK5u1-NSmlrkdcHkvz5fUmgjvjas409AJcWa_OGXKxmlbhemSd_yCXgCXm9Z2drvQwEMl7h4AWMGvjQ_0yZGz3Ks8OcBlZKl5Yxck6ESSK4PgfiTtO45of0mLaVhcmj4ON94LMVVvYbMD_5DErSMEouPJtrXV04s9vFLL6sIYJluv3km5o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 105 B
493 B 213ms
212ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&pid=WcwKfvRfPyJOs&cb=1&ws=1600x1200&v=7.52.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F15184186%2FTagged_970x90_728x90_320x100_300x250_320x50_top%22%7D%5D&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 7b2906d8fcb9dc06d29595ecdedb879e1ae15a9293a8805771bc1958cf468784

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 117
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: grwtJL8hxQgUw3Eb5CCj6dPHXMEQhFg6ZDMIodA281MClnm7EaNn8w==

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 79ms
79ms XHR
text/plain 54.246.210.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%22Tagged_970x90_728x90_320x100_300x250_320x50_top%22%2C%22callback_id%22%3A%22378cfa7b70733ea%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%2C%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222398673139543253080%22%7D%5D&page_url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&bust=1595568469931&pr=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&scrd=1&dnt=false&e=0&description=&title=(7)%20Account%20Phished%20-%20Tagged&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=279e35a8-f224-4eef-a529-9e756edb90ad&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22640%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.210.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:49 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
191 B 59ms
59ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Jul 2020 05:27:49 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://secure.tagged.com
access-control-allow-credentials: true
cf-ray: 5b7b3bf94b15723f-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 0420e3cfd00000723f4a26a200000001

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 65ms
65ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

da8624fbc3ee5dcb1d447c7a22bedc69fcf31f47ecc8410b1107b88461d9a555

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:51 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: 9d651659-a287-4a68-acb3-afca4c1c791d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
581 B 59ms
58ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.22.0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e8aed06026fb7dfc5d4196e8d6b26c0437248dcfcebf682beee03cccaef09e6

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 24 Jul 2020 05:27:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://secure.tagged.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
988 B 54ms
54ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

46f15639810a1249a27f462c7d04489dcb7e2493d9bffcbccc21e6223446b9d7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:51 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: e9ac5204-fc5c-4a7f-8f2e-9b86882be313
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 200ms
70ms XHR
text/plain 3.127.95.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=iPdrUBUGYPkm5Kn2WygXeWhW&bidId=48c6db9fd4012ad&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.22.0&strVersion=3.2.1&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22640%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.95.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://secure.tagged.com
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 59ms
59ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22.0&cb=27934786393
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:49 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://secure.tagged.com
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 112ms
112ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://secure.tagged.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
1 KB 112ms
112ms XHR
application/json 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=337556&v=7.2&r=%7B%22id%22%3A%2255a2cbe57a5901%22%2C%22imp%22%3A%5B%7B%22id%22%3A%225618512487f01ce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22570d079b6f3a0fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2258e9533784fe1a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22337556%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22640%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 66fa7f55b9eb669c7eae4b8015d5a81fcb4c57f10bdf3e8ec7f3e337151f13b3

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 24 Jul 2020 05:27:50 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 157ms
156ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1101098&size_id=2&alt_size_ids=1%2C55&gdpr=0&rp_schain=1.0,1!freestar.io,640,1,,,&rf=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&tk_flint=pbjs_lite_v3.22.0&x_source.tid=3adc65de-d216-411c-af26-18f30333f84f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9733558094344561
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 53c198f4a7509d76f7f0aa567aca9c3248a00327b0deea714e53e29e11735380

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 05:27:50 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://secure.tagged.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 174 B
357 B 141ms
140ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=3adc65de-d216-411c-af26-18f30333f84f&nocache=1595568469944&gdpr_consent=&gdpr=0&pubcid=279e35a8-f224-4eef-a529-9e756edb90ad&schain=1.0%2C1!freestar.io%2C640%2C1%2C%2C%2C&aus=468x60%2C728x90%2C970x90&divIds=Tagged_970x90_728x90_320x100_300x250_320x50_top&auid=540959228
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.190.0 /
Resource Hash: d4e5e6ed51029f4831edb2fb2d4b259d21d8e2f6cc613df55714077db861f7e6

