www.regaindermayouth.icu Open in urlscan Pro
2606:4700:30::6812:24ae Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.regaindermayouth.icu/
Submission: On December 23 via manual (December 23rd 2018, 4:00:11 am UTC) from US

Summary HTTP 306 Redirects Links 261 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 41 domains to perform 306 HTTP transactions. The main IP is 2606:4700:30::6812:24ae, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.regaindermayouth.icu.

This is the only time www.regaindermayouth.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:30:... 2606:4700:30::6812:24ae	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
69	104.111.246.186 104.111.246.186	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	165.227.149.5 165.227.149.5	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
11	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.79.251.129 178.79.251.129	22822 (LLNW) (LLNW - Limelight Networks)
3	2a02:26f0:64:... 2a02:26f0:64:490::3393	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
26	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS - CacheNetworks)
3	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
1 2	195.8.215.136 195.8.215.136	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	64.58.116.132 64.58.116.132	7979 (SERVERS) (SERVERS - Servers.com)
2 9	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.45.98.199 23.45.98.199	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	95.216.24.150 95.216.24.150	24940 (HETZNER-AS) (HETZNER-AS)
2	64.58.116.134 64.58.116.134	7979 (SERVERS) (SERVERS - Servers.com)
2	2a00:1450:400... 2a00:1450:4001:821::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.45.107.135 23.45.107.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.69.212.202 54.69.212.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	64.58.116.144 64.58.116.144	7979 (SERVERS) (SERVERS - Servers.com)
1	88.212.201.79 88.212.201.79	39134 (UNITEDNET) (UNITEDNET)
1 2	52.16.68.29 52.16.68.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	18.153.11.14 18.153.11.14	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
4	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
8	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3	185.33.223.218 185.33.223.218	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
19	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	185.33.223.221 185.33.223.221	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	2.16.186.67 2.16.186.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
23	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	199.16.156.201 199.16.156.201	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4 8	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	104.94.183.192 104.94.183.192	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
306	55

2 2606:4700:30::6812:24ae (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.regaindermayouth.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 104.111.246.186 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-246-186.deploy.static.akamaitechnologies.com

www.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.in.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.227.149.5 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbpassback.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.251.129 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-251-129.lcy.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64:490::3393 (European Union)

ASN20940 (AKAMAI-ASN1, US)

static.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.firstpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.62.140.165 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.51 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US)
PTR: vip1.G-anycast1.cachefly.net

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:9997::9997 (Austria)

ASN199524 (GCORE, AT)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgg-cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.8.215.136 (France) 1 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com

www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.132 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:824::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.98.199 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-98-199.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.24.150 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.116.134 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

inapi.posst.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.107.135 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-107-135.deploy.static.akamaitechnologies.com

aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.212.202 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-212-202.us-west-2.compute.amazonaws.com

usa.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.144 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.79 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: 79-201-212-88.host.exepto.ru

cm.marketgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.68.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-68-29.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.14 (Cambridge, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-14.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

rtbdemand-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.218 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.221 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.67 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-67.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.16.156.201 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.241.240.143 (New York, United States) 4 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.94.183.192 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-94-183-192.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	firstpost.com www.firstpost.com images.firstpost.com static.firstpost.com	628 KB
37	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	825 KB
36	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	127 KB
25	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	846 KB
12	openx.net 4 redirects rtbdemand-d.openx.net eu-u.openx.net	5 KB
12	googletagservices.com www.googletagservices.com	127 KB
11	google.de adservice.google.de www.google.de	2 KB
10	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	70 KB
9	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	9 KB
8	mgid.com jsc.mgid.com servicer.mgid.com cdn.mgid.com imgg-cdn.mgid.com cm.mgid.com	132 KB
8	google.com 1 redirects www.google.com adservice.google.com	1 KB
7	adnxs.com ib.adnxs.com acdn.adnxs.com Failed	9 KB
7	onthe.io cdn.onthe.io tt.onthe.io	41 KB
4	gstatic.com fonts.gstatic.com	56 KB
4	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
4	andbeyond.media rtbcdn.andbeyond.media rtbpassback.andbeyond.media	58 KB
3	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com Failed	654 B
3	media.net contextual.media.net prebid.media.net Failed	91 KB
2	akamaihd.net qsearch-a.akamaihd.net	638 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	posst.co inapi.posst.co	319 B
2	aaxads.com c.aaxads.com l.aaxads.com	86 KB
2	facebook.com www.facebook.com	101 B
2	dailymotion.com 1 redirects www.dailymotion.com	926 B
2	adpushup.com cdn.adpushup.com e3.adpushup.com	189 KB
2	facebook.net connect.facebook.net	58 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	regaindermayouth.icu www.regaindermayouth.icu	57 KB
1	smartadserver.com rtb-csync.smartadserver.com	610 B
1	marketgid.com cm.marketgid.com	274 B
1	steepto.com cm.steepto.com	272 B
1	netacuity.com usa.cloud.netacuity.com	559 B
1	aaxdetect.com aaxdetect.com
1	cloudflare.com cdnjs.cloudflare.com	10 KB
1	googleapis.com fonts.googleapis.com	567 B
1	googleadservices.com www.googleadservices.com	10 KB
1	dmcdn.net api.dmcdn.net	9 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
1	in.com s.in.com	2 KB
0	casalemedia.com Failed as.casalemedia.com Failed
306	41

	Domain	Requested by
63	images.firstpost.com	www.regaindermayouth.icu
34	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
26	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.regaindermayouth.icu
22	pbs.twimg.com
12	www.googletagservices.com	www.regaindermayouth.icu securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	2 redirects www.googleadservices.com pagead2.googlesyndication.com
9	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
8	eu-u.openx.net	4 redirects rtbpassback.andbeyond.media
8	platform.twitter.com	www.regaindermayouth.icu platform.twitter.com
8	fastlane.rubiconproject.com	rtbpassback.andbeyond.media
7	ib.adnxs.com	rtbpassback.andbeyond.media
6	adservice.google.com	pagead2.googlesyndication.com
6	tt.onthe.io	cdn.onthe.io
6	www.firstpost.com	www.regaindermayouth.icu
4	rtbdemand-d.openx.net	rtbpassback.andbeyond.media
4	fonts.gstatic.com	jsc.mgid.com images.firstpost.com
4	b.scorecardresearch.com	1 redirects www.regaindermayouth.icu
3	hbopenbid.pubmatic.com	rtbpassback.andbeyond.media
3	rtbpassback.andbeyond.media	rtbcdn.andbeyond.media pagead2.googlesyndication.com
3	imgg-cdn.mgid.com	www.regaindermayouth.icu
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects
2	qsearch-a.akamaihd.net
2	prebid.media.net	rtbpassback.andbeyond.media
2	x.bidswitch.net	2 redirects
2	bcp.crwdcntrl.net	1 redirects www.regaindermayouth.icu
2	inapi.posst.co	s.in.com
2	cm.mgid.com	jsc.mgid.com
2	www.facebook.com	www.regaindermayouth.icu connect.facebook.net
2	www.dailymotion.com	1 redirects api.dmcdn.net
2	www.google.de	www.regaindermayouth.icu
2	www.google.com	1 redirects www.regaindermayouth.icu
2	connect.facebook.net	www.regaindermayouth.icu connect.facebook.net
2	www.google-analytics.com	1 redirects www.regaindermayouth.icu
2	static.firstpost.com	www.regaindermayouth.icu
2	www.regaindermayouth.icu	images.firstpost.com
1	eus.rubiconproject.com	rtbpassback.andbeyond.media
1	cdn.syndication.twimg.com	platform.twitter.com
1	l.aaxads.com	www.regaindermayouth.icu
1	rtb-csync.smartadserver.com	www.regaindermayouth.icu
1	cm.marketgid.com	www.regaindermayouth.icu
1	cm.steepto.com	www.regaindermayouth.icu
1	usa.cloud.netacuity.com	images.firstpost.com
1	aaxdetect.com	c.aaxads.com
1	c.aaxads.com	contextual.media.net
1	cdn.mgid.com	www.regaindermayouth.icu
1	cdnjs.cloudflare.com	www.regaindermayouth.icu
1	e3.adpushup.com	www.regaindermayouth.icu
1	servicer.mgid.com	jsc.mgid.com
1	fonts.googleapis.com	www.regaindermayouth.icu
1	jsc.mgid.com	www.regaindermayouth.icu
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.regaindermayouth.icu
1	cdn.adpushup.com	www.regaindermayouth.icu
1	contextual.media.net	www.regaindermayouth.icu
1	api.dmcdn.net	www.regaindermayouth.icu
1	www.googletagmanager.com	www.regaindermayouth.icu
1	s.in.com	www.regaindermayouth.icu
1	rtbcdn.andbeyond.media	www.regaindermayouth.icu
1	cdn.onthe.io	www.regaindermayouth.icu
0	ads.pubmatic.com Failed	rtbpassback.andbeyond.media
0	acdn.adnxs.com Failed	rtbpassback.andbeyond.media
0	as.casalemedia.com Failed	rtbpassback.andbeyond.media
306	64

This site contains links to these domains. Also see Links.

Domain
www.firstpost.com
hindi.firstpost.com
www.honeywellsmarthomes.com
mgid.com
brainberries.co
p.firstpost.com
twitter.com
www.facebook.com
www.in.com
www.moneycontrol.com
www.burrp.com
www.topperlearning.com
overdrive.in
www.ibnlokmat.tv
www.news18.com
mtv.in.com
www.homeshop18.com
www.caprep18.com
feeds.feedburner.com
itunes.apple.com
play.google.com
plus.google.com
www.instagram.com
www.youtube.com
www.network18online.com

Subject Issuer	Validity	Valid
nw18.com DigiCert ECC Secure Server CA	`2018-12-20` - `2020-03-20`	a year	crt.sh
*.onthe.io COMODO RSA Domain Validation Secure Server CA	`2018-03-28` - `2019-03-28`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.andbeyond.media Go Daddy Secure Certificate Authority - G2	`2018-02-06` - `2019-03-11`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.dmcdn.net DigiCert SHA2 High Assurance Server CA	`2018-04-23` - `2019-05-29`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.dailymotion.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2019-10-23`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.mgid.com COMODO ECC Domain Validation Secure Server CA	`2018-03-30` - `2019-04-28`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
inapi.posst.co Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-12-27`	a year	crt.sh
*.steepto.com Go Daddy Secure Certificate Authority - G2	`2018-07-25` - `2019-10-20`	a year	crt.sh
*.marketgid.com COMODO ECC Domain Validation Secure Server CA	`2018-12-21` - `2020-02-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2016-06-29` - `2019-09-16`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh

This page contains 46 frames:

Primary Page: http://www.regaindermayouth.icu/
Frame ID: DF713BEE67D301AE592EAC9D8CE3DAA3
Requests: 188 HTTP requests in this frame

Frame: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233
Frame ID: CE61958E8110390BBC1306767F12E630
Requests: 1 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=false&queue-enable=false
Frame ID: B2E6DBEDDDDC9582EE931F91002277F8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D43C5EEA682A58FEE8EF729987AF61A6
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1545537593783434748317
Frame ID: 10DA83A369F13E28BC7B2D68BAAEF468
Requests: 1 HTTP requests in this frame

Frame: http://aaxdetect.com/detect.html?&pub=AAX457PML&svr=2018122112_530&gdpr=1&gdprconsent=0&dn=http%3A%2F%2Fwww.regaindermayouth.icu
Frame ID: 95A55E6C474A4AE81E22CD905AF1910E
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 40F17F2D88004730957262674CD6613F
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AB2D1C5147DBC53C332DF7A1FCB993AE
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: 81BE6B2AA976D372EF1757A1D5F65B40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html
Frame ID: 54F6EBC9D4447845954916D2262E924F
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: 8FC062B5009BD6B5D1732290552C094D
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B9418DD30BE0E0DD559E8F9F6B59E897
Requests: 10 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: B1C7ABED05569142D76F4AD8553C112E
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 58B207950A9922349A3A4819E4592FA2
Requests: 10 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: C5104BC3DA42102BCCD240869F3B30BF
Requests: 1 HTTP requests in this frame

Frame: https://rtbpassback.andbeyond.media/firstpost_160x600.html
Frame ID: 5AB93383A6F7C7742EB055E5302250ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745093&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597269&bpp=36&bdt=109&fdt=265&idt=265&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1892533565.1545537598&ga_sid=1545537598&ga_hid=1155865795&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.xhw29wxyq3q1&fsb=1&dtd=275
Frame ID: 1F3B307CE58A491BFC41038B4327BC01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597363&bpp=27&bdt=198&fdt=208&idt=208&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=842206574.1545537598&ga_sid=1545537598&ga_hid=841345556&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=952&biw=1585&bih=1200&isw=300&ish=250&ifk=2771519801&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.db75fmkuxj0m&fsb=1&dtd=235
Frame ID: C61714B9AAA2C30A12C5F8B08C996A8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745091&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597329&bpp=21&bdt=165&fdt=296&idt=296&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1109176318.1545537598&ga_sid=1545537598&ga_hid=1516171782&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=431&biw=1585&bih=1200&isw=300&ish=250&ifk=3033110061&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.pktuhhjfm4tv&fsb=1&dtd=305
Frame ID: 961E40FCECB50CDDC287D049BE317D6D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 5A386C7D52E41356CF6D5A5BE692E68D
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D6322BCAB9DCEA121CEE9706E6A3BBF5
Requests: 10 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 19559B3F51B2DACD139FD5654EF826D9
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: 76B548AEF488DEEDAC0E90BEFD121633
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html
Frame ID: 7FEEF99A09894AD22928DD4D1A37842C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537602&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&dt=1545537602183&bpp=24&bdt=78&fdt=25&idt=9&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=230266885.1545537602&ga_sid=1545537602&ga_hid=1378728970&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.ea30zl4x562e&fsb=1&dtd=34
Frame ID: 0389431BC9F6357C087B01DFD3FBC592
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 48070A78783AE8D92D6D2FD61E9F4511
Requests: 9 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Frame ID: 8286468115182F822ED78FE8D9FE85E6
Requests: 1 HTTP requests in this frame

Frame: https://rtbpassback.andbeyond.media/firstpost_160x600.html
Frame ID: EA0B3690C1CDC19F5FF2F1DDA202912A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d30011b0f5ce05b98f24b01d3331b3c1.html?origin=http%3A%2F%2Fwww.regaindermayouth.icu&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 31BB2D526F68103F29CE560B3657163A
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1076685130066944000/NkgRia6j?format=jpg&name=600x314
Frame ID: 0C7B16E40F96386F584DB8F77BF1BA4D
Requests: 30 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 8EC1EA98E17F5FA04FB1794D12F4DD5C
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9AA615D4D8AB9286D8CFA256C4636616
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9EDF0DD7DFDE2D129EBE31AC7DEBD8F5
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B875B11BEF037A6D70E690EB26AE3F92
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A5B9C485398733FEA40A226D07EBDCC2
Requests: 1 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Frame ID: B20888C51CEE65C3D4AF06FA4599EC4F
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3264965A8353F7ABE88B33F7F26794A8
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F86E3ED3CBEB5B97505D80F956C4480F
Requests: 1 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Frame ID: EE9EC6A0A7E7660714D0CE6291BADD11
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3583AA338AC9B3619118D4F752C80075
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 06518B976867465F53E6DB3C0C81FD82
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4736FD03BD38314FB9DC54FE62F2736D
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: FF92AD15FB198ED6595D2BD5D0EE8DB8
Requests: 1 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Frame ID: E822BEC23EBE4601F2EB07462E148FF0
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F7DD0615858982D1254F218A84CAC2A3
Requests: 1 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Frame ID: 81939BE99F52515548A1C3A5274B9927
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i
env /PREBID_TIMEOUT/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i
env /^google_tag_manager$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

306
Requests

72 %
HTTPS

43 %
IPv6

41
Domains

64
Subdomains

55
IPs

10
Countries

3492 kB
Transfer

9627 kB
Size

21
Cookies

261 Outgoing links

These are links going to different origins than the main page.

URL: https://www.firstpost.com/tech/science/indias-year-in-space-isros-big-wins-in-2018-gaganyaan-2022-and-space-startups-5749081.html
Title: 2018 in SpaceISRO's big wins & losses, Gaganyaan 2022 & emerging startups

Search URL Search Domain Scan URL

URL: http://hindi.firstpost.com/
Title: Switch to हिन्दी

Search URL Search Domain Scan URL

URL: https://www.honeywellsmarthomes.com/smart-connected-air-purifier/?utm_source=Display_Widget&utm_medium=Firstpost&utm_campaign=Long_Term_Deal

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/narendra-modi-at-bjp-mahila-morcha-event-pm-says-women-biggest-beneficiaries-of-govt-schemes-promises-law-on-triple-talaq-5777931.html
Title: Narendra Modi at BJP Mahila Morcha event: PM says women biggest beneficiaries of govt schemes, promises law on triple talaq

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/nda-defers-announcement-of-seat-sharing-in-bihar-to-sunday-jdu-leader-expresses-confidence-in-alliance-5777261.html
Title: NDA defers announcement of seat-sharing in Bihar to Sunday; JD(U) leader expresses confidence in alliance

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/nitin-gadkari-says-bjp-leadership-must-own-up-to-defeat-and-failures-after-losses-in-hindi-heartland-5777251.html
Title: Nitin Gadkari says BJP leadership must own up to 'defeat and failures' after losses in Hindi heartland

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/bjps-tally-in-2019-lok-sabha-election-will-reduced-by-at-least-100-seats-says-swaraj-india-founder-yogendra-yadav-5777171.html
Title: BJP's tally in 2019 Lok Sabha election will reduced by at least 100 seats, says Swaraj India founder Yogendra Yadav

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/narendra-modi-says-centre-committed-to-triple-talaq-law-despite-resistance-from-hardliners-and-opposition-parties-5777021.html
Title: Narendra Modi says Centre committed to triple talaq law despite resistance from 'hardliners and Opposition parties'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/bjp-rhetoric-in-west-bengal-over-rath-yatra-ban-meaningless-hypocritical-party-muscles-out-opposition-wherever-it-is-in-power-5775781.html
Title: BJP rhetoric over West Bengal rath yatra ban hypocritical; party muscles out Opposition wherever it is in power

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/serie-a-mario-mandzukics-lone-goal-helps-juventus-pile-on-misery-on-roma-ac-milan-drop-out-of-top-four-5777781.html
Title: Serie A: Mario Mandzukic's lone goal helps Juventus pile on misery on Roma; AC Milan drop out of top four

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/club-world-cup-2018-real-madrid-thrash-underdogs-al-ain-4-1-to-win-third-successive-title-5777771.html
Title: Club World Cup 2018: Real Madrid thrash underdogs Al Ain 4-1 to win third successive title

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/premier-league-ole-gunnar-solskjaer-heaps-praise-on-good-manchester-united-players-after-5-1-thumping-of-cardiff-5777661.html
Title: Premier League: Ole Gunnar Solskjaer heaps praise on 'good' Manchester United players after 5-1 thumping of Cardiff

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/premier-league-manchester-united-start-ole-gunnar-solskjaers-tenure-with-5-1-thrashing-of-cardiff-city-5777651.html
Title: Premier League: Manchester United start Ole Gunnar Solskjaer's tenure with 5-1 thrashing of Cardiff City

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/i-league-2018-19-real-kashmir-blow-title-race-wide-open-with-narrow-win-over-leaders-chennai-city-fc-5777361.html
Title: I-League 2018-19: Real Kashmir blow title race wide open with narrow win over leaders Chennai City FC

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/pro-kabaddi-league-2018-bengal-warriors-thrash-patna-pirates-to-qualify-for-playoffs-up-yoddha-edge-u-mumba-to-stay-alive-5777301.html
Title: Pro Kabaddi League 2018: Bengal Warriors thrash Patna Pirates to qualify for playoffs; UP Yoddha edge U Mumba to stay alive

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/india
Title: India

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/one-of-tigress-avnis-two-cubs-captured-in-anji-forest-in-maharashtra-to-be-kept-in-enclosure-in-mps-pench-no-word-on-second-cub-5777731.html
Title: One of tigress Avni's two cubs captured in Anji forest in Maharashtra, to be kept in enclosure in MP's Pench; no word on second cub

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/bjp-govt-in-jharkhand-announces-rs-2250-crore-farmers-aid-state-to-disburse-funds-under-scheme-from-next-fiscal-5777741.html
Title: BJP govt in Jharkhand announces Rs 2,250-crore farmers' aid; state to disburse funds under scheme from next fiscal

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/daily-bulletin-group-of-women-to-attempt-to-enter-sabarimala-today-43-killed-in-indonesia-tsunami-nda-may-announce-bihar-seat-sharing-decision-days-top-stories-5777611.html
Title: Daily Bulletin: Women to try Sabarimala entry; 43 die in Indonesia tsunami; Bihar seat-sharing decision likely today; day's top stories

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/sabarimala-row-11-women-reach-pamba-base-camp-devotees-protest-block-movement-5-km-from-shrine-5777621.html
Title: Sabarimala row: 11 women reach Pamba base camp; devotees protest, block movement 5 km from shrine

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/laws-are-not-being-enforced-effectively-because-of-lack-of-sensitivity-among-masses-mohan-bhagwat-5777341.html
Title: Laws are not being enforced effectively because of lack of sensitivity among masses: Mohan Bhagwat

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/bjp-to-approach-supreme-court-against-calcutta-hcs-order-barring-party-from-holding-rath-yatra-in-west-bengal-5777131.html
Title: BJP to approach Supreme Court against Calcutta HC's order barring party from holding rath yatra in West Bengal

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/imran-khan-says-will-show-narendra-modi-govt-how-to-treat-minorities-referring-to-naseeruddin-shahs-remarks-on-bulandshahr-5777751.html
Title: Imran Khan says 'will show Narendra Modi govt how to treat minorities', referring to Naseeruddin Shah's remarks on Bulandshahr

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/how-to-end-extremism-in-an-increasingly-polarised-world-good-arguments-and-an-ability-to-listen-can-spell-hope-5764071.html
Title: How to end extremism: In an increasingly polarised world, good arguments and an ability to listen can spell hope

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/donald-trump-asked-cabinet-members-if-he-can-legally-fire-us-federal-reserve-chair-jerome-powell-reports-5777871.html
Title: Donald Trump asked Cabinet members if he can legally fire US Federal Reserve chair Jerome Powell: Reports

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/indonesia-tsunami-43-killed-nearly-600-injured-wave-triggered-by-volcanic-eruption-hit-coasts-without-warning-5777631.html
Title: Indonesia tsunami: 43 killed, nearly 600 injured; wave triggered by volcanic eruption hit coasts without warning

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/states-help-run-u-s-national-parks-in-federal-government-shutdown-5777601.html
Title: States help run U.S. National Parks in federal government shutdown

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/nicaraguan-police-raid-news-network-critical-of-ortega-5777591.html
Title: Nicaraguan police raid news network critical of Ortega

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/narendra-modi-government-is-manipulating-data-gdp-back-series-needs-to-be-urgently-examined-yashwant-sinha-5774291.html
Title: Narendra Modi government is manipulating data; GDP back series needs to be urgently examined: Yashwant Sinha

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/white-house-unveils-goals-for-japan-trade-talks-5774191.html
Title: White House unveils goals for Japan trade talks

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/chinas-hna-in-talks-to-sell-ingram-micro-to-apollo-global-source-5774131.html
Title: China's HNA in talks to sell Ingram Micro to Apollo Global - source

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/nasdaq-confirms-bear-market-economic-worries-sink-wall-street-5774101.html
Title: Nasdaq confirms bear market; economic worries sink Wall Street

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/boeing-heads-for-expected-2018-plane-order-victory-over-airbus-5774091.html
Title: Boeing heads for expected 2018 plane order victory over Airbus

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/global-stock-indexes-skid-as-u-s-government-shutdown-looms-5774081.html
Title: Global stock indexes skid as U.S. government shutdown looms

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/entertainment
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/patio-unplugged-the-pinestone-projects-float-through-to-you-speaks-of-hope-amid-darkness-5776671.html
Title: Patio Unplugged: The Pinestone Project's Float Through To You speaks of hope amid darkness

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/magnetic-fields-2018-offered-more-than-just-electronic-music-though-two-star-attractions-were-no-shows-5776001.html
Title: Magnetic Fields 2018 offered more than just electronic music, though two star attractions were no-shows

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/dhanush-announces-new-feature-asuran-will-be-actors-fourth-collaboration-with-vetrimaaran-5776471.html
Title: Dhanush announces new feature Asuran, will be actor's fourth collaboration with Vetrimaaran

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/gst-council-reduces-tax-on-cinema-tickets-producers-guild-of-india-calls-it-progressive-step-5776521.html
Title: GST council reduces tax on cinema tickets; Producers Guild of India calls it 'progressive step'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/with-hits-like-stree-badhaai-ho-pari-and-parmanu-2018-belonged-to-the-non-filmy-filmmaker-5775981.html
Title: With hits like Stree, Badhaai Ho, Pari and Parmanu, 2018 belonged to the non-filmy filmmaker

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/kgf-chapter-1-box-office-collection-hindi-version-of-yash-starrer-mints-rs-2-10-cr-on-first-day-5776041.html
Title: KGF: Chapter 1 box office collection— Hindi version of Yash-starrer mints Rs 2.10 cr on first day

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/
Title: Cricket

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/india-vs-australia-ravi-shastri-says-opening-pair-of-kl-rahul-murali-vijay-a-big-concern-for-team-management-5777941.html
Title: India vs Australia: Ravi Shastri says opening pair of KL Rahul, Murali Vijay a big concern for team management

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/ranji-trophy-2018-19-bcci-curator-overwaters-feroz-shah-kotla-pitch-leaves-before-start-of-delhis-clash-against-madhya-pradesh-5777221.html
Title: Ranji Trophy 2018-19: BCCI curator overwaters Feroz Shah Kotla pitch, leaves before start of Delhi's clash against Madhya Pradesh

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/ranji-trophy-2018-19-jay-bistas-century-holds-mumbai-in-good-stead-himachal-pradesh-dismiss-tamil-nadu-on-opening-day-5777121.html
Title: Ranji Trophy 2018-19: Jay Bista's century holds Mumbai in good stead; Himachal Pradesh dismiss Tamil Nadu on opening day

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/highlights-bangladesh-vs-west-indies-3rd-t20i-at-dhaka-full-cricket-score-windies-beat-hosts-by-50-runs-claim-series-2-1-5776281.html
Title: Highlights, Bangladesh vs West Indies, 3rd T20I at Dhaka, Full Cricket Score: Windies beat hosts by 50 runs, claim series 2-1

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/bangladesh-vs-west-indies-keemo-paul-evin-lewis-help-windies-to-series-win-with-50-run-victory-in-final-t20i-5777091.html
Title: Bangladesh vs West Indies: Keemo Paul, Evin Lewis help Windies to series win with 50-run victory in final T20I

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/india-vs-australia-bcci-prepares-roadmap-for-red-ball-cricket-specialists-ajinkya-rahane-cheteshwar-pujara-after-sydney-test-5776641.html
Title: India vs Australia: BCCI prepares roadmap for red-ball cricket specialists Ajinkya Rahane, Cheteshwar Pujara after Sydney Test

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech
Title: TECH

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/cop24-nudged-countries-towards-evs-but-indian-manufacturers-continue-to-lay-low-5776801.html
Title: COP24 nudged countries towards EVs but Indian manufacturers continue to lay low

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/samsung-reportedly-working-on-bright-night-a-night-sight-nightscape-competitor-5776151.html
Title: Samsung reportedly working on 'Bright Night', a Night Sight, Nightscape competitor

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/huawei-p30-to-sport-triple-camera-setup-at-rear-with-40-mp-primary-sensor-report-5775961.html
Title: Huawei P30 to sport triple-camera setup at rear with 40 MP primary sensor: Report

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/donald-trumps-govt-shutdown-third-time-in-2018-nasa-others-to-stay-home-without-pay-5775751.html
Title: Donald Trump's govt shutdown third time in 2018, NASA, others to stay home without pay

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/realme-u1-available-at-rs-1500-discount-on-amazon-india-heres-the-caveat-5775491.html
Title: Realme U1 available at Rs 1,500 discount on Amazon India; here's the caveat

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/drone-operators-success-in-shutting-down-london-airport-lays-bare-vulnerabilities-5775161.html
Title: Drone operator's success in shutting down London airport lays bare vulnerabilities

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/photos
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/videos
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/shows/
Title: Shows

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tigers-movie
Title: Tigers

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-elections-2018
Title: Assembly Elections

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/mha-notification-manufactured-row-exposes-rahul-gandhis-immaturity-and-medias-lack-of-due-diligence-5776881.html
Title: MHA notification: Manufactured row exposes Rahul Gandhi's immaturity and media's lack of due diligence

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/hd-kumaraswamy-expands-karnataka-cabinet-eight-congress-leaders-sworn-in-at-raj-bhavan-amid-tight-security-5776711.html
Title: HD Kumaraswamy expands Karnataka cabinet: Eight Congress leaders sworn in at Raj Bhavan amid tight security

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/gst-council-cuts-rates-on-23-items-rationalises-28-percent-slab-tvs-movie-tickets-and-power-banks-get-cheaper-5776441.html
Title: GST Council cuts rates on 23 items, rationalises 28 percent slab; TVs, movie tickets and power banks get cheaper

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/week-after-encounter-in-j-no-clarity-on-whether-sops-were-followed-5776341.html
Title: Week after encounter in J&K's Pulwama, death of civilians continues to evoke rage; no clarity on whether SOPs were followed

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/aaps-alka-lamba-denies-reports-of-her-resignation-as-controversy-over-resolution-on-bharat-ratna-to-rajiv-gandhi-persists-5775951.html
Title: AAP's Alka Lamba denies reports of her resignation as controversy over resolution on Bharat Ratna to Rajiv Gandhi persists

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/zero-box-office-collection-shah-rukh-anushka-sharma-katrina-kaifs-film-earns-rs-20-14-cr-on-opening-day-5775211.html
Title: Zero box office collection: Shah Rukh, Anushka Sharma, Katrina Kaif's film earns Rs 20.14 cr on opening day

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/naseeruddin-shah-should-be-heard-his-remarks-debated-because-bulandshahr-is-a-blot-on-indias-conscience-5773811.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/sohrabuddin-case-dg-vanzara-welcomes-acquittal-of-all-police-personnel-says-entry-into-politics-not-priority-for-now-5776891.html
Title: Sohrabuddin case: DG Vanzara welcomes acquittal of all police personnel, says entry into politics not priority

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/zakir-musas-aide-among-six-militants-killed-in-pulwama-encounter-army-says-war-like-weapon-stash-recovered-from-terrorists-5774701.html
Title: Zakir Musa's aide among six militants killed in Pulwama encounter; army says war-like weapon stash recovered from terrorists

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/indian-diplomats-in-pakistan-denied-gas-connections-internet-services-centre-takes-up-matter-with-pakistan-foreign-affairs-ministry-5774631.html
Title: Indian diplomats in Pakistan denied gas connections, internet services; Centre takes up matter with Pakistan foreign ministry

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/culture-of-world/
Title: FirstCulture

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/scientist-nambi-narayanan-on-his-work-at-isro-the-spy-case-and-the-battle-to-clear-his-name-5766761.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/the-icc-is-not-enough-lessons-from-metoo-on-the-limitations-of-sexual-harassment-law-5771281.html
Title: The ICC is not enough: Lessons from #MeToo on the limitations of sexual harassment law

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/bangladeshs-rock-n-roll-scene-which-championed-liberal-values-post-independence-now-faces-a-decline-5750471.html
Title: Bangladesh's rock 'n' roll scene, which championed liberal values post-independence, now faces a decline

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/surrogacy-bill-puts-donors-at-risk-of-exploitation-excludes-single-parents-queer-couples-5765521.html
Title: Surrogacy Bill puts donors at risk of exploitation, excludes single parents, queer couples

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/long-reads
Title: Long-Reads

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/long-reads/love-in-the-city-in-no-nonsense-mumbai-couples-steal-quiet-moments-of-togetherness-5734901.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/long-reads/doubling-tiger-population-by-2022-unrealistic-experts-cite-scarce-prey-rampant-poaching-5751861.html
Title: Doubling tiger population by 2022 unrealistic; experts cite scarce prey, rampant poaching

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/long-reads/go-goa-gone-stories-from-a-changing-paradise-and-a-look-at-what-the-future-portends-5743671.html
Title: Go, Goa, Gone: Stories from a changing paradise — and a look at what the future portends

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/long-reads/bengals-favourite-fish-the-hilsa-could-soon-be-extinct-as-fishing-trawlers-flout-laws-5721561.html
Title: Bengal's favourite fish, the hilsa, could soon be extinct as fishing trawlers flout laws

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/long-reads/dhanushkodis-residents-battled-natures-fury-but-will-they-survive-government-apathy-5672051.html
Title: Dhanushkodi's residents battled nature's fury; but will they survive government apathy?

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/year-in-review-2018-from-shubhankar-sharmas-win-at-maybank-championship-to-return-of-rahil-gangjee-top-moments-in-indian-golf-5776571.html
Title: Year in review 2018: From Shubhankar Sharma's win at Maybank Championship to return of Rahil Gangjee, top moments in Indian golf

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/mk-stalins-transformation-from-thalapathy-to-thalaivar-boosts-his-2019-prospects-but-seat-sharing-with-allies-remains-real-challenge-5776081.html
Title: MK Stalin's transformation from Thalapathy to Thalaivar boosts his 2019 prospects, but seat-sharing with allies remains real challenge

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/militarisation-of-chinas-belt-and-road-initiative-cpecs-real-benefit-for-pakistan-beijing-is-strategic-rather-than-economic-5776271.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/us-envoy-to-anti-islamic-state-coalition-brett-mcgurk-resigns-in-protest-over-donald-trumps-syria-withdrawal-5777181.html
Title: US envoy to anti-Islamic State coalition Brett McGurk resigns in protest over Donald Trump's Syria withdrawal

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/world/at-least-16-dead-in-mogadishu-blast-near-somalias-presidential-palace-al-shabab-claims-responsibility-5776661.html
Title: At least 16 dead in Mogadishu blast near Somalia's presidential palace; Al-Shabab claims responsibility

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/best-value-for-money-phones-of-2018-poco-f1-realme-2-pro-nokia-7-plus-and-more-5770011.html
Title: Best value for money phones of 2018: Poco F1, Realme 2 Pro, Nokia 7 Plus and more

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/xiaomi-redmi-7-spotted-on-tenaa-with-5-84-inch-lcd-display-android-oreo-11-colours-5751331.html
Title: Xiaomi Redmi 7 spotted on TENAA with 5.84-inch LCD display, Android Oreo, 11 colours

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/fig-leaf-of-pan-would-be-inadequate-as-taxman-is-watching-every-high-value-cash-transactions-5769631.html
Title: Fig leaf of PAN would be inadequate as taxman is watching every high value cash transactions

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/public-sector-bank-officers-on-strike-protest-vijaya-dena-bank-of-baroda-merger-seek-wage-hike-5770501.html
Title: Public sector bank officers on strike, protest Vijaya-Dena-Bank of Baroda merger, seek wage hike

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/government-likely-to-renew-demand-for-rs-13140-cr-additional-dividend-from-reserve-bank-5771731.html
Title: Government likely to renew demand for Rs 13,140 cr additional dividend from Reserve Bank

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/cricket-schedule/series/australia-vs-india-2018-19.html
Title: schedule

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/results/series/australia-vs-india-2018-19.html
Title: results

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/india-vs-australia-mcg-test-perfect-time-for-hosts-to-replace-struggling-peter-handscomb-with-mitchell-marsh-at-no-6-5775821.html
Title: India vs Australia: MCG Test perfect time for hosts to replace struggling Peter Handscomb with Mitchell Marsh at No 6

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/wv-raman-faces-tough-challenge-of-resolving-infight-between-senior-women-cricketers-convert-warring-groups-into-a-team-again-5775141.html
Title: WV Raman faces tough challenge of resolving infight between senior women cricketers, convert warring groups into a team again

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/ipl-auction-2019-mumbai-indians-latest-recruit-rasikh-salam-dar-has-become-the-new-poster-boy-of-kashmir-5774691.html
Title: IPL Auction 2019: Mumbai Indians' latest recruit Rasikh Salam Dar has become the new poster boy of Kashmir

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/living/surat-businessman-celebrates-an-early-diwali-by-gifting-his-employees-400-renault-kwid-hatchbacks-5486721.html
Title: Surat businessman celebrates an early Diwali by gifting his employees 400 Renault KWID hatchbacks!

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/dd-cameraman-caught-in-maoist-attack-in-dantewada-records-selfie-video-tells-mother-i-might-not-survive-5477341.html
Title: DD cameraman caught in Maoist attack in Dantewada records selfie video, tells mother 'I might not survive'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/business/state-of-the-economy-ilfs-crisis-could-spread-to-other-nbfcs-if-resolution-doesnt-come-fast-says-siddharth-purohit-5465821.html
Title: State of the economy: IL&FS crisis could spread to other NBFCs if resolution doesn’t come fast, says Siddharth Purohit

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/made-to-pay-for-government-welfare-schemes-a-bundelkhand-village-protests-against-years-of-corrupt-administration-5444001.html
Title: Made to pay for welfare schemes, a Bundelkhand village protests against years of corrupt administration

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/woman-farmer-from-chitrakoot-on-her-experience-of-farming-women-do-all-the-hard-work-5403971.html
Title: Woman farmer from Chitrakoot on her experiences working the fields: 'Women do all the hard work'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/panasonic-eluga-x1-pro-hits-the-sweet-spot-in-every-department-5395991.html
Title: Panasonic Eluga X1 Pro hits the sweet spot in every department

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/assam-nrc-tarun-gogoi-drops-a-bombshell-says-people-in-voter-list-could-have-been-accommodated-in-citizens-register-4910961.html
Title: Assam NRC: Tarun Gogoi drops a bombshell, says people in voter list could have been accommodated in citizens' register

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/rahul-gandhi-turns-48-congress-chief-who-once-said-power-is-poison-should-focus-on-party-rather-than-on-hate-modi-mission-4545881.html
Title: Rahul Gandhi turns 48: Congress chief, who once said 'power is poison', should focus on party rather than on 'hate Modi' mission

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/modi-is-popular-among-under-25-maybe-they-see-wrongly-a-future-in-him-and-thats-a-challenge-for-us-ajay-maken-4502855.html
Title: Modi is popular among under-25; maybe they see, wrongly, a future in him and that’s a challenge for us: Ajay Maken

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/karnataka-poll-results-bjp-has-a-few-options-at-its-disposal-to-go-from-104-seats-to-the-magic-number-of-112-4472805.html
Title: Karnataka poll results: BJP has a few options at its disposal to go from 104 seats to the magic number of 112

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/karnataka-transgenders-struggle-to-get-mainstreamed-in-politics-secure-voter-ids-as-parties-remain-oblivious-to-their-plight-4465829.html
Title: Karnataka trans people struggle to get mainstreamed in politics, secure voter IDs as parties remain oblivious to their plight

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/karnataka-polls-bjp-congress-engage-in-fierce-back-and-forth-after-ec-seizes-10000-voter-cards-4463249.html
Title: Karnataka polls: BJP, Congress engage in fierce back and forth after EC seizes 10,000 voter cards

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/super-cool-news-apps-what-the-app-2-4695601.html
Title: Super Cool News Apps | What The App

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/fomo-episode-1-google-assistant-this-is-america-sonams-wedding-global-warming-4469015.html
Title: FOMO Episode 1: Google Assistant, This is America, Sonam's wedding & Global Warming

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/boost-you-coolness-quotient-without-emptying-your-pockets-with-these-cool-gadgets-under-10k-4437001.html
Title: Boost your coolness quotient without emptying your pockets with these cool gadgets under 10K!

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/48-hours-with-huawei-p20-pro-triple-camera-offering-is-set-to-redefine-smartphone-imaging-4424533.html
Title: 48 hours with Huawei P20 Pro: Triple camera offering is set to redefine smartphone imaging

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/news-analysis/brace-yourself-as-we-take-the-huawei-honor-9lite-out-for-a-selfie-challenge-4402893.html
Title: Brace yourself as we take the Huawei Honor 9Lite out for a Selfie Challenge!