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://secure.tagged.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 56ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 10:37:51 GMT
server: nginx
etag: W/"5efc677f-12154"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 25 Jul 2020 05:27:50 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 72 KB
22 KB 58ms
28ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 10:37:51 GMT
server: nginx
etag: W/"5efc677f-12154"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 25 Jul 2020 05:27:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 115ms
115ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1875596183189920&correlator=4259841047892946&output=ldjh&impl=fifs&adsid=NT&eid=21066289%2C21066723%2C21066169&vrg=2020071601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200724&iu_parts=15184186%2CTagged_970x90_728x90_320x100_300x250_320x50_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C468x60&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D02631a72b18d4852-2251706a9eb600b8%3AT%3D1595568468%3AS%3DALNI_MZcb7M_bXa83LyIXgJqDRsVP9BQPA&bc=31&abxe=1&lmt=1595568470&dt=1595568470147&dlt=1595568467060&idt=1331&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=52&adks=461328952&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&dssz=49&icsg=137482993664&std=2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100&msz=1600x90&psts=AGkb-H_qpBIBIUKOCxN5VGG-oNs4jsuH6wBtTCP_7Gj4HfvGGcAEQZ4p_sin7Jrt1-AxCc4RONM-_BFnZpIM5sVMkdc&ga_vid=246163585.1595568468&ga_sid=1595568469&ga_hid=179909060&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be409a6700169ebb521599c6becf623fabbce39640aa5ad5e9adbcef43a0abb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2552
x-xss-protection: 0
google-lineitem-id: 5250187171
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138298175447
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://secure.tagged.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubfig.messaging.2.1.2.js Show response
a.pub.network/core/ 196 KB
51 KB 28ms
28ms Script
text/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/tagged-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: br
cf-cache-status: HIT
x-guploader-uploadid: AAANsUlKD6NA7cwQwdXHCXLD1XjGHH3iFGFxoIJnTe89v__SRrvFAsVV94gKifBeQoiNZRyV2EriVjavhwtcAFEM3Q
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 0420e3d0d000001f212234b200000001
last-modified: Thu, 21 May 2020 18:48:40 GMT
server: cloudflare
etag: W/"a191b1edb3810d2c6bbd73bfed144567"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ZRmSfw==, md5=oZGx7bOBDSxrvXO/7RRFZw==
x-goog-generation: 1590086920350282
cache-control: private, max-age=1800
x-goog-stored-content-length: 200438
cf-ray: 5b7b3bfae9321f21-FRA
expires: Tue, 20 Jul 2021 23:55:16 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAC1 0
0 90ms
89ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgp2KuuChm_2rIVll37I20VGT_rWsrk8YG3v5XTyo2IhGsunBF35Ibl1cAGGIZyPObs4qcbEuUn0C3QDnbbWPLIXiXgXKZQ913HIwMIqNyIe4bxo_z7aFpax8TblgsQGpzA2F4zFGrbF5HPUTUcUmrmW4Wnb8uxWSYY6FVSkacIKsPgl-teX9qqfbIyva5LvszMEzN2CaKtA88cOyIEvG4O7H3eRESynad4d22Xtug7DLkde5VVBt2QCLUpg97tiBEYfY_ysc1aCypIpWOX-JzwnAVG1t5i5AN5ZZtDq8HD7N1G3Ce6yLnOzQ&sig=Cg0ArKJSzGzVuY_SEZo-EAE&urlfix=1&adurl=

Requested by

Host: secure.tagged.com
URL: https://secure.tagged.com/phished.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FAC1 87 KB
31 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ce7bdd8fb8a14800254cf82d4a5b38930f83da7b7e0c0be1063af999d2ef0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32039
x-xss-protection: 0
server: cafe
etag: 12279102002755376539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jul 2020 05:27:50 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAC1 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:50 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
337 B 739ms
186ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ac972007c876c893d967a15fea3aa69f4b5b8d9a4a89ad1dcff5c1004f9a1e6a