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/watch-this-isnt-cereal-its-how-people-in-china-are-dealing-with-a-heat-wave-4912461.html
Title: Watch: This isn’t cereal, it’s how people in China are dealing with a heat wave

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/fifa-world-cup-2018-displaced-syrians-find-relief-in-tent-side-world-cup-screenings-4542571.html
Title: FIFA World Cup 2018: Displaced Syrians find relief in tent-side World Cup screenings

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/evading-the-kala-party-hindu-refugees-in-myanmars-rakhine-state-recount-escape-from-rohingya-militants-4483633.html
Title: Evading the 'kala party': Hindu refugees in Myanmar's Rakhine state recount escape from Rohingya militants

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/cyclone-mekunu-prompts-evacuation-of-hundreds-of-indians-in-oman-volunteer-groups-offer-assistance-4482951.html
Title: Cyclone Mekunu prompts evacuation of hundreds of Indians in Oman, volunteer groups offer assistance

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/save-jobs-usa-in-discussion-with-amit-kohli-4325827.html
Title: Save Jobs USA: In conversation with Amit Kohli

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/world/in-conversation-with-indians-of-h4-visa-community-in-us-4325725.html
Title: In conversation with Indians of H4 visa community in US

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/business/india-post-payment-bank-will-launch-the-second-wave-of-financial-inclusion-says-minister-manoj-sinha-5067621.html
Title: India Post Payments Bank will launch the second wave of financial inclusion, says minister Manoj Sinha

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/kerala-after-the-flood-chengannur-stares-at-massive-task-of-rebuilding-lives-as-receding-waters-reveal-extent-of-damage-5062071.html
Title: Kerala, After the Flood: Chengannur stares at massive task of rebuilding lives as receding waters reveal extent of damage

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/kerala-after-the-flood-migrant-family-in-ernakulam-highlights-apathy-it-faced-for-being-hindi-speaking-5052691.html
Title: Kerala, After The Flood: Migrant family in Ernakulam highlights apathy it faced for being Hindi-speaking

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports-blogs/meet-arjun-vajpai-the-worlds-youngest-mountaineer-to-scale-six-peaks-over-8000-meters-high-4487345.html
Title: Meet Arjun Vajpai, the world's youngest mountaineer to scale six peaks over 8000 meters high

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/business/icici-videocon-loan-controversy-only-a-thorough-probe-can-reveal-details-of-the-case-says-naresh-malhotra-4418349.html
Title: ICICI-Videocon loan controversy: Only a thorough probe can reveal details of the case, says Naresh Malhotra

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-helicopter-eela-stars-kajol-riddhi-sen-in-conversation-with-parul-sharma-5382411.html
Title: It's a Wrap: Helicopter Eela stars Kajol, Riddhi Sen in conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-sui-dhaaga-actors-anushka-sharma-varun-dhawan-in-conversation-with-parul-sharma-5382341.html
Title: It's a Wrap: Sui Dhaaga actors Anushka Sharma, Varun Dhawan in conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-andhadhun-star-ayushmann-khurrana-in-conversation-with-parul-sharma-5382221.html
Title: It's a Wrap: Andhadhun star Ayushmann Khurrana in conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-sunny-leone-in-a-candid-conversation-with-parul-sharma-5382051.html
Title: It's a Wrap: Sunny Leone in a candid conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-manmarziyaan-cast-abhishek-bachchan-taapsee-pannu-vicky-kaushal-in-conversation-with-parul-sharma-5381981.html
Title: It's a Wrap: Manmarziyaan cast Abhishek Bachchan, Taapsee Pannu, Vicky Kaushal in conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/entertainment/its-a-wrap-happy-phirr-bhag-jayegi-stars-sonakshi-sinha-jimmy-sheirgill-in-conversation-with-parul-sharma-5381881.html
Title: It's a Wrap: Happy Phirr Bhag Jayegi stars Sonakshi Sinha, Jimmy Sheirgill in conversation with Parul Sharma

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/at-the-mtb-himalaya-amateur-and-professional-riders-alike-seek-thrills-over-punishing-and-unpredictable-terrain-5385571.html
Title: At the MTB Himalaya, amateur and professional riders alike seek thrills over punishing and unpredictable terrain

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/laliga-in-increasingly-male-dominated-world-of-football-eibar-ceo-patricia-rodriguez-breaks-the-glass-ceiling-5376581.html
Title: LaLiga: In increasingly male-dominated world of football, Eibar CEO Patricia Rodriguez breaks the glass ceiling

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/laliga-surrounded-by-monsters-and-mountains-tiny-eibar-look-towards-indian-fans-for-support-5367951.html
Title: LaLiga: Surrounded by 'monsters' and mountains, tiny Eibar look towards Indian fans for support

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/pro-kabaddi-league-2018-for-jaipur-pink-panthers-anup-kumar-duty-scores-over-sentiment-as-emotional-u-mumba-reunion-looms-5350011.html
Title: Pro Kabaddi League 2018: For Jaipur Pink Panthers' Anup Kumar, duty over sentiment as U Mumba reunion looms

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/firstpost-at-asian-games-2018-indonesian-culture-and-the-love-for-shah-rukh-khan-5120631.html
Title: Firstpost at Asian Games 2018: Indonesian culture and the love for Shah Rukh Khan

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/sports/firstpost-at-asian-games-2018-visit-to-badmintons-holy-ground-jakartas-istora-stadium-5073611.html
Title: Firstpost at Asian Games 2018: Visit to badminton's holy ground, Jakarta's Istora stadium

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/mumbai/watch-elphinstone-road-parel-footover-bridge-stampede-makes-one-wonder-if-authorities-have-any-value-for-human-life-4094471.html
Title: Elphinstone Road stampede makes one wonder if authorities have any value for human life

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/living/watch-mumbais-once-iconic-padmini-taxis-near-the-end-of-the-road-4080043.html
Title: Watch: Mumbai's once iconic 'Padmini' taxis near the end of the road

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/mumbai/watch-no-more-rotten-tomatoes-new-start-up-helps-increase-tomato-shelf-life-4055951.html
Title: No more rotten tomatoes: New start-up helps increase tomato shelf life

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/mumbai/watch-70-mumbai-buildings-to-be-partially-demolished-to-clear-flight-path-3840669.html
Title: 70 Mumbai buildings to be partially demolished to clear flight path

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/mumbai/watch-in-search-of-books-at-mumbais-flora-fountain-3839093.html
Title: Watch: In search of books at Mumbai's Flora Fountain

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/watch-take-a-mouth-watering-journey-through-ghatkopars-khau-galli-3812421.html
Title: Watch: A mouth watering journey through Ghatkopar's Khau Galli

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/metoo-a-rape-in-chitrakoot-shows-that-caste-gender-continue-to-play-into-sexual-crimes-in-rural-india-5387821.html
Title: #MeToo: A rape in Chitrakoot shows that caste, gender continue to play into sexual crimes in rural India

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/farmers-in-lalitpur-up-among-the-worst-hit-due-to-rising-fuel-prices-5358321.html
Title: Farmers in Lalitpur, UP, among the worst hit due to rising fuel prices

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/in-bundelkhands-khandeha-village-one-teacher-for-entire-school-5344471.html
Title: In Bundelkhand's Khandeha village, one teacher for entire school

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/watch-delhi-pollution-update-air-quality-remains-toxic-as-kejriwal-meets-khattar-decision-on-odd-even-tomorrow-4211691.html
Title: Delhi pollution update: Air quality remains toxic as Kejriwal meets Khattar; decision on odd-even today

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/india/watch-air-quality-in-new-delhi-enters-danger-zone-as-pollutant-levels-increase-drastically-4116885.html
Title: Air quality in New Delhi deteriorates as pollutant levels increase drastically

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/mcd-election-2017-rigged-evms-cost-aap-the-civic-polls-party-mla-saurabh-bharadwaj-tells-firstpost-3407438.html
Title: MCD Election 2017: Rigged EVMs cost AAP the civic polls, party MLA Saurabh Bharadwaj tells Firstpost

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/mcd-election-results-2017-after-congress-defeat-sheila-dikshit-has-a-message-for-delhi-3405520.html
Title: MCD Election Results 2017: After Congress' defeat, Sheila Dikshit has a message for Delhi

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/mcd-election-2017-results-aap-supporters-celebrate-victory-in-yamuna-vihar-3405046.html
Title: MCD Election 2017 Results: AAP supporters celebrate victory in Yamuna Vihar

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/politics/watch-after-casting-vote-in-mcd-election-2017-meenakshi-lekhi-talks-to-firstpost-3399252.html
Title: WATCH: After casting vote in MCD Election 2017, Meenakshi Lekhi talks to Firstpost

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/photos/entertainment-gallery/salman-khan-deepika-padukone-ranveer-singh-alia-bhatt-attend-star-screen-awards-s2018-5744471.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/photos/isha-ambani-anand-piramal-wedding-reception-family-members-other-prominent-people-take-part-in-celebrations-5732991.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/photos/entertainment-gallery/emily-blunt-meryl-streep-attend-european-premiere-of-mary-poppins-returns-5725181.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/odisha-govt-announces-rs-10000-crore-kalia-scheme-for-farmers-development-cm-calls-congress-farm-loan-waiver-promise-ridiculous-5774401.html
Title: Odisha govt announces Rs 10,000 crore KALIA scheme for farmers' development; CM calls Congress' farm loan waiver promise 'ridiculous'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/newstracker
Title: NewsTracker

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/christian-michel-sent-to-seven-day-ed-custody-in-agustawestland-vvip-chopper-case-over-money-laundering-charges-5777151.html
Title: Christian Michel sent to seven-day ED custody in AgustaWestland VVIP chopper case over money laundering charges

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/only-one-of-39-areas-along-ganga-had-clean-water-in-post-monsoon-season-says-cpcb-37-recorded-moderate-to-severe-pollution-5776211.html
Title: Only one of 39 areas along Ganga had clean water in post-monsoon season, says CPCB; 37 recorded moderate to severe pollution

Search URL Search Domain Scan URL

URL: https://mgid.com/advertisers?utm_source=widget&utm_medium=text&utm_campaign=add&utm_content=284677

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/ida-lundgren-and-bianca-van-damme-could-easily-kick-your-butt/
Title:

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/top-10-richest-bollywood-actresses/
Title:

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-stunning-asian-actresses-no-man-can-resist/
Title:

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/auto-tech/tata-motors-and-zoomcar-flag-off-tata-tigor-evs-for-self-drive-rental-in-pune-5764441.html
Title: Tata Motors and Zoomcar flag off Tata Tigor EVs for self-drive rental in Pune

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/sports/indiana-pacers-will-play-sacramento-kings-in-mumbai-next-october-as-part-of-nbas-two-pre-season-games-5765941.html
Title: Indiana Pacers will play Sacramento Kings in Mumbai next October as part of NBA's two pre-season games

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/watch-paul-mccartney-emma-stone-join-forces-to-tackle-bullying-in-new-music-video-who-cares-5765671.html
Title: Watch: Paul McCartney, Emma Stone join forces to tackle bullying in new music video, 'Who Cares'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/catch-22-first-look-reveals-george-clooney-as-scheisskopf-kyle-chandler-as-cathcart-in-upcoming-hulu-series-5765911.html
Title: Catch-22 first look reveals George Clooney as Scheisskopf, Kyle Chandler as Cathcart in upcoming Hulu series

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/ram-vilas-paswan-stands-on-brink-of-another-u-turn-as-mahagathbandhan-adds-rlsp-ham-to-list-of-bihar-allies-5765991.html
Title: Ram Vilas Paswan stands on brink of another U-turn as Mahagathbandhan adds RLSP, HAM to list of Bihar allies

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/MeToo-in-India
Title: MeToo in India

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/metoo-narratives-from-uttar-pradeshs-hinterland-laying-bare-the-realities-of-a-deeply-patriarchal-culture-5772481.html
Title: #MeToo narratives from Uttar Pradesh's hinterland: Laying bare the realities of a deeply patriarchal culture

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/firstpost-editors-picks-mha-notification-on-surveillance-waning-modi-wave-lost-niti-aayog-todays-must-read-articles-5772901.html
Title: Firstpost Editor's Picks: MHA notification on surveillance, waning Modi wave, lost NITI Aayog; today's must-read articles

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/alok-naths-legal-counsel-terms-tv-writer-producers-rape-allegations-a-figment-of-her-imagination-5770751.html
Title: Alok Nath's legal counsel terms TV writer-producer's rape allegations 'a figment of her imagination'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/dia-mirza-questions-absence-of-women-representation-in-bollywood-delegation-meet-with-narendra-modi-5768851.html
Title: Dia Mirza questions absence of women representation in Bollywood delegation meet with Narendra Modi

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/sona-mohapatra-reacts-to-sonu-nigams-comments-its-an-artists-duty-to-stand-up-for-whats-right-5764351.html
Title: Sona Mohapatra reacts to Sonu Nigam's comments: It's an artist's duty to stand up for what's right

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/winter-session-of-parliament
Title: Winter Session of Parliament

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/parliament-passes-autism-bill-amendment-to-1999-act-will-streamline-appointment-resignation-of-members-of-national-committee-5771601.html
Title: Parliament passes autism bill: Amendment to 1999 Act will streamline appointment, resignation of members of national committee

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/politics/winter-session-of-parliament-jaitley-dismisses-criticism-of-order-on-data-interception-congress-seeks-jpc-probe-into-rafale-deal-5770241.html
Title: Winter Session of Parliament: Jaitley dismisses criticism of order on data interception; Congress seeks JPC probe into Rafale deal

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/parliament-live-updates-opposition-says-govt-invading-privacy-via-mhas-news-notice-jaitley-says-innocent-citizens-need-not-fear-5769101.html
Title: Parliament updates: Opposition says govt invading privacy via MHA's news notice, Jaitley says innocent citizens need not fear

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/winter-session-of-parliament-ls-clears-2-bills-amid-uproar-defers-debate-on-triple-talaq-bill-to-27-dec-rs-adjourned-without-work-5763651.html
Title: Winter Session of Parliament: LS clears 2 bills amid uproar, defers debate on triple talaq Bill to 27 Dec; RS adjourned without work

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/churchstatecommunity
Title: Church, State and Community

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/kerala-nun-rape-women-must-challenge-male-driven-system-that-exalts-suffering-says-world-council-of-churches-exec-5308041.html
Title: Kerala nun rape case: The Church is patriarchal, men are fully protected, says ex-World Church Council member

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/church-and-sexual-abuse-only-pope-can-give-justice-denied-by-powerful-says-mother-of-raped-murdered-teen-5305171.html
Title: Church and sexual abuse: Only Pope can give me justice denied by powerful, says mother of raped-murdered teen

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/in-andhra-pradeshs-ongole-rampant-sexual-abuse-of-girls-at-child-care-institute-reveals-helplessness-of-survivors-5273241.html
Title: In Andhra Pradesh's Ongole, rampant sexual abuse of girls at child care institute reveals helplessness of survivors

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/cultural-naivete-for-unconditional-trust-in-church-is-breeding-ground-for-exploitation-of-women-by-pastors-priests-5255191.html
Title: Cultural naiveté for unconditional trust in Church is breeding ground for exploitation of women by pastors, priests

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/india/churchs-cover-up-silencing-of-sexual-abuse-rampant-in-kerala-institutions-systemic-decay-gives-little-hope-to-survivors-5252301.html
Title: Church's cover-up, silencing of sexual abuse rampant in Kerala; institution's systemic decay gives little hope to survivors

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/australia-vs-india-2018-19
Title: India vs Australia

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/india-vs-australia-hosts-dont-have-someone-on-same-level-as-virat-kohli-says-former-spinner-brad-hogg-5776531.html
Title: India vs Australia: Hosts don't have someone on same level as Virat Kohli, says former spinner Brad Hogg

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/is-virat-kohli-going-overboard-with-his-onfield-behaviour-ayaz-memon-answers-all-the-questions-in-game-plan-5773121.html
Title: Is Virat Kohli going overboard with his onfield behaviour? Ayaz Memon answers all the questions in Game Plan

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/india-vs-australia-mitchell-johnson-michael-vaughan-slam-iccs-average-rating-to-new-perth-stadium-pitch-5775661.html
Title: India vs Australia: Mitchell Johnson, Michael Vaughan slam ICC's 'average' rating to new Perth stadium pitch

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/techreview
Title: Tech Review

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/reviews/asus-vivobook-s14-review-a-sensible-unexciting-package-for-the-casual-user-5648151.html
Title: ASUS VivoBook S14 review: A sensible, unexciting package for the casual user

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/reviews/amazon-echo-dot-3rd-gen-review-improved-sound-and-design-but-ux-still-spotty-5623021.html
Title: Amazon Echo Dot (3rd gen) review: Improved sound and design, but UX still spotty

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/news-analysis/xiaomi-mi-air-purifier-2s-review-quiet-unobtrusive-and-eminently-reliable-5584601.html
Title: Xiaomi Mi Air Purifier 2S review: Quiet, unobtrusive and eminently reliable

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/reviews/oneplus-6t-review-a-notch-above-or-is-it-5474251.html
Title: OnePlus 6T review: A notch above the competition, or is it?

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tech/reviews/apple-iphone-xr-review-great-battery-life-display-makes-it-the-best-iphone-to-buy-5466191.html
Title: Apple iPhone XR review: Great battery life, display makes it the best iPhone to buy

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/tag/moviereview
Title: Film Reviews

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/antariksham-movie-review-sankalp-reddys-idea-is-ambitious-but-everything-else-gets-lost-in-space-5772071.html
Title: Antariksham movie review : Sankalp Reddy’s idea is ambitious, but everything else gets lost in space

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/maari-2-movie-review-dhanush-dazzles-but-sai-pallavi-is-the-best-thing-about-this-mass-entertainer-5770841.html
Title: Maari 2 movie review: Dhanush dazzles but Sai Pallavi is the best thing about this mass entertainer

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/kgf-chapter-1-movie-review-yash-starrer-has-a-gripping-story-that-deserved-better-treatment-5770351.html
Title: KGF: Chapter 1 movie review — Yash-starrer has a gripping story that deserved better treatment

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/adanga-maru-movie-review-jayam-ravis-earnest-performance-stands-out-in-this-predictable-action-thriller-5769511.html
Title: Adanga Maru movie review: Jayam Ravi's earnest performance stands out in this predictable action thriller

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/zero-movie-review-shah-rukh-khans-comic-timing-is-the-only-thing-going-for-this-spluttering-tottering-affair-5769221.html
Title: Zero movie review: Shah Rukh Khan's comic timing is the only thing going for this spluttering, tottering affair

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/whatsapp-fp.html

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/selfmade-geetansh

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/business/brands-business/steve-madden-selfmade-5696121.html
Title: Steve Madden #Selfmade

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/make-india-diabetes-free/

Search URL Search Domain Scan URL

URL: https://p.firstpost.com/

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/hockey-world-cup-2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/laureus/

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/9-months

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/koffee-with-karan-prabhas-rana-daggubati-ss-rajamouli-to-feature-in-upcoming-episode-5775701.html?FP_Source=FP_Eng_Home_DT_SW_Wgt&FP_Medium=FP_Eng_shareworthy_5775701
Title: Koffee With Karan: Prabhas, Rana Daggubati, SS Rajamouli to feature in upcoming episode

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/elon-musk-a-bollywood-fan-spacex-owner-tweets-a-gif-from-ranveer-singh-song-malhari-5774891.html?FP_Source=FP_Eng_Home_DT_SW_Wgt&FP_Medium=FP_Eng_shareworthy_5774891
Title: Elon Musk a Bollywood fan? SpaceX owner tweets a GIF from Ranveer Singh song 'Malhari'

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/ntr-biopic-trailer-nandamuri-balakrishna-vidya-balan-chart-the-superlative-journey-of-andhra-pradesh-actor-politician-5774431.html?FP_Source=FP_Eng_Home_DT_SW_Wgt&FP_Medium=FP_Eng_shareworthy_5774431
Title: NTR biopic trailer: Nandamuri Balakrishna, Vidya Balan chart the superlative journey of Andhra Pradesh actor-politician

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/entertainment/fast-and-furious-spinoff-hobbs-and-shaw-featuring-dwayne-johnson-idris-elba-jason-statham-gets-new-title-5775541.html?FP_Source=FP_Eng_Home_DT_SW_Wgt&FP_Medium=FP_Eng_shareworthy_5775541
Title: Fast and Furious spinoff Hobbs and Shaw, featuring Dwayne Johnson, Idris Elba, Jason Statham, gets new title

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/cricket-live-score/
Title: Cricket Scores

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/sports-news/highlights-bangladesh-vs-west-indies-1st-t20i-at-sylhet-full-cricket-score-visitors-win-by-eight-wickets-5742831.html
Title: West Indies beat Bangladesh by 8 wickets

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/about-firstpost
Title: About Firstpost

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/rss
Title: RSS

Search URL Search Domain Scan URL

URL: http://twitter.com/firstpost
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Firstpost/165818073477856
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/living
Title: Life

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket
Title: Cricket

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/firstcricket/cricket-live-score
Title: Cricket Live Score

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-election-2018/telangana
Title: Telangana Assembly election 2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-election-2018/madhya-pradesh
Title: Madhya Pradesh Assembly election 2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-election-2018/rajasthan
Title: Rajasthan Assembly election 2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-election-2018/chhattisgarh
Title: Chhattisgarh Assembly election 2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/assembly-election-2018/mizoram
Title: Mizoram Assembly election 2018

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/delhi
Title: New Delhi

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/mumbai
Title: Mumbai

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/f-pedia
Title: F. Pedia

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/exclusives
Title: FP Exclusives

Search URL Search Domain Scan URL

URL: http://www.in.com/
Title: In.com

Search URL Search Domain Scan URL

URL: http://www.moneycontrol.com/
Title: Moneycontrol

Search URL Search Domain Scan URL

URL: http://www.burrp.com/
Title: Burrp

Search URL Search Domain Scan URL

URL: https://www.topperlearning.com/
Title: TopperLearning

Search URL Search Domain Scan URL

URL: https://www.topperlearning.com/doubts-solutions/all-questions/
Title: Clear Study Doubts

Search URL Search Domain Scan URL

URL: http://overdrive.in/
Title: Overdrive

Search URL Search Domain Scan URL

URL: http://www.ibnlokmat.tv/
Title: IBN Live

Search URL Search Domain Scan URL

URL: http://www.news18.com/
Title: News18

Search URL Search Domain Scan URL

URL: http://www.topperlearning.com/learn/sample-papers?ps1
Title: Sample Papers Online

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/category/business/biztech
Title: Business Technology News

Search URL Search Domain Scan URL

URL: http://mtv.in.com/
Title: MTV India

Search URL Search Domain Scan URL

URL: http://www.homeshop18.com/
Title: Online Shopping in India

Search URL Search Domain Scan URL

URL: http://www.caprep18.com/
Title: CAprep18

Search URL Search Domain Scan URL

URL: http://www.topperlearning.com/franchisee
Title: E-Learning Franchise Opportunity

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/firstpost/xfJh
Title: RSS Feeds

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/firstpost/id445829858?mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.firstpost
Title: Android

Search URL Search Domain Scan URL

URL: https://www.facebook.com/firstpostin

Search URL Search Domain Scan URL

URL: https://twitter.com/firstpost

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Firstpost/posts

Search URL Search Domain Scan URL

URL: https://www.instagram.com/firstpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Firstpostin

Search URL Search Domain Scan URL

URL: http://www.network18online.com/

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.firstpost.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 97

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=694587912&t=pageview&_s=1&dl=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ul=en-us&de=UTF-8&dt=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1041183106&gjid=147801054&cid=639183350.1545537593&tid=UA-22956444-1&_gid=1375811041.1545537593&_r=1&cd3=%7B%22_w18g%22%3A%22undefined%22%2C%22sections%22%3A%22%22%2C%22language%22%3A%22english%22%2C%22tags%22%3A%22%22%2C%22data%22%3A%7B%22post_type%22%3A%22news%22%2C%22attributes%22%3A%5B%7B%22c0%22%3Anull%7D%2C%7B%22c0%22%3A%22news%20and%20media%22%7D%5D%2C%22autono%22%3A%22%22%2C%22object_type%22%3A%22news%20and%20media%22%7D%7D&z=676787626 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=694587912&t=pageview&_s=1&dl=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ul=en-us&de=UTF-8&dt=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1041183106&gjid=147801054&cid=639183350.1545537593&tid=UA-22956444-1&_gid=1375811041.1545537593&_r=1&cd3=%7B%22_w18g%22%3A%22undefined%22%2C%22sections%22%3A%22%22%2C%22language%22%3A%22english%22%2C%22tags%22%3A%22%22%2C%22data%22%3A%7B%22post_type%22%3A%22news%22%2C%22attributes%22%3A%5B%7B%22c0%22%3Anull%7D%2C%7B%22c0%22%3A%22news%20and%20media%22%7D%5D%2C%22autono%22%3A%22%22%2C%22object_type%22%3A%22news%20and%20media%22%7D%7D&z=676787626 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_gid=1375811041.1545537593&gjid=147801054&_v=j72&z=676787626 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626&slf_rd=1&random=3480548934

Request Chain 100

http://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=false&queue-enable=false HTTP 301
https://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=false&queue-enable=false

Request Chain 107

http://b.scorecardresearch.com/b?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c9=

Request Chain 117

http://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js

Request Chain 134

https://bcp.crwdcntrl.net/map/c=9380/tp=MGID/tpid=ibmR3m0lbQXj HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=9380/tp=MGID/tpid=ibmR3m0lbQXj

Request Chain 135

https://x.bidswitch.net/sync?dsp_id=303&user_id=ibmR3m0lbQXj HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=ibmR3m0lbQXj HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6d53094-789d-48aa-9f7d-850f744349ce

Request Chain 195

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=600&slotname=3311225591&adk=639928695&adf=1174745090&w=160&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597236&bpp=31&bdt=73&fdt=248&idt=246&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=2&ga_vid=1565053792.1545537598&ga_sid=1545537598&ga_hid=1271409229&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=133&ady=5518&biw=1585&bih=1200&isw=160&ish=600&ifk=3667377003&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.i73d0zlh8by2&fsb=1&dtd=276 HTTP 302
https://rtbpassback.andbeyond.media/firstpost_160x600.html

Request Chain 264

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=600&slotname=3311225591&adk=639928695&adf=1174745089&w=160&lmt=1545537602&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&dt=1545537602244&bpp=15&bdt=87&fdt=17&idt=9&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=682258814.1545537602&ga_sid=1545537602&ga_hid=995334&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=133&ady=5518&biw=1585&bih=1200&isw=160&ish=600&ifk=3667377003&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.xq04aix3tz01&fsb=1&dtd=28 HTTP 302
https://rtbpassback.andbeyond.media/firstpost_160x600.html

Request Chain 310

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 315

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1 HTTP 302
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

Request Chain 318

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1 HTTP 302
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

Request Chain 323

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1 HTTP 302
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

Request Chain 325

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1 HTTP 302
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

306 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.regaindermayouth.icu/ 264 KB
56 KB 9795ms
9788ms Document
text/html 2606:4700:30::6812:24ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:24ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: ffe2a39ee406e67dbd1f6b38a596ec014b2a264aba61263fe0153c82c2d7c299

Request headers

Host: www.regaindermayouth.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da91e3edd43b68d8189bd6cc0af3bf04e1545537582; expires=Mon, 23-Dec-19 03:59:42 GMT; path=/; domain=.regaindermayouth.icu; HttpOnly
X-Powered-By: PHP/5.3.3
Server: cloudflare
CF-RAY: 48d7eac1a2c2231e-FRA
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
www.firstpost.com/assets/css/ 400 KB
93 KB 93ms
23ms Stylesheet
text/css 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/assets/css/bootstrap.min.css?v=86.43

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-246-186.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b8dc4893306657c6c50cc8731657ea66ea6e22321fc5af558d9ad42c6a4034ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 15 Oct 2018 11:05:07 GMT
server: Apache
access-control-allow-origin: http://fpvodhls-vh.akamaihd.net/
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 94920
x-xss-protection: 1; mode=block

GET
H2 200 progressive-image.min.css
www.firstpost.com/assets/css/ 498 B
552 B 85ms
18ms Stylesheet
text/css 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/assets/css/progressive-image.min.css?v=0.1

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-246-186.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ffba61112f707c482eafbe013b15b7f6bc0002a4bb0ed4dea3f66d2910cf6356

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 22 Nov 2018 12:42:29 GMT
server: Apache
access-control-allow-origin: http://fpvodhls-vh.akamaihd.net/
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 293
x-xss-protection: 1; mode=block
nncoection: close

GET
H2 200 jquery.min.js Show response
images.firstpost.com/wp-content/uploads/assets/js/ 84 KB
30 KB 396ms
14ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.min.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:51:34 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4590261e9-14e9b-5464591b2728f"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=7522360
accept-ranges: bytes
content-length: 29923
nncoection: close
expires: Wed, 20 Mar 2019 05:32:32 GMT

GET
H2 200 owl.carousel.css
images.firstpost.com/wp-content/uploads/assets/css/ 2 KB
761 B 390ms
8ms Stylesheet
text/css 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/css/owl.carousel.css
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:48:32 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4590612c5-60b-5464586d446cb"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
cneonction: close
accept-ranges: bytes
content-length: 536
expires: Tue, 22 Jan 2019 03:59:52 GMT

GET
H2 200 owl.carousel.min.js Show response
images.firstpost.com/wp-content/uploads/assets/js/ 23 KB
7 KB 391ms
9ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/js/owl.carousel.min.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:47:34 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "459017493-5d80-5464583653ed1"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=7522369
cneonction: close
accept-ranges: bytes
content-length: 6492
expires: Wed, 20 Mar 2019 05:32:41 GMT

GET
H2 200 bootstrap.min.js Show response
images.firstpost.com/wp-content/uploads/assets/js/ 36 KB
10 KB 392ms
10ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/js/bootstrap.min.js?v=5.3
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:47:34 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "459017494-90bb-54645836581d1"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=18075395
cneonction: close
accept-ranges: bytes
content-length: 9837
expires: Sat, 20 Jul 2019 08:56:27 GMT

GET
H2 200 jquery.history.js Show response
images.firstpost.com/wp-content/uploads/assets/js/ 22 KB
7 KB 12ms
10ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.history.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:47:34 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "458feee7e-5990-546458365e020"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=7522357
cneonction: close
accept-ranges: bytes
content-length: 6764
expires: Wed, 20 Mar 2019 05:32:29 GMT

GET
H2 200 app.min.js Show response
www.firstpost.com/assets/js/ 29 KB
6 KB 89ms
22ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/assets/js/app.min.js?v=18

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-246-186.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eccf7d6940b5cb331b0053776285757d5c83414c29456a7c149d5bf552794cec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Thu, 13 Dec 2018 08:03:45 GMT
server: Apache
access-control-allow-origin: https://firstpost_event-lh.akamaihd.net/
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 6318
x-xss-protection: 1; mode=block
nncoection: close

GET
H/1.1 200
OK xmKBQHduOqzQ Show response
cdn.onthe.io/io.js/ 133 KB
39 KB 1074ms
15ms Script
text/javascript 165.227.149.5
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.227.149.5 New York, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0d791014179be44a73638a18eb890fb6b876fadf2046fd05284453b02898071f

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 13:17:10 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5bcf1f56-215fe"
Transfer-Encoding: chunked
X-Hostname: cdn-eu-11
Content-Type: text/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Sun, 23 Dec 2018 17:00:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "29 / 988 of 1000 / last-modified: 1544734874"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9687
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H/1.1 200
OK prod-global-322856.js Show response
rtbcdn.andbeyond.media/ 105 KB
12 KB 1464ms
355ms Script
text/javascript 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-322856.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3a92201d2e1d73130981d5d6ad924c6254fdeb1ff811ba6a9d078d6d70a33d36

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Dec 2018 07:17:03 GMT
ETag: "1545463023"
X-HW: 1545537593.dop004.pa1.t,1545537593.cds034.pa1.shn,1545537593.dop004.pa1.t,1545537594.cds029.pa1.pr
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 11507

GET
H2 200 script_catch.js Show response
s.in.com/common/ 7 KB
2 KB 384ms
7ms Script
application/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.in.com/common/script_catch.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a33c599a8235f79261fdfd1183db1eebcc588f2d3328d3780fdb6c8a0b0087f

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:53 GMT
content-encoding: gzip
last-modified: Thu, 27 Sep 2018 09:50:02 GMT
etag: "5baca7ca-1d17"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2279

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
24 KB 21ms
16ms Script
application/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLJQLND

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

709a21b1701de4d52bc17e348a89774fe61167e691860e494c2f0872bf18e60b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24858
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 favicon.ico
www.firstpost.com/assets/images/ 0
410 B 25ms
24ms Other
image/vnd.microsoft.icon 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstpost.com/assets/images/favicon.ico
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Purpose: prefetch
Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 06:57:27 GMT
server: Apache
access-control-allow-origin: http://fpvodhls-vh.akamaihd.net/
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/vnd.microsoft.icon
status: 200
cneonction: close
accept-ranges: bytes
content-length: 188

GET
H2 200 all.js Show response
api.dmcdn.net/ 27 KB
9 KB 85ms
20ms Script
application/x-javascript 178.79.251.129
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.251.129 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-251-129.lcy.llnw.net
Software: DMS/1.0.42 /
Resource Hash: f926110fb4f29edf2d7929e75935325efb2339cc51952828b730c644c92785bf

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Thu, 20 Sep 2018 10:48:47 GMT
server: DMS/1.0.42
age: 2919810
etag: "5ba37b0f-6d98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200, s-maxage=3600
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9279
expires: Mon, 19 Nov 2018 09:56:22 GMT

GET
H2 200 20181219050007_IRNSS-1E-waits-in-the-clean-room-before-fueling-with-propellant_ISRO1.jpg
images.firstpost.com/fpimages/380x285/fixed/jpg/flip_quote/ 22 KB
22 KB 24ms
19ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/380x285/fixed/jpg/flip_quote/20181219050007_IRNSS-1E-waits-in-the-clean-room-before-fueling-with-propellant_ISRO1.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5041861fe06669f24e8e1ad9fd906e9c9ed1bfbac180d005db0593dea73fc047

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31194166
cneonction: close
content-length: 22488
expires: Thu, 19 Dec 2019 05:02:38 GMT

GET
H/1.1 200
OK fp-logo_new.png
static.firstpost.com/assets/images/ 6 KB
7 KB 410ms
6ms Image
image/png 2a02:26f0:64:490::3393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.firstpost.com/assets/images/fp-logo_new.png

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:64:490::3393 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

e50d0198016698890f3a7e45280a8dcca274e8da47141d0286f66abafa79b97b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Last-Modified: Tue, 18 Dec 2018 14:56:21 GMT
Server: Apache
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://firstpost_event-lh.akamaihd.net/
Cache-Control: max-age=31148309
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6427
X-XSS-Protection: 1; mode=block
nnCoection: close
Expires: Wed, 18 Dec 2019 16:18:22 GMT

GET
H2 200 honeywell.png
images.firstpost.com/wp-content/uploads/assets/images/ 4 KB
4 KB 24ms
20ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/assets/images/honeywell.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4a39ab2722dbaa4e79e48315d8308025acea3c65c0b45584fa82bc89f9722681

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Tue, 10 Oct 2017 13:25:12 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4c83d82ab-f17-55b313caa60a2"
content-type: image/png
status: 200
cache-control: max-age=24115317
accept-ranges: bytes
content-length: 3863
nncoection: close
expires: Sat, 28 Sep 2019 06:41:49 GMT

GET
H2 200 f-logo-v1.png
images.firstpost.com/wp-content/uploads/ 368 B
574 B 25ms
20ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/f-logo-v1.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92b1cfa6d55fe65d297ac238545c8f78a24e5090eca9938392c306dd454bc21c

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Fri, 07 Apr 2017 06:58:05 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "481039790-170-54c8e25bf2f99"
content-type: image/png
status: 200
cache-control: max-age=7522448
cneonction: close
accept-ranges: bytes
content-length: 368
expires: Wed, 20 Mar 2019 05:34:00 GMT

GET
H2 200 placeholder-thumb.jpg
images.firstpost.com/wp-content/uploads/ 3 KB
3 KB 24ms
20ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/placeholder-thumb.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4a9d29fc276a01a9ddfdff4afb9f99d8a022ff90e8633b3548bc2f07ee2d1209

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Fri, 24 Mar 2017 09:44:59 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "479f891b1-d27-54b76d8d21bc1"
content-type: image/jpeg
status: 200
cache-control: max-age=7522491
accept-ranges: bytes
content-length: 3367
nncoection: close
expires: Wed, 20 Mar 2019 05:34:43 GMT

GET
H2 200 BRKING940_201812222039_940x355.png
images.firstpost.com/fpimages/940x355/fixed/jpg/2018/12/ 26 KB
26 KB 8ms
7ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/940x355/fixed/jpg/2018/12/BRKING940_201812222039_940x355.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 51d53c4e0cfdba0f11b25e4403a7aca311d14e877a427c12d52857a113cd6ef4

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31489941
cneonction: close
content-length: 26723
expires: Sun, 22 Dec 2019 15:12:13 GMT

GET
H2 200 HD-Kumaraswamy-oath_AP.jpg
images.firstpost.com/fpimages/347x260/fixed/jpg/2018/09/ 17 KB
17 KB 9ms
8ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/347x260/fixed/jpg/2018/09/HD-Kumaraswamy-oath_AP.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6f60dcc2a85fdb0d3bb23baa2233dc8d2e6af38af44e56086f1ccff057051ea9

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31489907
cneonction: close
content-length: 17339
expires: Sun, 22 Dec 2019 15:11:39 GMT

GET
H2 200 stories-arrow-nw.png
images.firstpost.com/wp-content/uploads/ 215 B
420 B 9ms
9ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/stories-arrow-nw.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: daae65b52740311ef6e5e7491126ec9c5bed1fd01400fb3079eaff8b59785414

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 05:00:58 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa73e022-d7-579e3c5493680"
content-type: image/png
status: 200
cache-control: max-age=27526748
accept-ranges: bytes
content-length: 215
nncoection: close
expires: Wed, 06 Nov 2019 18:19:00 GMT

GET
H2 200 Arun-jaitley-reuters-3801.jpg
images.firstpost.com/fpimages/347x260/fixed/jpg/2018/09/ 12 KB
12 KB 10ms
9ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/347x260/fixed/jpg/2018/09/Arun-jaitley-reuters-3801.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8d2e85b5c7e6918834a65bfdaaa385513f5c5aaea1be1bf52d41ced5dafc6982

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31479523
cneonction: close
content-length: 12506
expires: Sun, 22 Dec 2019 12:18:35 GMT

GET
H2 200 indonesia-380.jpg
images.firstpost.com/fpimages/347x260/fixed/jpg/2018/12/ 19 KB
19 KB 10ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/347x260/fixed/jpg/2018/12/indonesia-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 914da50e78b7ed8ad41f8bbc2374c5e36d01698202d3554ddadbf32f3804c975

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31531613
cneonction: close
content-length: 19683
expires: Mon, 23 Dec 2019 02:46:45 GMT

GET
H2 200 1545475332_Untitled%20design%20(3).jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/large_file_plugin/2018/12/ 1 KB
1 KB 7ms
6ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/large_file_plugin/2018/12/1545475332_Untitled%20design%20(3).jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 658251ae34cbe86d6ea730324c78f36a6d1b584f77a0d8d179e6f2c25022ab30

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31474243
cneonction: close
content-length: 1085
expires: Sun, 22 Dec 2019 10:50:35 GMT

GET
H2 200 naseeruddin-shah-380-solaris.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/ 917 B
1 KB 10ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/naseeruddin-shah-380-solaris.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7d6d9810f0208a60b5d648bb3ddee1eb8ac71fa8d506abee46f7aecc82ac82d8

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31479658
content-length: 917
nncoection: close
expires: Sun, 22 Dec 2019 12:20:50 GMT

GET
H2 200 Nambi-PTI-380.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/ 1014 B
1 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/Nambi-PTI-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f5d6b20eb01cb49957ffbdde242cf9532bf1b2c787fc6ff380cdcf40f123a77e

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31449941
cneonction: close
content-length: 1014
expires: Sun, 22 Dec 2019 04:05:33 GMT

GET
H2 200 1545219394_LOVETITLE.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/large_file_plugin/2018/12/ 894 B
1 KB 11ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/large_file_plugin/2018/12/1545219394_LOVETITLE.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fe919a585bdda536c28f7fdd42fedc63b2ea24e82b679d11dac7cb8ba1237af6

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31450109
content-length: 894
nncoection: close
expires: Sun, 22 Dec 2019 04:08:21 GMT

GET
H2 200 Real-Madrid-380.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/ 1 KB
1 KB 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/Real-Madrid-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a27b0b4227791b0de37776dcec7abe151ae9a1b65c08df5a75e8a0c6d624e0c2

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31534079
cneonction: close
content-length: 1112
expires: Mon, 23 Dec 2019 03:27:51 GMT

GET
H2 200 amit-shah-380-PTI2.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/09/ 1 KB
1 KB 10ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/09/amit-shah-380-PTI2.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e5311271015ad7bba21211eeecb0de501644ea956918a77d83725a74d51812c0

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31487763
cneonction: close
content-length: 1097
expires: Sun, 22 Dec 2019 14:35:55 GMT

GET
H2 200 CPEC_sept04.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/09/ 966 B
1 KB 10ms
9ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/09/CPEC_sept04.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e75f91e319b81e9218e91c7ea4a5a27978b9e61ebc433ca5f389f4910878e2e5

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31479041
content-length: 966
nncoection: close
expires: Sun, 22 Dec 2019 12:10:33 GMT

GET
H2 200 Samsung-Galaxy-S10-first-render-1024.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/ 944 B
1 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/12/Samsung-Galaxy-S10-first-render-1024.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 275ffc094889f5e0cd0f3dc455f6dddbf670103e8d5cc750bcef5b4171ef26df

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31478777
content-length: 944
nncoection: close
expires: Sun, 22 Dec 2019 12:06:09 GMT