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://secure.tagged.com
Date: Fri, 24 Jul 2020 05:27:50 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FAC1 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FAC1 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secure.tagged.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ Frame FAC1 221 KB
83 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84800
x-xss-protection: 0
server: cafe
etag: 9296453514141258119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jul 2020 05:27:50 GMT

GET
DATA 200
OK truncated
/ Frame FAC1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97cb520d8f169dc2b23401a0601831ff41484e8d3ba6ba4bf25236ac85baf802

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 59FC 0
0 278ms
277ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031645&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568470308&bpp=4&bdt=38&idt=104&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=1&ga_vid=246163585.1595568468&ga_sid=1595568470&ga_hid=779996887&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=52&biw=1600&bih=1200&isw=728&ish=90&ifk=730374371&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=3419431418424742&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yesqw4tnzece&fsb=1&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7002122219915745&output=html&h=90&slotname=Freestar_Tagged_GDPR_728x90&adk=3812160886&adf=816031645&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.tagged.com%2Fphished.html%23home%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595568470308&bpp=4&bdt=38&idt=104&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=4585242906094&frm=23&ife=4&pv=1&ga_vid=246163585.1595568468&ga_sid=1595568470&ga_hid=779996887&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=52&biw=1600&bih=1200&isw=728&ish=90&ifk=730374371&scr_x=0&scr_y=0&eid=42530558%2C42530560&oid=3&pvsid=3419431418424742&pem=124&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yesqw4tnzece&fsb=1&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmFIhtnAdaAQdOXL7IqGhk1ZBzLqjIxN0-qGb2myrg_sY7U2kgvmdgQORPF; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jul 2020 05:27:50 GMT
server: cafe
content-length: 20816
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAC1 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:50 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C194 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZElOg0udDAh2Nne-YkjSX7xXrmYrtZFrzp0tbeKa213L3v_j-HQ9DliTy9a9tSdID2Rr5mODVoVDszOl9hihq_x-YuxVzo858r4iYK2k&sig=Cg0ArKJSzG9bz1TjXQ2qEAE&adk=3886414793&tt=-1&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=1070,436,1160,1164&mcvt=1027&rs=3&ht=0&tfs=437&tls=1464&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595568468932&dlt&rpt=278&isd=0&msd=0&ext&xdi=0&ps=1600%2C501&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-6-10-10-0-0-0&tvt=1460&is=728%2C90&iframe_loc=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAC1 0
54 B 89ms
89ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaZRKPHP145OoYW0UlI3R9kyBvUB8xgAGiIiMIzjnDQ1ClERtIzW9fdhGkwp5dLqFdPCwZ9_wEWPUZfswIdGxJFQCYzFA29Djkts1zalRSRr0kV48m0LE5f1Pr_ql7DwHgLFirtrOsoW8TRakYWgaj24QunVmJ0i8n_rH5zi9pWYDY9hLfV7dhpax5GJUXMXQaid0Na6DulzXRGoDfV_GAaFZPdPSP8u2j9SDEap2VkKwgNjAw4E-PyjHL0byuqQdMOlhs34npcR16StrML2PeZXgfArunGqUfEq3NAim3dyOEAzQM8mI8TsOhnQ&sig=Cg0ArKJSzI8LsPTfEOSdEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FAC1 7 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7ff34a8f08f8ea00f876d197b21face05d9c65b3ae548c4b8ed9ce2c39748d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5592
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FAC1 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 05:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 24 Jul 2020 05:27:50 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
337 B 414ms
175ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig.messaging.2.1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ac972007c876c893d967a15fea3aa69f4b5b8d9a4a89ad1dcff5c1004f9a1e6a