GET
H2 200 yashwant-sinha_380_PTI.jpg
images.firstpost.com/fpimages/33x24/fixed/jpg/2018/08/ 1022 B
1 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x24/fixed/jpg/2018/08/yashwant-sinha_380_PTI.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 68a071e7e29e0c40e8a133fa95dfbaa4740ad4be701ac6d9590c763f2880737c

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31448312
cneonction: close
content-length: 1022
expires: Sun, 22 Dec 2019 03:38:24 GMT

GET
H2 200 first-cricket-nw.png
images.firstpost.com/wp-content/uploads/ 2 KB
3 KB 11ms
10ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/first-cricket-nw.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3bd2be13e71269b9ceef6bc34f03d8264f4dfa860500f3602172f97413b514a5

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 05:00:56 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa77a162-9e0-579e3c52ab200"
content-type: image/png
status: 200
cache-control: max-age=27533878
accept-ranges: bytes
content-length: 2528
nncoection: close
expires: Wed, 06 Nov 2019 20:17:50 GMT

GET
H2 200 325.png
images.firstpost.com/wp-content/uploads/ 152 B
358 B 11ms
11ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/325.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b8856a6e25798cf5870649774bc6c343555a3404b4b78274c3d613f91515295b

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Thu, 10 Aug 2017 14:22:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4b665a97a-98-55666ee8cde46"
content-type: image/png
status: 200
cache-control: max-age=26061877
accept-ranges: bytes
content-length: 152
nncoection: close
expires: Sun, 20 Oct 2019 19:24:29 GMT

GET
H2 200 WV-Raman-380.jpg
images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/ 2 KB
2 KB 11ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/WV-Raman-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1a4592775270d38f8466d0e1f19251680683cd8d22681c1d7c99bb1b327e7a49

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31454380
cneonction: close
content-length: 2330
expires: Sun, 22 Dec 2019 05:19:32 GMT

GET
H2 200 Rasikh_opt.jpg
images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/ 3 KB
3 KB 10ms
9ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/Rasikh_opt.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e1db638893a609c398be0ec576b56ecefc919385a57cf04224e434e10d1205c9

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31467043
cneonction: close
content-length: 2841
expires: Sun, 22 Dec 2019 08:50:35 GMT

GET
H2 200 Ranji-twitter.jpg
images.firstpost.com/fpimages/100x56/fixed/jpg/2016/12/ 2 KB
2 KB 10ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/100x56/fixed/jpg/2016/12/Ranji-twitter.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f944dfb8bd6a22329a584ca12cf0db366833435ffbe78df7b93966ef326cda4c

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31500641
cneonction: close
content-length: 1629
expires: Sun, 22 Dec 2019 18:10:33 GMT

GET
H2 200 Windies-380.jpg
images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/ 2 KB
3 KB 10ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/100x56/fixed/jpg/2018/12/Windies-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 680f7dbd39ba32723efc8c093280c20a4353f1e112887e9a490d4eb688332725

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31493573
cneonction: close
content-length: 2417
expires: Sun, 22 Dec 2019 16:12:45 GMT

GET
H2 200 KWID.jpg
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/11/ 1 KB
1 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/11/KWID.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9932017b954e96f5f0f11a5a576b6d95db94e5ac274fbc234c479bf043be5461

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28888983
cneonction: close
content-length: 1080
expires: Fri, 22 Nov 2019 12:42:55 GMT

GET
H2 200 dd-1.jpg
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/ 1 KB
1 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/dd-1.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 04ed98ed493517eb75f5d2d08d3eda9c79d730b166e6caf2e084eb7cfee33f9d

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28876374
cneonction: close
content-length: 1107
expires: Fri, 22 Nov 2019 09:12:46 GMT

GET
H2 200 Siddharth-Purohit-research-analyst-at-SMC-Global-securities_3801.jpg
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/ 1 KB
1 KB 11ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/Siddharth-Purohit-research-analyst-at-SMC-Global-securities_3801.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 222c73d22f661542a5a5df398fd80ff3cad7b94914b755f0bdccf312648fd4db

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28876397
cneonction: close
content-length: 1072
expires: Fri, 22 Nov 2019 09:13:09 GMT

GET
H2 200 KL_Corruption.jpg
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/ 1 KB
1 KB 11ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/KL_Corruption.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7fa06d686678c192219b50b29c5c57287aea3b79fd350f2d00273c9689311da1

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28876400
cneonction: close
content-length: 1198
expires: Fri, 22 Nov 2019 09:13:12 GMT

GET
H2 200 KLWomanFarmer.jpg
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/ 991 B
1 KB 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/KLWomanFarmer.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0e1a21924859f681bc1f0e3507d3145d20ee2475da119482449de4dc76fae31

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28876417
content-length: 991
nncoection: close
expires: Fri, 22 Nov 2019 09:13:29 GMT

GET
H2 200 Panasonic-2.png
images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/ 1 KB
1 KB 12ms
12ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/34x25/fixed/jpg/2018/10/Panasonic-2.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 81f03625cb281a43b7ece63cf10a20130fd8a900ca0e7656dd3558abdfe1987c

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=28876378
cneonction: close
content-length: 1069
expires: Fri, 22 Nov 2019 09:12:50 GMT

GET
H2 200 owl.carousel.css
images.firstpost.com/wp-content/uploads/assets/css/ 0
761 B 9ms
8ms Other
text/css 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstpost.com/wp-content/uploads/assets/css/owl.carousel.css
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2017 07:48:32 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4590612c5-60b-5464586d446cb"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
cneonction: close
accept-ranges: bytes
content-length: 536
expires: Tue, 22 Jan 2019 03:59:52 GMT

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 15ms
14ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.regaindermayouth.icu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 IMG_9470.jpeg
images.firstpost.com/fpimages/705x435/fixed/jpg/2018/12/ 51 KB
51 KB 13ms
13ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/705x435/fixed/jpg/2018/12/IMG_9470.jpeg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ee53b1c17d2902119cf707d1a14fddb13805e24353fa9102dd1940f9b323e64b

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31039590
cneonction: close
content-length: 51805
expires: Tue, 17 Dec 2019 10:06:22 GMT

GET
H2 200 ambani-21.jpeg
images.firstpost.com/fpimages/33x20/fixed/jpg/2018/12/ 970 B
1 KB 13ms
13ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x20/fixed/jpg/2018/12/ambani-21.jpeg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2bce4618690d20ff646f66bf97e2295f8966c083b5f64e5ca12861cc5d725882

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31039605
content-length: 970
nncoection: close
expires: Tue, 17 Dec 2019 10:06:37 GMT

GET
H2 200 1544704280_Emily%20Mortimer,%20Emily%20Blunt%20and%20Meryl%20Streep.jpg
images.firstpost.com/fpimages/33x20/fixed/jpg/large_file_plugin/2018/12/ 1016 B
1 KB 14ms
13ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/33x20/fixed/jpg/large_file_plugin/2018/12/1544704280_Emily%20Mortimer,%20Emily%20Blunt%20and%20Meryl%20Streep.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d407da668d2f2aca11779ad67639cd6e3c2d07475756b77972748aade2efba4d

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=30804781
cneonction: close
content-length: 1016
expires: Sat, 14 Dec 2019 16:52:53 GMT

GET
H2 200 Naveen-Patnaik_380_Twitter-at-Naveen_Odisha.jpg
images.firstpost.com/fpimages/24x18/fixed/jpg/2018/09/ 901 B
1 KB 14ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/24x18/fixed/jpg/2018/09/Naveen-Patnaik_380_Twitter-at-Naveen_Odisha.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 28c0ce211712ae60b4d50fdcf22fef0b107613cf6fba8c7342dee96be2550300

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31475464
content-length: 901
nncoection: close
expires: Sun, 22 Dec 2019 11:10:56 GMT

GET
H2 200 christian-michel-PTI.jpg
images.firstpost.com/fpimages/24x18/fixed/jpg/2018/12/ 918 B
1 KB 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/24x18/fixed/jpg/2018/12/christian-michel-PTI.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b73f2fb579f540979991fb3e4deccbbfb863d0efece26d9588f05aab0c9f4f06

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31185136
content-length: 918
nncoection: close
expires: Thu, 19 Dec 2019 02:32:08 GMT

GET
H2 200 ganga-dussehra_PTI.jpg
images.firstpost.com/fpimages/24x18/fixed/jpg/2018/07/ 897 B
1 KB 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/24x18/fixed/jpg/2018/07/ganga-dussehra_PTI.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e4e48e3a96b1cb107fd1002fdf7f8ad2de1a04362c4eb0e8eac5fa17263414fd

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31472928
content-length: 897
nncoection: close
expires: Sun, 22 Dec 2019 10:28:40 GMT

GET
H2 200 tata-tigor-evs-for-pune-1280.jpg
images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/ 789 B
940 B 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/tata-tigor-evs-for-pune-1280.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30aead956f040326d9051f425fb6e96f96bd7f7510fd1089afd3fc67af1ecf9f

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31309093
content-length: 789
nncoection: close
expires: Fri, 20 Dec 2019 12:58:05 GMT

GET
H2 200 Kings_opt.jpg
images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/ 771 B
922 B 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/Kings_opt.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 85dd8231c991457c75240ed96bd3afb3f39909123e003eb67c18f9d35d5547f3

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31309166
content-length: 771
nncoection: close
expires: Fri, 20 Dec 2019 12:59:18 GMT

GET
H2 200 Paul-Emma-Who-Cares-380.jpg
images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/ 804 B
955 B 12ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/Paul-Emma-Who-Cares-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 069f3af320b0caad468a4a26af0fa4a0c4175168a153bb3332ea74ae3ccc4c53

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31309114
content-length: 804
nncoection: close
expires: Fri, 20 Dec 2019 12:58:26 GMT

GET
H2 200 catch-22-380.jpg
images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/ 756 B
907 B 10ms
9ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/13x10/fixed/jpg/2018/12/catch-22-380.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a2fcc35ff3eeffa7b4753d4fe1f478b9bf3bd76e52a1c8010c01659a668d1d01

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31309096
content-length: 756
nncoection: close
expires: Fri, 20 Dec 2019 12:58:08 GMT

GET
H2 200 RamVilasPaswan_PTI.jpg
images.firstpost.com/fpimages/13x10/fixed/jpg/2017/07/ 770 B
921 B 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/13x10/fixed/jpg/2017/07/RamVilasPaswan_PTI.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c271f2fc09df9e6d1cd7dbd2fcebbe1652e576c4eca689868ced1c2b3d2835df

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31309096
content-length: 770
nncoection: close
expires: Fri, 20 Dec 2019 12:58:08 GMT

GET
H2 200 whatsapp_firstpost.png
images.firstpost.com/wp-content/uploads/ 8 KB
8 KB 9ms
9ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/whatsapp_firstpost.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8ff432d8c4418a2de29aa6b9cf3ccf79752cccc95a0a9b8c313896e628dfa79d

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 09:52:58 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa73df57-1fae-579e7d98f3280"
content-type: image/png
status: 200
cache-control: max-age=27553934
cneonction: close
accept-ranges: bytes
content-length: 8110
expires: Thu, 07 Nov 2019 01:52:06 GMT

GET
H/1.1 200
OK 300X70_selfmade.jpg
images.firstpost.com/wp-content/uploads/ 14 KB
14 KB 44ms
6ms Image
image/jpeg 2a02:26f0:64:490::3393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.firstpost.com/wp-content/uploads/300X70_selfmade.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2a02:26f0:64:490::3393 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e1cd0cb5e0ca68c29cdfb0cf76e941435519454b8b78ece2a600d1de2e28403a

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:52 GMT
Last-Modified: Thu, 20 Dec 2018 06:02:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "4fb23bc18-37da-57d6de0eba480"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31309269
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14298
nnCoection: close
Expires: Fri, 20 Dec 2019 13:01:01 GMT

GET
H/1.1 200
OK bidexchange.js Show response
contextual.media.net/ 296 KB
91 KB 778ms
488ms Script
text/javascript 23.62.140.165
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://contextual.media.net/bidexchange.js?cid=8CULMRSPO&dn=www.regaindermayouth.icu&version=4.1
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 23.62.140.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fd58a15adfc5ffe110bd74d2e2e75ae2117b0c316ca5074af4f3d43c995cbda3

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
X-MNET-H: E
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Sun, 23 Dec 2018 04:29:53 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 2733
date: Sun, 23 Dec 2018 03:14:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sun, 23 Dec 2018 05:14:19 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 268ms
7ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Mon, 24 Dec 2018 03:59:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: LtNxBh0TsQgWqMASNaR2Mqqh+U8KRSh/KUSoYt/1Hco4lfdAH1rUHtBMlgV2YtKhq4QbNpu4VKkPfOw1XeHSTw==
date: Sun, 23 Dec 2018 03:59:52 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK adpushup.js Show response
cdn.adpushup.com/33030/ 562 KB
188 KB 85ms
7ms Script
application/x-javascript 205.234.175.175
CacheNetworks

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.adpushup.com/33030/adpushup.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1952e32e4644cb5dfddaf0d13deee83ede891dc7ebdde89e4514db455ae3a2f8

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:52 GMT
Content-Encoding: gzip
X-CF3: H
CF4ttl: 31536000.000
X-CF1: 28371:fD.fra2:cf:cacheN.fra2-01:H
Connection: keep-alive
Content-Length: 192374
x-cf-tsc: 1545137517
X-CF2: H
Last-Modified: Tue, 18 Dec 2018 12:48:50 GMT
Server: CFS 0215
X-CFF: B
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-CFHash: "6ba8356e5b5d2cf2577e5fdb23c8884a"
CF4Age: 7
Accept-Ranges: bytes

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
780 B 144ms
144ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=555648445967329&correlator=2905787475277670&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=1039154%2CFirstPost%2CFirstPost_HP%2CFirstPost_HP_300x250_1%2CFirstPost_HP_300x250_2%2CFirstPost_HP_300x600%2CFirstpost_HP_395x150_Native%2CFirstpost_HP_253x283_Native%2CFirstPost_HP_past_share_worthy_268x85%2CFirstPost_HP_FlipQuote_300x100_Right%2CFirstpost_ImpressionTracker%2CFirstpost_ImpressionTracker_Honeywell_Widget_1x1&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F10%2F11&prev_iu_szs=300x250%2C300x250%2C300x600%2C395x150%2C253x283%2C268x85%2C300x100%2C1x1&cookie_enabled=1&bc=7&abxe=1&lmt=1545537592&dt=1545537592674&dlt=1545537592137&idt=473&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C0&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C0&adks=3707596964%2C3579645699%2C1314498127%2C664927414%2C3089892958%2C3199619600%2C2046739266%2C368693833&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=30&icsg=2688&std=0&csl=102&vis=1&scr_x=0&scr_y=0&psz=0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C78x18&msz=0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C1x-1&ga_vid=639183350.1545537593&ga_sid=1545537593&ga_hid=694587912&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

2f45fc8257200dad30a1421d4a2ce979581653cd4245ce8ee1cc399a21278942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 520
x-xss-protection: 1; mode=block
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
22 KB 15ms
14ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fad39d26466ddc86e071c35351dbfd1766b777436543997b535dc329e44f6fd

Request headers

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 534 B
512 B 90ms
90ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

0b546dcba4896615b50f256aa1957b4c50e833ce6513612cd2a0bb0bfba0c282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 334
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66591fe9b8ead4d38217a5a04197a2da944595a439a59cc76a6b9efe49161358

Request headers

Response headers

Content-Type: image/png

GET
H2 200 fp_cricket_ind_aus.jpg
images.firstpost.com/wp-content/uploads/ 23 KB
23 KB 7ms
7ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/fp_cricket_ind_aus.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 47807fd6eb5c4c62bc3c3f75cf1ed1b9ed450422bc07e490a301865cae947776

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Tue, 20 Nov 2018 13:28:14 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4face047c-5a24-57b189b085780"
content-type: image/jpeg
status: 200
cache-control: max-age=28722097
accept-ranges: bytes
content-length: 23076
nncoection: close
expires: Wed, 20 Nov 2019 14:21:29 GMT

GET
H2 200 Marsh%20590.jpg
images.firstpost.com/fpimages/578x400/fixed/jpg/fcricket/2018/12/ 22 KB
22 KB 8ms
8ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/578x400/fixed/jpg/fcricket/2018/12/Marsh%20590.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c1f323d5b51033bb04b2f941c91315a14d6da4df31ce63cee8be9f1a47b3b69

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31500200
cneonction: close
content-length: 22646
expires: Sun, 22 Dec 2019 18:03:12 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af58e3a4b8cac9dedee6f967439e624d40691dd57d21c31c77f1730efe6abb4b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c279d8cff790a40fd545718c4fd548be7db2df1fd4a99c72f8b3acfb3c6f67dd

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8ce7190c7f1e84d45c8a7209652219ebc99b0ba21f7891bced7cca2e5ad80da

Request headers

Response headers

Content-Type: image/png

GET
H2 200 comscore.min.js Show response
www.firstpost.com/assets/js/ 156 KB
43 KB 11ms
9ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/assets/js/comscore.min.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-246-186.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 11 Oct 2018 11:36:58 GMT
server: Apache
access-control-allow-origin: http://fpvodhls-vh.akamaihd.net/
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 43501
x-xss-protection: 1; mode=block
nncoection: close

GET
H2 200 300X100_slug.jpg
images.firstpost.com/wp-content/uploads/adaniHub/ 35 KB
35 KB 13ms
12ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/adaniHub/300X100_slug.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 329c0f50c0e5307aa6980a048dd2e6df3739371ae68c514173e7bd26a9d9ba36

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 12 Nov 2018 13:18:16 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4faa726c9-8a85-57a7788a89600"
content-type: image/jpeg
status: 200
cache-control: max-age=28198430
accept-ranges: bytes
content-length: 35461
nncoection: close
expires: Thu, 14 Nov 2019 12:53:42 GMT

GET
H2 200 metoo_300x100.png
images.firstpost.com/wp-content/uploads/ 5 KB
6 KB 14ms
13ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/metoo_300x100.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 729397f72c05143c9121ab3f19c2ad5f19b109a0c5d35dcdcfc2c30356c7264a

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Thu, 01 Nov 2018 08:14:54 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa53abf2-15d7-57996037afb80"
content-type: image/png
status: 200
cache-control: max-age=27553934
cneonction: close
accept-ranges: bytes
content-length: 5591
expires: Thu, 07 Nov 2019 01:52:06 GMT

GET
H2 200 300X100_Slug-banner.jpg
images.firstpost.com/wp-content/uploads/hockey/ 38 KB
38 KB 16ms
15ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/hockey/300X100_Slug-banner.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 75e02594bf953bbf22ae74cfe0bb3c5e7eda1da6f8b0f32176dc923f39d8c14f

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Fri, 07 Dec 2018 17:52:36 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fb0e435b-970a-57c7247c8a100"
content-type: image/jpeg
status: 200
cache-control: max-age=30256081
accept-ranges: bytes
content-length: 38666
nncoection: close
expires: Sun, 08 Dec 2019 08:27:53 GMT

GET
H2 200 Laureus_300X100.jpg
images.firstpost.com/wp-content/uploads/assets/images/laureus/ 17 KB
17 KB 15ms
14ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/assets/images/laureus/Laureus_300X100.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5af6d3ec9de5b91bb64788bd67d80d4706b8decd9e0a11f197a1446a38385353

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 26 Nov 2018 10:47:54 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=29232754
accept-ranges: bytes
content-length: 16964
nncoection: close
expires: Tue, 26 Nov 2019 12:12:26 GMT

GET
H2 200 firstculture-nw.jpg
images.firstpost.com/wp-content/uploads/ 8 KB
8 KB 11ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/firstculture-nw.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fecc322c8afd0aaf76f11360771a1b3beb446dacf3fee9a192d70386e84c52ad

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 05:00:56 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa68fdc1-1fad-579e3c52ab200"
content-type: image/jpeg
status: 200
cache-control: max-age=27526589
cneonction: close
accept-ranges: bytes
content-length: 8109
expires: Wed, 06 Nov 2019 18:16:21 GMT

GET
H2 200 300x100_9moths.jpg
images.firstpost.com/wp-content/uploads/ 16 KB
17 KB 12ms
12ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/300x100_9moths.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a2d5a947afa702d0a0815bf756a662e524d58c7cd45f5e899c938a5c82c36141

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Wed, 04 Jul 2018 07:39:25 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4f6b7c99b-4197-5702787a89301"
content-type: image/jpeg
status: 200
cache-control: max-age=24145375
accept-ranges: bytes
content-length: 16791
nncoection: close
expires: Sat, 28 Sep 2019 15:02:47 GMT

GET
H2 200 long-reads.png
images.firstpost.com/wp-content/uploads/ 17 KB
17 KB 10ms
9ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/long-reads.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c48eddcc6b823f44d51d4f927e51b7e464c2be7f581720c98fb044931fb19d43