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://secure.tagged.com
Date: Fri, 24 Jul 2020 05:27:51 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0B64 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 24 Jul 2020 02:38:02 GMT
expires: Sat, 24 Jul 2021 02:38:02 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10188
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAC1 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=3419431418424742&bg=!w8ClwNhYGZwucLbTy9ACAAAAQFIAAAAMmQGObbZzx0wc87yxcAXRVIkYvrKy7JGr_aUeUzflt0An1q5Y_Miq3nl4XksH-s6VWbBvF-WoZEJoyndikw5aqlfqqlgA-yxJXHA1MrBnTkl1aF1TvKNRfq2pfs1n8Ts0QFxhOMy_quTVWyVI5tTnin_mZf-1ht8ljInaquweHya3k5WYfBZ4jNod2W9kV6cyY2IjTkHQX-YlWUTBeUoW8kij-D9XHX_IzbpsL7pG9eO-p6ahHSp00PgXqJtJhCx9DSNVsqSiPTxDSEXP0UpxdwXmrTlJ39oKZk6NoHdXqi8TG1yptkqLaLXnMzD-B9bV25C9AIDshgeSK7-Xpu_oat0kds7l2DwLiXNkupHgBcd6eaKz6rVy2btqKk2jRD2m_O1zqTIs7xCbDCLnFr4f7IVrD6n2c56L2cSaVKLZNdsb2eenT2xpKeCFnLI87H03seS3t_QZPlIVDr5lamp5o0fMooDahTuoIM_-o3NJvi-OCqGaPDWPbtxnoBvSkpvqxeB-8k8aFlQs0Gr3RvDlZKE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FAC1 42 B
107 B 14ms
14ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv03HfU421_XUvc2CqUxKj1x6GczZ9ahyHYFB0IXjxMVY_51HOS9cHItuZZ8J4xEKvyaE4sWkwxy9astY6hzpDZj8ucN364ULOW_NbPGxQ&sig=Cg0ArKJSzE3gbi_Dz1X9EAE&adk=461328952&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=52,436,142,1164&mcvt=1008&rs=3&ht=0&tfs=469&tls=1477&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595568470273&dlt&rpt=43&isd=0&msd=0&ext&xdi=0&ps=1600%2C501&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-2-10-10-0-0-0&tvt=1476&is=728%2C90&iframe_loc=https%3A%2F%2Fsecure.tagged.com%2Fphished.html&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.tagged.com/phished.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 05:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame FDCD
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0

0
0

87ms
86ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=5dbd341f-d9bf-0d41-31a1-889feb7e63fb|1595568474
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=5dbd341f-d9bf-0d41-31a1-889feb7e63fb|1595568474; Version=1; Expires=Sat, 24-Jul-2021 05:27:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1595568474|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 08-Aug-2020 05:27:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 24 Jul 2020 05:27:54 GMT
content-type: text/html
content-length: 548
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=5dbd341f-d9bf-0d41-31a1-889feb7e63fb|1595568474; Version=1; Expires=Sat, 24-Jul-2021 05:27:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
date: Fri, 24 Jul 2020 05:27:54 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 32B0 0
0 188ms
82ms Document
text/html 104.111.215.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=32328
Expires: Fri, 24 Jul 2020 14:26:42 GMT
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 6650 0
0 75ms
74ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:54 GMT
set-cookie: __cfduid=dfb1fb7e2ba7d5f761d8869139cf8002f1595568474; expires=Sun, 23-Aug-20 05:27:54 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0420e3e2bc0000723f4a29a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5b7b3c1798e9723f-AMS

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 1C35 0
0 158ms
53ms Document
text/html 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 5739 0
0 154ms
51ms Document
text/html 2.21.37.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.92 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "e20015-112-55254ff6a1972"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 0210 0
0 67ms
67ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 204
date: Fri, 24 Jul 2020 05:27:54 GMT
set-cookie: __cfduid=dfb1fb7e2ba7d5f761d8869139cf8002f1595568474; expires=Sun, 23-Aug-20 05:27:54 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0420e3e2c40000723f4a29b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5b7b3c17a8ed723f-AMS

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 2FE4 0
0 179ms
57ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 22 Jul 2020 18:23:15 GMT
Content-Encoding: gzip
Content-Length: 9298
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=80622
Expires: Sat, 25 Jul 2020 03:51:36 GMT
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 0EEA
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0