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 07:59:50 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa7c9f37-42d5-579e644f68980"
content-type: image/png
status: 200
cache-control: max-age=27547043
accept-ranges: bytes
content-length: 17109
nncoection: close
expires: Wed, 06 Nov 2019 23:57:15 GMT

GET
H2 200 1545471481_kofeebahubalifeature22122018.jpg
images.firstpost.com/fpimages/268x201/fixed/jpg/large_file_plugin/2018/12/ 11 KB
11 KB 11ms
9ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/268x201/fixed/jpg/large_file_plugin/2018/12/1545471481_kofeebahubalifeature22122018.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 768631f889b0e2cc4c15f360b8e352a4ca2fe3aae90bf6c78c4f146acaa9c0d0

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31472264
cneonction: close
content-length: 11341
expires: Sun, 22 Dec 2019 10:17:36 GMT

GET
H2 200 ElonMusk_Reuters_NEW.jpg
images.firstpost.com/fpimages/80x60/fixed/jpg/2013/07/ 2 KB
2 KB 11ms
10ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/80x60/fixed/jpg/2013/07/ElonMusk_Reuters_NEW.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7af6bb3419ce27ed692a90a0b9354c734bb5340df26fdf34a0510aaa6728482e

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31471981
cneonction: close
content-length: 1928
expires: Sun, 22 Dec 2019 10:12:53 GMT

GET
H2 200 1545454917_nrtfeat.png
images.firstpost.com/fpimages/80x60/fixed/jpg/large_file_plugin/2018/12/ 2 KB
2 KB 13ms
11ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/80x60/fixed/jpg/large_file_plugin/2018/12/1545454917_nrtfeat.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ef0365af224bc84b9dda9c4b2d2f99977f2dc125333e40a4dbc1b7102c8136d4

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31455419
cneonction: close
content-length: 1806
expires: Sun, 22 Dec 2019 05:36:51 GMT

GET
H2 200 hobbsshawfeat.jpg
images.firstpost.com/fpimages/80x60/fixed/jpg/2018/12/ 2 KB
2 KB 13ms
12ms Image
image/jpeg 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/fpimages/80x60/fixed/jpg/2018/12/hobbsshawfeat.jpg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92286822ac52a7cbb4ab65a34f62d343323ba0b536204d00ccbffb2752964295

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=31467379
cneonction: close
content-length: 2403
expires: Sun, 22 Dec 2019 08:56:11 GMT

GET
H2 200 482038382136514 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/482038382136514?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d9115c87af3ce4bd7fca09b7b56f5e755c0f2b1e97cd52f456a43b2a2f0940d6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44257
x-xss-protection: 0
pragma: public
x-fb-debug: CErI79+2BHHYIGk4dGVns2aRD/kxidjVb28lB41BPEknOUnObTiNcDdIq867T9tnSARgwT7EIDcQ2aKikkki8Q==
date: Sun, 23 Dec 2018 03:59:52 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK fp-logo-footer.png
static.firstpost.com/assets/images/ 3 KB
3 KB 171ms
6ms Image
image/png 2a02:26f0:64:490::3393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.firstpost.com/assets/images/fp-logo-footer.png

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:64:490::3393 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

3c51e530d7bd1973ddd934be3ff0ebf293e009e392445574088f507f99967616

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Last-Modified: Tue, 18 Dec 2018 14:24:43 GMT
Server: Apache
ETag: "80a3a-a95-57d4ca8991508"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: https://firstpost_event-lh.akamaihd.net/
Cache-Control: max-age=31148924
Cneonction: close
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2709
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Dec 2019 16:28:37 GMT

GET
H2 200 eighteen-nw.png
images.firstpost.com/wp-content/uploads/ 426 B
633 B 11ms
10ms Image
image/png 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.firstpost.com/wp-content/uploads/eighteen-nw.png
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-246-186.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19e7854d2815868c8813f72f8e8b772673029e6f21b84f0f5a25bb42b226bc42

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Mon, 05 Nov 2018 05:00:56 GMT
server: Apache/2.2.15 (CentOS)
access-control-allow-origin: *
etag: "4fa68fdc0-1aa-579e3c52ab200"
content-type: image/png
status: 200
cache-control: max-age=27498664
cneonction: close
accept-ranges: bytes
content-length: 426
expires: Wed, 06 Nov 2019 10:30:56 GMT

GET
H2 200 progressive-image.min.js Show response
www.firstpost.com/assets/js/ 1 KB
920 B 10ms
9ms Script
text/javascript 104.111.246.186
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstpost.com/assets/js/progressive-image.min.js?v=1.0

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.246.186 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-246-186.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3147ef6868a5ee7ebfec56adf48720dabcde46377a9da1a9acd768728b308038

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 22 Nov 2018 12:42:26 GMT
server: Apache
access-control-allow-origin: http://fpvodhls-vh.akamaihd.net/
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 656
x-xss-protection: 1; mode=block
nncoection: close

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
10 KB 47ms
15ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

HTTP/1.1

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9569188893343377890
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 9196
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3b2252b563865cbbe3e6d6e3f597e43a1f3be0e000d566831f99bf8cef1ffc9

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1b73e33a02861709b2f76f67fdec234c7dd55ce4c15382e87905cbd17c36c8

Request headers

Response headers

Content-Type: image/png

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=694587912&t=pageview&_s=1&dl=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ul=en-us&de=UTF-8&dt=LIVE%20updates%2C%20Latest%20headlines%2C%20Breakin...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=694587912&t=pageview&_s=1&dl=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ul=en-us&de=UTF-8&dt=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaki...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_gid=1375811041.1545537593&gjid=147801054&_v=j72&z=676787626
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626&slf_rd=1&random=3480548934

42 B
109 B

16ms
15ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626&slf_rd=1&random=3480548934

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22956444-1&cid=639183350.1545537593&jid=1041183106&_v=j72&z=676787626&slf_rd=1&random=3480548934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK firstpost.com.284677.js Show response
jsc.mgid.com/f/i/ Frame CE61 121 KB
39 KB 65ms
16ms Script
text/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 85c164f0f9f2a9aef8e7fd6d695c6818701122a25b8ad4a349f78569a10c018a

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-ID: cec-up-a10
Date: Sun, 23 Dec 2018 03:59:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Dec 2018 14:17:19 GMT
Server: nginx
x-amz-request-id: 263FD738FC785B8E
ETag: W/"199e58130c43482277386a576c24d021"
Transfer-Encoding: chunked
X-Cached-Since: 2018-12-22T14:38:49+00:00
Content-Type: text/javascript
Cache-Control: max-age=3600
Cache: STALE
Connection: keep-alive
x-amz-id-2: NQhWd1OslW8yXqbN1hD/rTlM5F4YQUIQDcP5l2eL+qzAwKwGWUVHSxUcE1uHhBiRJU0x4IBuNVA=
Expires: Sun, 23 Dec 2018 04:59:52 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 482584ec2960073367fb8311f3111ea7f1e6f4ea5d2aa606a30cf0d710c55be9

Request headers

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

Cookie set x6yjidz
www.dailymotion.com/embed/video/ Frame B2E6
Redirect Chain

http://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=fal...
https://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=fa...

0
0

1201ms
150ms

Document
text/html

195.8.215.136
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=false&queue-enable=false

Requested by

Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

www.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2678400; includeSubDomains

Request headers

Host: www.dailymotion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate, br
Cookie: ts=518169; v1st=E6A64743CABEEB5AE72E3650F818CC9B
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server: DMS/1.0.42
X-DM-BackNode: web-301.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL,Accept-Encoding
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Strict-Transport-Security: max-age=2678400; includeSubDomains
Date: Sun, 23 Dec 2018 03:59:54 GMT
Keep-Alive: timeout=60, max=4999
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-10
X-DM-BackNode-Response-Time: 134
Connection: Keep-Alive
Set-Cookie: dmvk=5c1f083ad19a3; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
X-Dm-Page: de.embed.embed_player
Content-Length: 18291

Redirect headers

Server: DMS/1.0.42
X-DM-BackNode: web-430.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL
Content-Type: text/html; charset=UTF-8
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Date: Sun, 23 Dec 2018 03:59:53 GMT
Location: https://www.dailymotion.com/embed/video/x6yjidz?api=postMessage&apiKey=7a9249b0df1895007b72&autoplay=true&id=dm_5696121&mute=true&origin=http%3A%2F%2Fwww.regaindermayouth.icu&queue-autoplay-next=false&queue-enable=false
Keep-Alive: timeout=60, max=5000
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-10
X-DM-BackNode-Response-Time: 153
Connection: Keep-Alive
Set-Cookie: ts=518169; expires=Wed, 22 Jan 2020 03:59:52 GMT; Max-Age=34128000; path=/; domain=.dailymotion.com v1st=E6A64743CABEEB5AE72E3650F818CC9B; expires=Wed, 22 Jan 2020 03:59:52 GMT; max-age=34128000; path=/; domain=.dailymotion.com
X-Protected-By: Sqreen
Content-Length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=482038382136514&ev=PageView&dl=http%3A%2F%2Fwww.regaindermayouth.icu%2F&rl=&if=false&ts=1545537592970&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545537592969.1235760566&it=1545537592843&coo=false
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
567 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e1bab2547887807822643e9a7b59191ac50c58b65fd2956aa745473c3735415f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 23 Dec 2018 03:59:52 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 23 Dec 2018 03:59:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Response headers

Content-Type: image/gif

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4brkiY8.woff2
fonts.gstatic.com/s/frankruhllibre/v3/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v3/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4brkiY8.woff2

Requested by

Host: jsc.mgid.com
URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d694f98bb4193102e99942c64b79990a1e6790f0512c0851e65cad6520249166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700
Origin: http://www.regaindermayouth.icu

Response headers

date: Thu, 20 Dec 2018 07:02:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 21:49:57 GMT
server: sffe
age: 248265
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12392
x-xss-protection: 1; mode=block
expires: Fri, 20 Dec 2019 07:02:08 GMT

GET
H2 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhKWLDw4.woff2
fonts.gstatic.com/s/frankruhllibre/v3/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v3/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhKWLDw4.woff2

Requested by

Host: jsc.mgid.com
URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f60072530632d08084ac45f4868be9585fa27f52bcb57bf639f61081b04d6a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre:400,700
Origin: http://www.regaindermayouth.icu

Response headers

date: Thu, 20 Dec 2018 18:25:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 21:52:14 GMT
server: sffe
age: 207269
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12452
x-xss-protection: 1; mode=block
expires: Fri, 20 Dec 2019 18:25:24 GMT

GET
H2 200 1 Show response
servicer.mgid.com/284677/ 2 KB
1 KB 416ms
135ms Script
application/x-javascript 64.58.116.132
Servers.com

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/284677/1?w=1060&h=1044&cols=1&pv=5&cbuster=1545537593059579029511&uniqId=1826e&ref=&lu=http%3A%2F%2Fwww.regaindermayouth.icu%2F&pageView=1&pvid=167d9381ee3887e7a4b&implVersion=10
Requested by: Host: jsc.mgid.com
URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 64.58.116.132 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 96da4a1458f0f41103e9d67957dca0e35e842da8d4b9592f2ce644afe00fbe61

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:53 GMT
content-encoding: gzip
server: nginx/1.13.10
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
content-type: application/x-javascript; charset=utf-8

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%2...
http://b.scorecardresearch.com/b2?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%...

0
248 B

8ms
7ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c9=
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=2&c2=6683813&ns__t=1545537593060&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c9=
Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043201315/ 2 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043201315/?random=1545537593062&cv=9&fst=1545537593062&num=1&label=vQUcCJHdmwMQo_q38QM&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tiba=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ccce4bf2373c3f57522d0e80f637eeef678d7b4be43b9f46399fa095403473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1045
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found weather Show response
www.regaindermayouth.icu/ 279 B
508 B 118ms
118ms XHR
text/html 2606:4700:30::6812:24ae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.regaindermayouth.icu/weather
Requested by: Host: images.firstpost.com
URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:24ae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d980788aa36689159991ebeb1a33ec0f9c7fb2f1eba368b850b3701dc731ca24

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.regaindermayouth.icu/
X-Requested-With: XMLHttpRequest
Cookie: __cfduid=da91e3edd43b68d8189bd6cc0af3bf04e1545537582; _ga=GA1.2.639183350.1545537593; _gid=GA1.2.1375811041.1545537593; _gat=1; __gads=ID=f91dbc31012cc163:T=1545537592:S=ALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw; _fbp=fb.1.1545537592969.1235760566; interstitial=1; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22VETJ0pESV%22%7D%2C%22C284677%22%3A%7B%22page%22%3A1%2C%22time%22%3A1545537592994%7D%7D
Connection: keep-alive
Cache-Control: no-cache
Accept: */*
Referer: http://www.regaindermayouth.icu/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 48d7eb04b6df231e-FRA

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "29 / 283 of 1000 / last-modified: 1544734874"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 9687
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:53 GMT

GET
H/1.1 200 feedback
e3.adpushup.com/ApexWebService/ 13 B
311 B 76ms
23ms Image
application/json 23.97.225.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://e3.adpushup.com/ApexWebService/feedback?ts=1545537593119&eventType=3&mode=3&referrer=&packetId=00008106-c2d0c785-08e4-42f7-8900-aec420fcae74&siteId=33030&pageGroup=undefined&platform=DESKTOP&url=http://www.regaindermayouth.icu/&isGeniee=false
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:52 GMT
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
Content-Length: 13
Expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043201315/ 42 B
111 B 21ms
21ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043201315/?random=1545537593062&cv=9&fst=1545534000000&num=1&label=vQUcCJHdmwMQo_q38QM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tiba=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2882149947&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043201315/ 42 B
109 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043201315/?random=1545537593062&cv=9&fst=1545534000000&num=1&label=vQUcCJHdmwMQo_q38QM&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tiba=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2882149947&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: images.firstpost.com
URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Thu, 20 Dec 2018 22:05:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 194092
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15556
x-xss-protection: 1; mode=block
expires: Fri, 20 Dec 2019 22:05:01 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: images.firstpost.com
URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Thu, 20 Dec 2018 09:55:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 237842
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16224
x-xss-protection: 1; mode=block
expires: Fri, 20 Dec 2019 09:55:51 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame D43C 0
0 9ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2305
pragma: no-cache
cache-control: no-cache
origin: http://www.regaindermayouth.icu
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: fr=0heGTSiGx2ieadGhx..BcHwg4...1.0.BcHwg4.
Origin: http://www.regaindermayouth.icu
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: http://www.regaindermayouth.icu
access-control-allow-credentials: true
content-length: 0
server: proxygen-bolt
date: Sun, 23 Dec 2018 03:59:53 GMT

GET
H2

200

fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js

29 KB
10 KB

15ms
14ms

Script
application/javascript

2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2878e261f4608effb59d39ee9e01dd3ea7c16c7ff60b470ee8032009c8994099

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:53 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 11 Oct 2018 16:45:51 GMT
server: cloudflare
etag: W/"5bbf7e3f-7255"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 13 Dec 2019 03:59:53 GMT
cache-control: public, max-age=30672000
cf-ray: 48d7eb078d079816-FRA
served-in-seconds: 0.003

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.0.3/fingerprint2.min.js
Non-Authoritative-Reason: HSTS

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
2 KB 101ms
24ms Image
image/svg+xml 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Sun, 23 Dec 2018 03:59:53 GMT
last-modified: Thu, 03 May 2018 06:36:10 GMT
server: nginx
access-control-allow-origin: *
etag: "5aeaadda-6fc"
x-cached-since: 2018-12-22T13:06:46+00:00
content-type: image/svg+xml
status: 200
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 1788
expires: Wed, 17 Oct 2018 13:05:39 GMT

GET
H2 200 2623363_492x328.jpg
imgg-cdn.mgid.com/2623/ 32 KB
33 KB 88ms
13ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgg-cdn.mgid.com/2623/2623363_492x328.jpg?t=1519821503
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d6d3144dbd018bc31d124d1114e79bb1997806839632d24c7726abcbed4f52e2

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Sun, 23 Dec 2018 03:59:53 GMT
last-modified: Sat, 15 Dec 2018 11:16:27 GMT
server: nginx
access-control-allow-origin: *, *
x-cached-since: 2018-12-15T13:19:30+00:00
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
content-length: 33144
expires: Mon, 14 Jan 2019 13:19:30 GMT

GET
H2 200 2928804_492x328.jpg
imgg-cdn.mgid.com/2928/ 27 KB
28 KB 100ms
24ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgg-cdn.mgid.com/2928/2928804_492x328.jpg?t=1535660147
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 299b81aa166c9ac47ad81624038bfa1bf74e88b91445fa9ca86d3a87f817a9b9

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Sun, 23 Dec 2018 03:59:53 GMT
last-modified: Sat, 24 Nov 2018 10:45:52 GMT
server: nginx
access-control-allow-origin: *, *
x-cached-since: 2018-11-24T14:30:59+00:00
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
content-length: 28026
expires: Mon, 24 Dec 2018 14:30:59 GMT

GET
H2 200 2777618_492x328.jpg
imgg-cdn.mgid.com/2777/ 29 KB
29 KB 100ms
24ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgg-cdn.mgid.com/2777/2777618_492x328.jpg?t=1528142726
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Austria, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 2058482ec17fec2b0588251bbff98f8e2cbab5a73d57f7a15e864c8779a3319d

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Sun, 23 Dec 2018 03:59:53 GMT
last-modified: Fri, 14 Dec 2018 11:44:43 GMT
server: nginx
access-control-allow-origin: *, *
x-cached-since: 2018-12-15T19:01:10+00:00
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
content-length: 29596
expires: Mon, 14 Jan 2019 19:01:10 GMT

GET
H/1.1 204
No Content b
b.scorecardresearch.com/ 0
248 B 7ms
7ms Image
text/plain 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1545537593521&ns_c=UTF-8&cv=3.1&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c9=
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2.16.186.51 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aax.js Show response
c.aaxads.com/ 249 KB
86 KB 504ms
461ms Script
text/javascript 23.45.98.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://c.aaxads.com/aax.js?&pub=AAX457PML&hst=www.regaindermayouth.icu&ver=1.2
Requested by: Host: contextual.media.net
URL: http://contextual.media.net/bidexchange.js?cid=8CULMRSPO&dn=www.regaindermayouth.icu&version=4.1
Protocol: HTTP/1.1
Server: 23.45.98.199 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 747dae3b736051e32475c15bbc1e3d44f94d109bd292fc23d2a8f3bd11b18804

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
X-MNET-H: E
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Sun, 23 Dec 2018 04:29:54 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
515 B 355ms
32ms Script
text/html 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=23&holding=3f5df4ee2a71d4c70fd9540495c58d61&hash_user=70c110d35.264db1b18_1545537593734
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:54 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 417 B
500 B 396ms
130ms Script
application/javascript 64.58.116.134
Servers.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1545537593777493421889&fp=d1ca20ca953bac91a926a91711f826c1&uuid=33ed4627-0667-11e9-a23d-246e96c2aeb2&tcid=284677&muidn=ibmR3m0lbQXj&muid=&fptime=223
Requested by: Host: jsc.mgid.com
URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 64.58.116.134 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: b67eb461e1a9e3cc15a15660277b419b19289970b91a536b20b496d8ecefa938

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:54 GMT
content-encoding: gzip
server: nginx/1.13.10
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 10DA 19 B
262 B 389ms
129ms Script
application/javascript 64.58.116.134
Servers.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1545537593783434748317
Requested by: Host: jsc.mgid.com
URL: http://jsc.mgid.com/f/i/firstpost.com.284677.js?t=11811233
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 64.58.116.134 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:54 GMT
content-encoding: gzip
server: nginx/1.13.10
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate

GET
H2 200 t.js Show response
inapi.posst.co/ 51 B
275 B 959ms
242ms Script
text/html 2a00:1450:4001:821::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://inapi.posst.co/t.js?url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&referrer=&_w18Id=&_w18kw=&_jsondata=%7B%22microsite%22%3A%22own%22%2C%22sections%22%3A%22%22%2C%22tags%22%3A%22%22%2C%22language%22%3A%22english%22%2C%22autono%22%3A%22%22%7D&_w18hn=FP&_w18title=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&
Requested by: Host: s.in.com
URL: https://s.in.com/common/script_catch.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: gunicorn/19.7.1 /
Resource Hash: de7ca01cd808b08bb2f018284fc59ee6e8f3f8f9052691bef4d190141278b90d