0
0

88ms
88ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.tagged.com/phished.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=d2e1646e-edca-0efb-381c-cbe7964d9740|1595568474
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=d2e1646e-edca-0efb-381c-cbe7964d9740|1595568474; Version=1; Expires=Sat, 24-Jul-2021 05:27:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1595568474|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 08-Aug-2020 05:27:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 24 Jul 2020 05:27:54 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=d2e1646e-edca-0efb-381c-cbe7964d9740|1595568474; Version=1; Expires=Sat, 24-Jul-2021 05:27:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
date: Fri, 24 Jul 2020 05:27:54 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 58CC 0
0 207ms
91ms Document
text/html 104.111.215.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=32328
Expires: Fri, 24 Jul 2020 14:26:42 GMT
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 212A 0
0 155ms
50ms Document
text/html 104.111.215.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.51 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 24 Jul 2021 05:27:54 GMT
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame BC8C 0
0 155ms
51ms Document
text/html 104.111.215.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.22.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.51 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.tagged.com/phished.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.tagged.com/phished.html

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 24 Jul 2021 05:27:54 GMT
Date: Fri, 24 Jul 2020 05:27:54 GMT
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tagged.com/	1970-01-20 04:44:00	Name: __gads Value: ID=02631a72b18d4852-2251706a9eb600b8:T=1595568468:S=ALNI_MZcb7M_bXa83LyIXgJqDRsVP9BQPA
.amazon-adsystem.com/	1970-01-21 08:41:36	Name: ad-privacy Value: 0
secure.tagged.com/	1970-01-19 11:56:00	Name: _fsloc Value: ?i=PL&c=Warsaw
secure.tagged.com/	1970-01-19 11:12:50	Name: _fssid Value: 39454200-5080-4239-bca7-73ec227ad47a
secure.tagged.com/	1969-12-31 23:59:59	Name: fsbotchecked Value: true
secure.tagged.com/	1970-01-19 11:12:50	Name: fssts Value: false
.tagged.com/	1970-01-19 20:37:17	Name: __qca Value: P0-686911459-1595568468555
.amazon-adsystem.com/	1970-01-19 17:14:14	Name: ad-id Value: A5XhcZyd5k0yvF6cFFT7JvE
.media.net/	1970-01-19 15:39:12	Name: gdpr_status Value: 1
.secure.tagged.com/	1970-01-19 11:12:48	Name: _gat_UA-1982760-1 Value: 1
.tagged.com/	1970-01-23 02:48:48	Name: B Value: b=AF6A6F503C14FD50&remember_me=
.secure.tagged.com/	1970-01-19 11:14:14	Name: _gid Value: GA1.3.1709644903.1595568468
.doubleclick.net/	1970-01-19 11:12:52	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:34:24	Name: IDE Value: AHWqTUmFIhtnAdaAQdOXL7IqGhk1ZBzLqjIxN0-qGb2myrg_sY7U2kgvmdgQORPF
.tagged.com/	1969-12-31 23:59:59	Name: S Value: 8as5io4kil4rbgi1l9abmmnns0
.secure.tagged.com/	1970-01-20 04:44:00	Name: _ga Value: GA1.3.246163585.1595568468
.media.net/	1970-01-19 19:58:24	Name: visitor-id Value: 2385700689494757000V10
secure.tagged.com/	1970-01-26 18:24:48	Name: _fsuid Value: d8b87c25-5c1f-4819-a65f-205fb56f1687
.tagged.com/	1969-12-31 23:59:59	Name: L Value: 3qL7G1O7KgF5.1v6D5h.25NzA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	info	URL: https://a.pub.network/tagged-com/pubfig.min.js(Line 1) Message: %cPubfig background: #00C389; color: #fff; border-radius: 3px; padding: 3px pubfig.messaging.js - Init ========== LOADING MESSAGING ==========

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a683776f3df79d980cc49c4138246f74.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
as-sec.casalemedia.com
backend.upapi.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.districtm.io
connect.facebook.net
d.pub.network
dmx.districtm.io
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
js-sec.indexww.com
mrb.upapi.net
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
secure-static.tagged.com
secure.quantserve.com
secure.tagged.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tagged.com
www.taggedmail.com
104.111.214.39
104.111.215.51
104.111.215.68
104.111.230.142
104.111.238.139
104.16.190.66
130.211.23.194
135.84.35.166
135.84.35.171
178.250.2.131
185.33.221.87
185.64.189.112
2.21.37.92
216.58.205.230
216.58.212.162
2600:9000:2057:a400:6:44e3:f8c0:93a1
2606:4700:20::681a:246
2606:4700:20::681a:81b
2606:4700:20::681a:8b
2606:4700:20::681a:932
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:816::2001
2a00:1450:4001:816::2008
2a00:1450:4001:817::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::200a
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.95.92
35.188.71.214
35.226.36.58
35.244.159.8
52.95.124.170
54.246.210.224
69.173.144.141
72.251.249.9
99.86.0.120
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c8a20d675efc09da6e0792b94eb47a49d0c2373e541e77d6f574317f8bb7b06
11ac6a75389cb6b85736c6c0d016c60ed9232f09c2ef5e2aea1c62cbee0138ff
1649d4b9bdc31e9d7f6f96ce093ac3c8b35545192500835c1056cc00cdc45d94
17f11260e32fe25cb8c572482f049be5901fb39f26fdacfeca588c8e8f5e3c25
187f239be41d541c6f3d1281845ea641c9a813b679aeb9853da05870c2c8730d
19233c488a51fe89b394049bb2f6f32aaff5a1a0971cae4b684a3757afb61112
26e57db7e6b8dd0569cc23c8072439a1380ba7f2cc598d02db2bd97c2bcbf011
2899bfd42faca1e75293701c0b599f5b41fb69a7d31ce540d9a6fe92cfa17e9e
2b4a932e1993b070983bfe3038defe1663e7c10a3a9e60d669b4fc28566bef3d
30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280
35a1bb8fc8ab9c85146c896011d7013c65bf1d71b1a22b1ff9bc3fce55b80a22
35ca40cd00ec12c376791e23fe8e95b1bff7fcb786bcc1d23bfa524d022b95cb
4301485ff544ef56e036a960e7735150c29c6249ec971486b5c401506b4efa3c
46f15639810a1249a27f462c7d04489dcb7e2493d9bffcbccc21e6223446b9d7
493eb651929532632f6fedad9155baa3e72d811d370a92d233b32665d9333b9a
4b7290cdf7dd811dba251b5c15fb40cfa035902ef205110ffce879dc997495b6
53c198f4a7509d76f7f0aa567aca9c3248a00327b0deea714e53e29e11735380
587cdc48d51a7732ad2019d0d9099c3d1c50ecbc25083cb607db301422373df1
597bbadc4f7f9dc4b276d21802fbe3c91d69b593ced7f2e5974490915459cbd3
5c51ca8caec5815d423c6da7e2350081a3468d64325c650ae3d32dbcf49fd4d7
5e8aed06026fb7dfc5d4196e8d6b26c0437248dcfcebf682beee03cccaef09e6
61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926
66fa7f55b9eb669c7eae4b8015d5a81fcb4c57f10bdf3e8ec7f3e337151f13b3
6883ce59605b04b6c6782ba17cb02dae671c9228e429ced6c1ab1171a38e12a1
69bfe4c7727e5ae4b1d3985caad51225d832445b6988fb0998770d7c792e1009
6e85f369f5447c0ed912e8b54224f48150c7cd300d27b4bccb4fb26a871bc2a2
71f983dba594ac42725ae0159214d74bb4db9ffeece1aac1a127640c390bbda8
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
7818e75c759f3632bf6c8cf30511c5faa7ea10c8d50262c2be9f3e7d619f3aed
78bce966a34a7d059566d15ab371236a97b12daa31b93869433a830cdfebc6b3