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 23 Dec 2018 03:59:54 GMT
content-encoding: gzip
server: gunicorn/19.7.1
via: 1.1 google
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 ng.js Show response
inapi.posst.co/getUserInterestr/ 0
44 B 961ms
246ms Script
text/html 2a00:1450:4001:821::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://inapi.posst.co/getUserInterestr/ng.js?uid=&p=FP
Requested by: Host: s.in.com
URL: https://s.in.com/common/script_catch.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:821::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: gunicorn/19.7.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sun, 23 Dec 2018 03:59:54 GMT
via: 1.1 google
server: gunicorn/19.7.1
content-length: 0
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK prebid-fp-1.31.0.js Show response
rtbpassback.andbeyond.media/ 147 KB
46 KB 346ms
17ms Script
text/javascript 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-322856.js
Protocol: HTTP/1.1
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: d2c87979258ab36dbc9d8171237132a6061e3fddeb7efbcf315ae4da59fd8416

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Dec 2018 07:56:05 GMT
Server: AmazonS3
x-amz-request-id: F5770500607B581E
ETag: "f9e99589add19cf77f0129cc296ff41e"
X-HW: 1545537594.dop005.pa1.t,1545537594.cds033.pa1.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31204607
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 46760
x-amz-id-2: mjj1/NKBeCZMpwZXh4/5aCrqHUWJEwg1Z6yHxS3u+KKQQ2BbB3FSZXhIFlteSEg/0ChmiFP61GQ=

GET
H/1.1 200
OK detect.html
aaxdetect.com/ Frame 95A5 0
0 210ms
181ms Document
text/html 23.45.107.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://aaxdetect.com/detect.html?&pub=AAX457PML&svr=2018122112_530&gdpr=1&gdprconsent=0&dn=http%3A%2F%2Fwww.regaindermayouth.icu
Requested by: Host: c.aaxads.com
URL: http://c.aaxads.com/aax.js?&pub=AAX457PML&hst=www.regaindermayouth.icu&ver=1.2
Protocol: HTTP/1.1
Server: 23.45.107.135 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-107-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: aaxdetect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Server: Apache
Content-Type: text/html; charset=utf-8
X-MNET-H: E
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Sun, 23 Dec 2018 04:29:54 GMT
Date: Sun, 23 Dec 2018 03:59:54 GMT
Content-Length: 13477
Connection: keep-alive

GET
H/1.1 200
OK query Show response
usa.cloud.netacuity.com/webservice/ 713 B
559 B 896ms
174ms XHR
application/json 54.69.212.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://usa.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: images.firstpost.com
URL: https://images.firstpost.com/wp-content/uploads/assets/js/jquery.min.js
Protocol: HTTP/1.1
Server: 54.69.212.202 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-212-202.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 5372270d08befb84def08e77cedf5eafb141409dcf787fb6a23ee11ebca1603f

Request headers

Accept: */*
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:54 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 306

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
272 B 538ms
130ms Image
image/gif 64.58.116.144
Servers.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=ibmR3m0lbQXj
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.58.116.144 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 23 Dec 2018 03:59:54 GMT
cache-control: max-age=0, no-store, no-cache, must-revalidate
server: nginx/1.13.10
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif

GET
H2 200 /
cm.marketgid.com/setmuidn/ 0
274 B 918ms
51ms Image
image/gif 88.212.201.79
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.marketgid.com/setmuidn/?muidf=ibmR3m0lbQXj
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 88.212.201.79 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: 79-201-212-88.host.exepto.ru
Software: nginx/1.13.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 23 Dec 2018 03:59:55 GMT
cache-control: max-age=0, no-store, no-cache, must-revalidate
server: nginx/1.13.10
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif

GET
H/1.1

200
OK

tpid=ibmR3m0lbQXj
bcp.crwdcntrl.net/map/ct=y/c=9380/tp=MGID/
Redirect Chain

https://bcp.crwdcntrl.net/map/c=9380/tp=MGID/tpid=ibmR3m0lbQXj
https://bcp.crwdcntrl.net/map/ct=y/c=9380/tp=MGID/tpid=ibmR3m0lbQXj

49 B
908 B

36ms
35ms

Image
image/gif

52.16.68.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=9380/tp=MGID/tpid=ibmR3m0lbQXj
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.68.29 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-16-68-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:55 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.29.143
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:55 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/map/ct=y/c=9380/tp=MGID/tpid=ibmR3m0lbQXj
Cache-Control: no-cache
X-Server: 10.26.6.88
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=ibmR3m0lbQXj
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=ibmR3m0lbQXj
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6d53094-789d-48aa-9f7d-850f744349ce

43 B
610 B

83ms
17ms

Image
image/gif

185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6d53094-789d-48aa-9f7d-850f744349ce
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:55 GMT
Cache-Control: no-cache, no-store
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type: image/gif
Content-Length: 43
Expires: -1

Redirect headers

Date: Sun, 23 Dec 2018 03:59:55 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6d53094-789d-48aa-9f7d-850f744349ce
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 33ms
32ms Script
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=29325:uniques_holding&s=0af833a13f1cbc54e30c57eb405f3b20&_v=1&__io=70c110d35.264db1b18_1545537593734&1545537594236
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:54 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK log
l.aaxads.com/ 35 B
319 B 44ms
6ms Image
image/gif 23.45.98.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://l.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&slg=8PR6YK195&lwbsh=AAX&gq=regaindermayouth.icu&flg=AAX457PML&vyu=2018122112_530&vhuyqdph=c8-web-18&jgsu=1&fvha=0&fvvwu=&xjg=4&ylg=00001545537594433031188907523767&yvlg=&vg=1&jwg=100&lqlg=0&jig=&ff=DE&vf=HE&fw=FRANKFURT&dewh=CONTROL&dgeg=0&dps=0&yhuvlrq=1.2&vE=true&fruv=true&glvE=false&lfh=0&yz=1585&yk=1200&skw=7093&fo=&__rk=1&dss=0&deg=2&ghqg=343&glhqg=341&glvwduw=238&gvwduw=6&uhtxuo=http%3A%2F%2Fwww.regaindermayouth.icu%2F&nzui=&hsxuo=
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 23.45.98.199 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-199.deploy.static.akamaitechnologies.com
Software: Apache Tomcat /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:54 GMT
Server: Apache Tomcat
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 23 Dec 2018 03:59:54 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 32ms
32ms Script
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=41630:pageviews_instant[depth:1,url:%2F,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%2067,user_type:new,returned:new,domain:www.regaindermayouth.icu,cdn_version:41,user_agent:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/67.0.3396.87%20Safari/537.36]&/?k[]=41630:visits_instantly[depth:1,url:%2F,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%2067,user_type:new,returned:new,domain:www.regaindermayouth.icu,cdn_version:41,user_agent:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/67.0.3396.87%20Safari/537.36]&/?k[]=41630:uniques_instantly[url:%2F,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%2067,user_type:new,returned:new,domain:www.regaindermayouth.icu,cdn_version:41,user_agent:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/67.0.3396.87%20Safari/537.36]&s=0af833a13f1cbc54e30c57eb405f3b20&__io=70c110d35.264db1b18_1545537593734&1545537594737
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:54 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 32ms
32ms Script
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=41630:pageviews_info[url:%2F,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%2067,user_type:new,returned:new,domain:www.regaindermayouth.icu,cdn_version:41,user_agent:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/67.0.3396.87%20Safari/537.36,page:LIVE%20updates%2344%3B%20Latest%20headlines%2344%3B%20Breaking%20news%2344%3B%20Top%20stories%2344%3B%20Trending%20topics%20-%20Firstpost,reference_time:undefined]&s=0af833a13f1cbc54e30c57eb405f3b20&1545537596616
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:56 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 66ms
65ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7d5885a4db174caaacddddf12f42454613e5c02c9fbd221100617188049dd589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1801
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244832752
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK arj Show response
rtbdemand-d.openx.net/w/1.0/ 172 B
748 B 3108ms
57ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://rtbdemand-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.regaindermayouth.icu%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=8914c75e-d8b5-4001-a2d3-63abc6746acb%2C8914c75e-d8b5-4001-a2d3-63abc6746acb&nocache=1545537597092&aus=300x250%7C300x250&divIds=andbeyond3009%2Candbeyond3009&auid=539852510%2C539852510&
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 01542e4715dc8773238b9fd57341ae4d5f538b57bdbc0183b650ba4549a83fce

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:00 GMT
Content-Encoding: gzip
Server: OXGW/16.117.2
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 4852ms
18ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=8914c75e-d8b5-4001-a2d3-63abc6746acb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.6001896550698542
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 938c5220e0c78b0efcf44573ca745ab326047c86d17c3f7e0525d8880791a2f5

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:01 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 4871ms
19ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=8914c75e-d8b5-4001-a2d3-63abc6746acb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.24012745117946688
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8f7f1da2088c4f6b7d271abe9794686ba77ad697ca84a919908ed5c48484e000

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:01 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 58ms
19ms XHR
application/json 185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

2139ef060b420e228f9d01da469e262fc0ce69ceb382254be9c6f00adc42eb84

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:59 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.9:80
AN-X-Request-Uuid: 2dfb5116-ccea-4a65-82dc-3a2cd9ed222c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 77ms
19ms XHR
application/json 185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

7245642e4ea32e45c8d9eb45de8a3d057536ec5305ff708e7faa38f43af0a0f9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:59 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 31f239dd-301a-4616-a609-3fd0bfa7d7b3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cygnus
as.casalemedia.com/ 0
0

POST prebid
prebid.media.net/rtb/ 0
0

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
218 B 4980ms
22ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Date: Sun, 23 Dec 2018 04:00:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 70ms
69ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

23e507ecedce73a566c51cbacb95fdf550bcfa8e2f01d5c45c7cc7f1cc2a564d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1801
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244625888
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 4862ms
17ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1043504&size_id=9&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=c2a02f0f-cefc-4e85-9569-fd20efc05de0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.9993470841438699
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: e9147f4bc885af4e9872b79f54e4190760f70b2983d4f6175921f7cf94d37dc8

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:01 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 4879ms
17ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1043504&size_id=9&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=c2a02f0f-cefc-4e85-9569-fd20efc05de0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.8090491489080576
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f604eb0e9faf6e74fe462d791e38a4c49849a2c083f57332afebab29f288aa97

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:01 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 72ms
20ms XHR
application/json 185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.218 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

1b6f4c9f0a413314d1fd9e2d59e3990b5a16f030e2012665db1b81e02a658b8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 03:59:59 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: e45598c0-084b-4138-9871-1399f927ec6c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST prebid
prebid.media.net/rtb/ 0
0

GET cygnus
as.casalemedia.com/ 0
0

GET
H/1.1 200
OK arj Show response
rtbdemand-d.openx.net/w/1.0/ 172 B
748 B 3138ms
60ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://rtbdemand-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.regaindermayouth.icu%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=c2a02f0f-cefc-4e85-9569-fd20efc05de0%2Cc2a02f0f-cefc-4e85-9569-fd20efc05de0&nocache=1545537597122&aus=160x600%7C160x600&divIds=andbeyond1601%2Candbeyond1601&auid=540300555%2C540300555&
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 0bf5e707f12a85ca4d9d73b824208ecaa88167a2e94e621c67134d9137d44f78

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:00 GMT
Content-Encoding: gzip
Server: OXGW/16.117.2
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 81ms
80ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

600df8f151ea5a819b0aedda71241b5ae210ee8d9f6da739b3dc422f8a3a584c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1820
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244832854
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 112ms
111ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

657a505c35720009c0d0ade8ee6c471ac5353b98ad5a6dc3cf7b4feaa21e4339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1848
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244832857
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 40F1 58 KB
22 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 2298027804702551314
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40F1 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
27 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:26:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
Age: 2010
ETag: 10366987592970477111
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 26696
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 04:26:27 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40F1 0
286 B 47ms
45ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufZA7sn87MtxXHRNBOiVh3tKKZZE_kAvTgQhLHKRLZCvJGEhZOlruBctPFrzPWlsoDmz_2DkXrrOQgJRLNOtymAPRId93ne4BdTxF_EGFM3IhRrYJIENyop-s1T9SHvt2dFgtvW9qkVmoLpl4oDw7hjtXouaSFRq8mpvx1zgX3dfaUvvb04YzYeF6r6zPV3LZq4lBbQiQDkHYUu4yCiHwg4CQsmJFy0k2sKOF1QrtS26wRxBmEBdHIgw1AUhYS7laerAvm7FW5XTD-1Aj8Yg&sai=AMfl-YTN-TITs5zK01dft-uZ5aHvLnvzavqht8cxmZRynC1xDSWk-MQuVmujVNCD_KjvR9pQvxel6bvQKvXvpR_ANS1eaN9mY5pQ5UKnllobTw&sig=Cg0ArKJSzJYstLiqM2yLEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AB2D 58 KB
22 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 2298027804702551314
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB2D 73 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB2D 0
264 B 43ms
42ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQUzDy-UVVV365GxZRh2S0rSyntTyYglmVv_n8GVrfk_6J3M3SoVwjACQkOb7v3Eo66AxXb1V-qW1fbxkEq_FmgZHTgkdW1AFpKapM29btiUO_pby5Nymp9VO1BAHrMWnj6rMOo82ENSLr8t6r7z4Wa-VFc0PRNMPhm-LEmsdUa3AJEl1mDlxjbz5rX6yoo-vgDkrHezKtxob4h0kV6sADL0Tmaatb17NmZn9GeWIcSfTfPnhnGlBouuSaL2jAS-2sLp-4QmOQPbIbAdAOpA&sai=AMfl-YT3tUsQUBhO8eIcmo3DqLKynyCn98-bAXEjLFZ6moTbvIeyIrmJ4OIQPY6v9ONojxivhxytkXhZdHXr97BlzCwHA-0Y4k6TT97C0qySBQ&sig=Cg0ArKJSzKBwjR_3-OV3EAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AB2D 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AB2D 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame AB2D 133 B
246 B 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20891
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame AB2D 200 KB
74 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 81BE 200 KB
74 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/ Frame 54F6 0
0 25ms
5ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181205/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkwaY44hFt3bFckpL-RAyGSRAJ7Vdzrm1Py12IDteLB5rSbgCVQFmpUAcKw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 20 Dec 2018 09:48:30 GMT
expires: Thu, 03 Jan 2019 09:48:30 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 238287
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 40F1 109 B
171 B 37ms
13ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 40F1 109 B
171 B 38ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 40F1 133 B
195 B 28ms
4ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20891
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 40F1 200 KB
74 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 8FC0 200 KB
74 KB 38ms
31ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
DATA 200
OK truncated
/ Frame 40F1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 366d2dd623ea9d2b89ba04200ffce429005cacab6818a47035648dcdd5fdf31a

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B941 58 KB
0 21ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 2298027804702551314
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B941 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B941 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame B941 133 B
195 B 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20891
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame B941 200 KB
74 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame B1C7 200 KB
74 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B941 73 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B941 0
65 B 51ms
50ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFqpXFwQFWBajurhxEKmMz5gzeWsHGrDnNpLbxCOSjYHp0BO3szk74-h_HqheruCFSuFvU9LTVdZI-UEVfcIsB2XQlq4aUUndC5HumLrg68ffryXtww1mgKfwTPEtHEecVy9dOv50TbXXOM3GF42bzXroa4kHHvLpdEW39ZZjN0KJj-czYiBNjw0STyjjYQqL2WEfzrBXtUaiEXkbptvLYozURIVHcLeMG5oYlRakx0l9VRXWdjYoA8saCQrBAIcUnvYNoqzcE593utknyU6E&sai=AMfl-YT_qRsT0zqYN20T3-pKEOYj5uQiPWMIA4HQovWkCYhlAG4_QIC5p7dN11misk5Qst5a_fxPm7w6fFsDP6ulepk3BuyNlys5SSO0CpgIUQ&sig=Cg0ArKJSzF7AtMoH3kzgEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 58B2 58 KB
0 21ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 2298027804702551314
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 58B2 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 58B2 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 58B2 133 B
195 B 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20891
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 58B2 200 KB
74 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame C510 200 KB
74 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 210270772847015822
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58B2 73 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58B2 0
65 B 42ms
41ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv5DoKtloOAJNk-3drGR6TSWSD0-HbO4fZsedp8Q9Yosih_i7BUNlH0-pMiUBWwow767U6zAj56L1SkIK7N8uU2IF3GXwvfE4bxUp78XxpWQfFyhTLDQbCUJDrCmF8iW8ImTLw4zXwSojUdAoDGhKMEIpZjQLX_MctzjLVOUAJxX3U-WNbUJ21RdJunzy2Ld_aUw36f27fJevZ3hZwY3DKM1mCYv1U1gUViDlggiYm_ut7l3aPCRDqTkvZwpla40jtSWYhN0S3Fdvbb7IJziQ&sai=AMfl-YR1jUEb94efvsKaOKVGGM3Zi4X-9UzF9F7k6E-de19Vbnrkfo9rbyz1_gPddf7u47gLXjCIN-S9_uFpwoWaHxVqdlNZ7K2IlUopcmzgXIFVSzYkrmNhf60JlDj7&sig=Cg0ArKJSzLtUE8xiQFMJEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame AB2D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4cbcc2444db3b780599d5507cfed1cd978f166fea915a3f58410d483a13b4b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B941 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88ae58d7ae00d4980aafe9f13418a26076ea293ab375cb1926a3ea8c98921b67

Request headers

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

firstpost_160x600.html
rtbpassback.andbeyond.media/ Frame 5AB9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=600&slotname=3311225591&adk=639928695&adf=1174745090&w=160&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3...
https://rtbpassback.andbeyond.media/firstpost_160x600.html

0
0

96ms
18ms

Document
text/html

205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpassback.andbeyond.media/firstpost_160x600.html
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: rtbpassback.andbeyond.media
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=29642463
Content-Encoding: gzip
Content-Length: 208
Content-Type: text/html
Last-Modified: Mon, 03 Sep 2018 05:12:23 GMT
Access-Control-Allow-Origin: *
x-amz-id-2: whMhkoI7usofJ0CJnjuS1yFP1hh1ax6vRWOoG2c0MlPAf0vn5aYljscvQSWqqaGvJ1XrPUr3F+4=
x-amz-request-id: E5D688B9D625F18B
ETag: "24545026abe5fe46f404c6e080ccfd52"
Server: AmazonS3
X-HW: 1545537597.dop004.pa1.t,1545537597.cds021.pa1.shn,1545537597.dop004.pa1.t,1545537597.cds026.pa1.c

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://rtbpassback.andbeyond.media/firstpost_160x600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 03:59:57 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame AB2D 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
DATA 200
OK truncated
/ Frame 58B2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a4a512d303f88981de4842dfa014a3253108389c94da25754376644d93686fa

Request headers

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1F3B 0
0 41ms
40ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745093&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597269&bpp=36&bdt=109&fdt=265&idt=265&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1892533565.1545537598&ga_sid=1545537598&ga_hid=1155865795&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.xhw29wxyq3q1&fsb=1&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745093&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597269&bpp=36&bdt=109&fdt=265&idt=265&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1892533565.1545537598&ga_sid=1545537598&ga_hid=1155865795&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.xhw29wxyq3q1&fsb=1&dtd=275
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkwaY44hFt3bFckpL-RAyGSRAJ7Vdzrm1Py12IDteLB5rSbgCVQFmpUAcKw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 03:59:57 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame 40F1 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C617 0
0 44ms
42ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597363&bpp=27&bdt=198&fdt=208&idt=208&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=842206574.1545537598&ga_sid=1545537598&ga_hid=841345556&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=952&biw=1585&bih=1200&isw=300&ish=250&ifk=2771519801&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.db75fmkuxj0m&fsb=1&dtd=235

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597363&bpp=27&bdt=198&fdt=208&idt=208&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=842206574.1545537598&ga_sid=1545537598&ga_hid=841345556&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=952&biw=1585&bih=1200&isw=300&ish=250&ifk=2771519801&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.db75fmkuxj0m&fsb=1&dtd=235
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkwaY44hFt3bFckpL-RAyGSRAJ7Vdzrm1Py12IDteLB5rSbgCVQFmpUAcKw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 03:59:57 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame 58B2 71 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 961E 0
0 45ms
44ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745091&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597329&bpp=21&bdt=165&fdt=296&idt=296&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1109176318.1545537598&ga_sid=1545537598&ga_hid=1516171782&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=431&biw=1585&bih=1200&isw=300&ish=250&ifk=3033110061&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.pktuhhjfm4tv&fsb=1&dtd=305