7b2906d8fcb9dc06d29595ecdedb879e1ae15a9293a8805771bc1958cf468784
7eef757b4075316d57944a1e25b9d9e64725f16a61479ebd3fd75918c17c44ae
80c776971a06ee00b4a5d8dec4538712721a8593f5591f625b8316fc521a7500
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8
88b51739707b00a84e01765241550afc02caafa77177348c8c8e40405e0bb366
8ce7bdd8fb8a14800254cf82d4a5b38930f83da7b7e0c0be1063af999d2ef0d5
97cb520d8f169dc2b23401a0601831ff41484e8d3ba6ba4bf25236ac85baf802
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7e47dc3b76ff7597c28bf870f8e656e6ce7f7169567416e6eb4962fe9f3c047
a92639b8eb1f5bfc907f31827f7d16fe1291aaa13cfea4daa251375d3c2804a4
a9c9ff969bb9d30fb9a9041c032c1f32ce7d2d97f1defa3390859c7387b2a586
ac972007c876c893d967a15fea3aa69f4b5b8d9a4a89ad1dcff5c1004f9a1e6a
afd78ac89061a81902479ffc6f93775133cee8e8a184337f41784f82b714e8d7
b020e15612a28aa06aaf988b7ec8284934abbdf1e8b95ee23fe853bb254e4abd
b0b6b805c8359f76a1ed09e7db6ccba93a93ab6e2838b75c54e5879da9fe7cf4
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b823fd8a12003ddf4a9ac3a9de2943050ebcd6985ae14804f3a143a644bcd0e5
b95cabafcf9ef68db4877eaa8dd3672c8d0ecb1cded2fa380f0f594f5ebafbf4
be409a6700169ebb521599c6becf623fabbce39640aa5ad5e9adbcef43a0abb6
c0bb0e426848ea9cc0d1c62f40c0b940f91da55f96f9a6d942b4ef228193b35a
c12ceb7fb6d74a26db567fcca461b5446e47daf403f57a9581243b51963bf73a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb6377affa885057ccdc52bfea351359866c203e4d14c69fd531aacee9fae42
ce81e088c59d7f8599b86546461ddeb4868c811ace5c8cc8c14c265ec4d79c90
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d37bf9276b80ea3631ee24ace6e559c3e9dd482f3c7a168a43c8c86bb16b333c
d4e5e6ed51029f4831edb2fb2d4b259d21d8e2f6cc613df55714077db861f7e6
d7bb4911d3c669ad53701bf5223261d8c01d1f435fe7245e6d791f357b070b6f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8624fbc3ee5dcb1d447c7a22bedc69fcf31f47ecc8410b1107b88461d9a555
e220313fcdeeef14039a7f8686ce898447566d6854fe754b4cb39bf3b5a30896
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bf0dadc649ea5dffdb088c930e098fc3a20b4f585f183c2642534689cf53bd
e64c78fa9e0c2a54c1f9f25bec1b0a20a0077af1b551ac70b6a388d1838eb438
e85be082883035d0bd23d3b6f8677291b3ae0222692d3e6109309bc30c41074e
ea55489a5a88e01c3b3c70777df6747d0b7b415717721f6ba59ed87cf487bd80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef52c6d7ef921438fa252b40c6c11a8cd1a661cc96f4c7c84f6037801aa9eebd
efe5376f6eba8ac2fe298720db0b8323f8eae62a798ca0809325663fbcf0084d
f0a194b382cc100fe913fb166c5916d56343186ae287395e24e182f1e6f27050
f7ff34a8f08f8ea00f876d197b21face05d9c65b3ae548c4b8ed9ce2c39748d1
fa3d7a81033aa528fcb9e450d51011de199b00b03693595d186eb78191653fd4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

secure.tagged.com Open in urlscan Pro 135.84.35.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

43 %IPv6

34 Domains

52 Subdomains

43 IPs

6 Countries

1686 kBTransfer

4858 kBSize

19 Cookies

32 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.tagged.com Open in urlscan Pro
135.84.35.166 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

43 %
IPv6

34
Domains

52
Subdomains

43
IPs

6
Countries

1686 kB
Transfer

4858 kB
Size

19
Cookies

136 HTTP transactions
5 data transactions