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745091&w=300&lmt=1545537597&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1545537597329&bpp=21&bdt=165&fdt=296&idt=296&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=1109176318.1545537598&ga_sid=1545537598&ga_hid=1516171782&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=431&biw=1585&bih=1200&isw=300&ish=250&ifk=3033110061&scr_x=0&scr_y=0&eid=21060853%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.pktuhhjfm4tv&fsb=1&dtd=305
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkwaY44hFt3bFckpL-RAyGSRAJ7Vdzrm1Py12IDteLB5rSbgCVQFmpUAcKw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 03:59:57 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame B941 71 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B941 42 B
122 B 39ms
38ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvup2A2GLeaUJYVrll6iHUK9tNNJkgC6x0MV_q5e0a5G_aZMk6hoF55-7l3FRAZRDOefA9yMcjz5eZySAoiwf0G5Lxpi7EK2BAdUSM&sig=Cg0ArKJSzPHGvLuUXWF3EAE&adk=4220658140&tt=1248&bs=1585%2C1200&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&p=431,1183,681,1483&mcvt=1017&rs=3&ht=0&tfs=244&tls=1261&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1545537597352&rpt=108&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C7093&ss=1600%2C1200&pt=14&deb=1-2-4-14-13-15-53-8&tvt=1249&r=v&id=osdim&uc=9&upc=1&tgt=INS&cl=1&cec=7&clc=1&cac=0&cd=300x250&v=20181207

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 58B2 42 B
122 B 39ms
39ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgesR63V55qNxb2CTp5jse3iro1n0HxsT-WBhjjcVhKT5OQZca-3BPNXjE8qmGTnKM12gj4_xpASxz9gnOxosws_KXmXmAnFDmp0U&sig=Cg0ArKJSzNLVXo2mgUISEAE&adk=1795874516&tt=1451&bs=1585%2C1200&mtos=0,1072,1072,1072,1072&tos=0,1072,0,0,0&p=952,1183,1202,1483&mcvt=1072&rs=3&ht=0&tfs=393&tls=1465&mc=0.99&lte=0.99&bas=0&bac=0&avms=geo&rst=1545537597390&rpt=218&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C7093&ss=1600%2C1200&pt=14&deb=1-2-4-14-15-15-61-10&tvt=1452&r=v&id=osdim&uc=10&upc=1&tgt=INS&cl=1&cec=7&clc=1&cac=0&cd=300x250&v=20181207

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 78ms
78ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=555648445967329&correlator=3621126533347787&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-31&iu_parts=26021628%2C322856-300-250-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&eri=1&cust_params=new%3D0&cookie=ID%3Df91dbc31012cc163%3AT%3D1545537592%3AS%3DALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw&cookie_enabled=1&bc=7&abxe=1&lmt=1545537600&dt=1545537600112&dlt=1545537592137&idt=473&frm=20&biw=1585&bih=1200&oid=3&adxs=1183&adys=952&adks=1795874516&ucis=r&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=77&icsg=45107650560&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=CikI2Myg8hFA0ub0sQF4AegB8PuigIMEgAK8mfcLgAK0mvcLgAKnp7f-UA%2CCikI2Myg8hFA0ub0sQF4AegB4KuWgIMEgAK8mfcLgAK0mvcLgALh_IPlUA%2CCikI2Myg8hFA0ub0sQF4AegB1vyigIMEgAK8mfcLgAK0mvcLgAK_p7f-UA&ga_vid=639183350.1545537593&ga_sid=1545537593&ga_hid=694587912&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b8fd2363a20be278eba41a816e2a408c480684151f1c9cdcf9c7c01d9fa80550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1780
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138253887595
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5A38 28 KB
0 41ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "29 / 988 of 1000 / last-modified: 1544734874"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9687
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5A38 185 KB
0 15ms
14ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 5A38 113 B
175 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.regaindermayouth.icu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5A38 521 B
443 B 35ms
34ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1913015714289538&correlator=3414241985157846&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu=%2F26021628%2F332726_ADK_Firstpost300x250&sz=1x1&eri=2&cookie_enabled=1&bc=7&lmt=1545537600&dt=1545537600213&dlt=1545537600118&idt=87&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adk=570121994&uci=onngr9dw73cu&ifi=1&ifk=2771519801&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ref=http%3A%2F%2Fwww.regaindermayouth.icu%2F&top=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=5&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=1182311897.1545537600&ga_sid=1545537600&ga_hid=1804679710&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d004766e96fbdf5c921edf312e02ddfcd58867f7ed530ba6f24b562bb2bd2fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 350
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5A38 57 KB
22 KB 17ms
15ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 04:00:00 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 5A38 0
0 13ms
7ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A38 73 KB
0 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A38 0
65 B 43ms
41ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8Dmtn9Mwshuhf6blj1dGeaoJ7SyliiHi-CNWdqvZdrtkOq-YOhNpGP52indKLT57953z1H_eGISURD9pA-dEdTyFe7ADaDSMuk9EVsp9VVjoI2U0kfn8Z3ABtNlXHCE7FXAzb1jJsEkuF4npdH1WzOYqG48yYoStadAezgxEgT_O5oBMzuMvDWM3xFg2VfsJ2WaGG2GNMVHN7PBKqGw2M-ZS6jMN7DgnzPo2klc2j7NOX-ITgS2MEgMMV0cnBql5hIXJRz_P_8PGTRCO7cPs&sai=AMfl-YQon5aD_070klvpDjMZCOltSOsSm3hiZwi5iCk_McIIFqi1oXYIAg8kgz-cmRW2qFYO6KFn-nd0GBXh5FZHMcMpWWB2xjCZ0uxiQrqSH8TwIXJAePrmKPWr9vYT&sig=Cg0ArKJSzJxMFa-LkdfQEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 5A38 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a0361d404891399935abd5cf42763edef3d60a0551fdd319b33932e418d3211

Request headers

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 73ms
73ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=555648445967329&correlator=1617456350202198&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-31&iu_parts=26021628%2C322856-300-250-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=2&eri=1&cust_params=new%3D0&cookie=ID%3Df91dbc31012cc163%3AT%3D1545537592%3AS%3DALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw&cookie_enabled=1&bc=7&abxe=1&lmt=1545537601&dt=1545537601128&dlt=1545537592137&idt=473&frm=20&biw=1585&bih=1200&oid=3&adxs=1183&adys=952&adks=1795874516&ucis=t&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=77&icsg=45107650560&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=CikI2Myg8hFA0ub0sQF4AegB8PuigIMEgAK8mfcLgAK0mvcLgAKnp7f-UA%2CCikI2Myg8hFA0ub0sQF4AegB4KuWgIMEgAK8mfcLgAK0mvcLgALh_IPlUA%2CCikI2Myg8hFA0ub0sQF4AegB1vyigIMEgAK8mfcLgAK0mvcLgAK_p7f-UA&ga_vid=639183350.1545537593&ga_sid=1545537593&ga_hid=694587912&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

272cd2423a558287cb305a1b9d7b4703c912db4e172c9ef02d95c1bd3ee3f715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 04:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1757
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138253887595
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D632 28 KB
0 41ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "29 / 988 of 1000 / last-modified: 1544734874"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9687
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D632 185 KB
0 15ms
14ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:52 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame D632 113 B
175 B 18ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.regaindermayouth.icu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D632 521 B
634 B 34ms
33ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3625829333271461&correlator=1658892256616221&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=21061865&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu=%2F26021628%2F332726_ADK_Firstpost300x250&sz=1x1&eri=2&cookie_enabled=1&cdm=www.regaindermayouth.icu&bc=7&lmt=1545537601&dt=1545537601221&dlt=1545537601208&idt=5&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adk=570121994&uci=cilribbgds4b&ifi=1&ifk=2771519801&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&top=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=5&icsg=10&std=0&vis=1&scr_x=0&scr_y=0&ga_vid=168997577.1545537601&ga_sid=1545537601&ga_hid=267291071&fws=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

71a7faee666e6c21829c14f0ca4a1e726b7ec63a14570d7cb9985d70a34d7408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 345
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D632 57 KB
0 17ms
15ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 04:00:00 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame D632 0
0 14ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D632 73 KB
0 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D632 0
285 B 42ms
41ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1JnBWwOxHGiSC7seExXwEotLwpV8jAYbRQqFfrFDaU_gmNIfdFCeboz4CBFlKGbsQx5fbh3O5zlLdjs-4FbVLiJGx5lSfQk5OjuxBrZir77yoMrbOWojDy36tO77Th8hvTbXFzii0CW4yj-uaK4b8klj_-xlag1Wq4rPYGZ2FMoDDt4SVqVv7lq8vCJSc5mGWVriNLgdROrQ2-t7M5vL22ny6hKabErDNthO8PCNtfQAJ-vO6tLRGF9h-_E2C5Q_YqU5vJqtoMcBuOeUG-Y&sai=AMfl-YT1_eTe17v2XhZI3yoA6QzWpbbvwe8G-ZFASooOqakIdBS--SobPh_NP1yvMbQ-I1xdo8Ny_c9JPkgN14wmkOi1s-pLjeXidwyAouRwLA&sig=Cg0ArKJSzMA3PpBCHRcaEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 04:00:01 GMT

GET
DATA 200
OK truncated
/ Frame D632 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 425710c008e94d75865b13d9bc2458df097a51321c22ec15fe5c4d8937769193

Request headers

Response headers

Content-Type: image/png

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 1085ms
22ms XHR
application/json 185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

a8d5971a1d19f4efaabcaa5ad4f207cd2abb4ed3ff4361f07dc8a61005deab71

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:05 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.4:80
AN-X-Request-Uuid: b9d371e5-d863-4ae6-b87a-e1799782e71d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
prebid.media.net/rtb/ 77 B
472 B 1317ms
150ms XHR
application/json 23.62.140.165
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://prebid.media.net/rtb/prebid
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 23.62.140.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9aa4b53efd71cb52ff08999cf19c8427ce32f5f77e2ef527a5bdb82b5d8cc2ec

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:03 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 77
Expires: Sun, 23 Dec 2018 04:00:03 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 1099ms
18ms XHR
application/json 185.33.223.221
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.221 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

8c1129049bece8dafdffe4698cd0c24c11e0bc198b6de0a6a9ad52caf87ebbc3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:05 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.77:80
AN-X-Request-Uuid: ca03730f-1a96-46f3-b5b2-29b6a54bc12e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cygnus
as.casalemedia.com/ 0
0

GET
H/1.1 200
OK arj Show response
rtbdemand-d.openx.net/w/1.0/ 172 B
748 B 1149ms
61ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://rtbdemand-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.regaindermayouth.icu%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=136ff192-7a7a-4d79-9001-51f33d8c35b4%2C136ff192-7a7a-4d79-9001-51f33d8c35b4&nocache=1545537601969&aus=300x250%7C300x250&divIds=andbeyond30010%2Candbeyond30010&auid=539852510%2C539852510&
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 90c11446724b1b65dc2a4a700492bfac43e160499d71662d840252482f45b292

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Server: OXGW/16.117.2
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
774 B 49ms
18ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=136ff192-7a7a-4d79-9001-51f33d8c35b4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.4825133322165116
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9dbc77a83c57c1dfa8bcf91277d0ef1a221b136deb91531cedc4d362c3b2ae54

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
774 B 65ms
18ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=136ff192-7a7a-4d79-9001-51f33d8c35b4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.18610027029036957
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 67ad9445195cd1c0792d7da5a66ca393af2654e7424763295f475031e7a16ade

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
218 B 127ms
21ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Date: Sun, 23 Dec 2018 04:00:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK prebid Show response
prebid.media.net/rtb/ 77 B
472 B 3193ms
147ms XHR
application/json 23.62.140.165
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://prebid.media.net/rtb/prebid
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 23.62.140.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a8857e3b47ebb56969de37dfc5f50920b9d8437ea6902b9d0db00e6831a8b389

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:05 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 77
Expires: Sun, 23 Dec 2018 04:00:05 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 1057ms
19ms XHR
application/json 185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

3436077a009c112254cbcd111a6d92bfd539626aa1e23bf3913280c375bb3aa3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:05 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 1c888e3c-87aa-421e-ae3d-1704af8541b3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK arj Show response
rtbdemand-d.openx.net/w/1.0/ 172 B
748 B 1161ms
57ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://rtbdemand-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.regaindermayouth.icu%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=f00b80f1-5ba4-4ad1-864e-a1f2f42d23aa%2Cf00b80f1-5ba4-4ad1-864e-a1f2f42d23aa&nocache=1545537602005&aus=300x250%7C300x250&divIds=andbeyond30011%2Candbeyond30011&auid=539852510%2C539852510&
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: fd7f224a7d90e9d7c8ed601d3b6fc92108555a107d9ad4a337250c093fb1f272

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Server: OXGW/16.117.2
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Content-Type: application/json
Transfer-Encoding: chunked
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 1071ms
19ms XHR
application/json 185.33.223.221
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js

Protocol

HTTP/1.1

Server

185.33.223.221 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

bcd87be2cf250b94e6dd50e008724e72cc3f2703ec9cd6fac40aa8340da4f4d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:05 GMT
X-Proxy-Origin: 185.230.127.22; 185.230.127.22; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.238:80
AN-X-Request-Uuid: b853863e-57c9-44bf-b6c8-9d5252cb038f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET cygnus
as.casalemedia.com/ 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
774 B 42ms
19ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=f00b80f1-5ba4-4ad1-864e-a1f2f42d23aa&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.8595982232058148
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4b8cb5f5226c91356bd8c48b57935f020d7547aeff2446da2dcac95cca9299ae

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
774 B 61ms
19ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=205224&zone_id=1041988&size_id=15&p_pos=unknown&rf=http%3A%2F%2Fwww.regaindermayouth.icu%2F&tk_flint=pbjs_lite_v1.31.0&x_source.tid=f00b80f1-5ba4-4ad1-864e-a1f2f42d23aa&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.6241891888789741
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 315c5a96e078fd380a6a4c2a90ebc3ccc72e71bc134459de0757993cfb5c9c75

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
218 B 110ms
24ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://www.regaindermayouth.icu
Date: Sun, 23 Dec 2018 04:00:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 76ms
76ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=555648445967329&correlator=2297254931735857&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-31&iu_parts=26021628%2C322856-300-250-9&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&rcs=1&eri=1&cust_params=new%3D0&cookie=ID%3Df91dbc31012cc163%3AT%3D1545537592%3AS%3DALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw&cookie_enabled=1&bc=7&abxe=1&lmt=1545537602&dt=1545537602099&dlt=1545537592137&idt=473&frm=20&biw=1585&bih=1200&oid=3&adxs=1183&adys=3267&adks=3393163274&ucis=v&ifi=24&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=76&icsg=45107650560&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=CikI2Myg8hFA0ub0sQF4AegB4KuWgIMEgAK8mfcLgAK0mvcLgALh_IPlUA%2CCikI2Myg8hFA0ub0sQF4AegB1vyigIMEgAK8mfcLgAK0mvcLgAK_p7f-UA%2CCikI2Myg8hFA0ub0sQF4AegB69DLhIMEgAK8mfcLgAK0mvcLgALy48H-UA&ga_vid=639183350.1545537593&ga_sid=1545537593&ga_hid=694587912&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

95f73390e618852d151ecda3281e47f20dfb45941ad21604f66bc528f968dea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1873
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244832857
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
319 B 108ms
6ms Image
image/gif 2.16.186.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=b0920193-6f2e-4a52-85a1-98f2e9564083&cid=8CU8MW9HK&crid=andbeyond3009|andbeyond3009&adunit_count=2&dn=www.regaindermayouth.icu&requrl=http://www.regaindermayouth.icu/&event=client_timeout&value=2&rd=5000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-67.deploy.static.akamaitechnologies.com
Software: Apache Tomcat /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: Apache Tomcat
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 23 Dec 2018 04:00:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 81ms
81ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=555648445967329&correlator=1093011415937634&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fifs&adsid=NT&json_a=1&eid=21061763&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864&sc=0&sfv=1-0-31&iu_parts=26021628%2C322856-160-600-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&rcs=1&eri=1&cust_params=new%3D0&cookie=ID%3Df91dbc31012cc163%3AT%3D1545537592%3AS%3DALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw&cookie_enabled=1&bc=7&abxe=1&lmt=1545537602&dt=1545537602147&dlt=1545537592137&idt=473&frm=20&biw=1585&bih=1200&oid=3&adxs=133&adys=5518&adks=3558673110&ucis=x&ifi=26&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&dssz=75&icsg=45107650560&std=0&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&psts=CikI2Myg8hFA0ub0sQF4AegB8PuigIMEgAK8mfcLgAK0mvcLgAKnp7f-UA%2CCikI2Myg8hFA0ub0sQF4AegB1vyigIMEgAK8mfcLgAK0mvcLgAK_p7f-UA%2CCikI2Myg8hFA0ub0sQF4AegB69DLhIMEgAK8mfcLgAK0mvcLgALy48H-UA&ga_vid=639183350.1545537593&ga_sid=1545537593&ga_hid=694587912&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8cf5c2834f7029ba862738d47bde309ebc2d70ca69232a9b380b9a7dcc7ba48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/
Origin: http://www.regaindermayouth.icu

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1874
x-xss-protection: 1; mode=block
google-lineitem-id: 4803012184
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138244832746
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://www.regaindermayouth.icu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
319 B 64ms
6ms Image
image/gif 2.16.186.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=32b4a2a7-c5bb-439b-be3d-02e0c5a698bc&cid=8CU8MW9HK&crid=andbeyond1601|andbeyond1601&adunit_count=2&dn=www.regaindermayouth.icu&requrl=http://www.regaindermayouth.icu/&event=client_timeout&value=2&rd=5000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-67.deploy.static.akamaitechnologies.com
Software: Apache Tomcat /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:02 GMT
Server: Apache Tomcat
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 23 Dec 2018 04:00:02 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1955 58 KB
0 21ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 2298027804702551314
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1955 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1955 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 1955 133 B
200 B 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20896
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 1955 200 KB
0 33ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 210270772847015822
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 76B5 200 KB
0 33ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 210270772847015822
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/ Frame 7FEE 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181205/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181205/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkLaoPGpA708kigCyhFRdXPjFbT_awhNETA88LFr7Wkq6P-cfn-O-gm6e7b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 20 Dec 2018 09:48:30 GMT
expires: Thu, 03 Jan 2019 09:48:30 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 238292
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0389 0
0 48ms
46ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537602&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&dt=1545537602183&bpp=24&bdt=78&fdt=25&idt=9&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=230266885.1545537602&ga_sid=1545537602&ga_hid=1378728970&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.ea30zl4x562e&fsb=1&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7439041255533808&output=html&h=250&slotname=4993246013&adk=1185466784&adf=1174745088&w=300&lmt=1545537602&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.regaindermayouth.icu%2F&ea=0&flash=0&wgl=1&dt=1545537602183&bpp=24&bdt=78&fdt=25&idt=9&shv=r20181205&cbv=r20180604&saldr=sa&correlator=5705059066098&frm=23&ife=4&pv=1&ga_vid=230266885.1545537602&ga_sid=1545537602&ga_hid=1378728970&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=8&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1183&ady=3267&biw=1585&bih=1200&isw=300&ish=250&ifk=3602337150&scr_x=0&scr_y=0&eid=21060853%2C62710016%2C62710018%2C410075081&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&uci=1.ea30zl4x562e&fsb=1&dtd=34
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.regaindermayouth.icu/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkLaoPGpA708kigCyhFRdXPjFbT_awhNETA88LFr7Wkq6P-cfn-O-gm6e7b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 04:00:02 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame 1955 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1955 73 KB
0 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
DATA 200
OK truncated
/ Frame 1955 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018d5e1339cb519a343c83c7e1f5a17bcd9a856134a3a6ca83fa8edafd7933a7

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1955 0
65 B 43ms
42ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswbfv6nf0eq7Ulnnd9EdtP12H0vOA6-mndPmLpyMfrXjR77N5igM9CnH4T9NnoHpa1pE0yk5tJlm9N4_rtBdxzNdSMW2vpHCK_GC9ypmiWyvzpuKZmb5lD_sc7Milqt2p5uuFIzrGYGzd83-VnPW8H_hl8ZoqWZa98YElZwQuyjyyW0kNRx_Uiz3hc9T_Faftq5srnpWOZ4EyjcKqUhhS-IS8pk1ed3pV4jF9QMJatiPGGsKvLh8-DtYuRc7DvsvIZhEl71oG37Mi5IFyLMQ&sai=AMfl-YT1rZmug1ueH3M65Txt47Lchaqp7IbDZYk5ORqVo4qPYc4Asmgyh6f4jxIuC8TwaOF1u3sMcP7CRoOJaXvRebCah1Aw3Ra7R5oT8ZAxKx3zgRzmcN9uEu1Dp-CF&sig=Cg0ArKJSzCBVO06CUGNBEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4807 58 KB
0 21ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 2298027804702551314
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 22289
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4807 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4807 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.regaindermayouth.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-7439041255533808.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 4807 133 B
0 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7439041255533808.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 22 Dec 2018 22:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Dec 2018 23:23:49 GMT
server: sffe
age: 20896
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 10:11:46 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 4807 200 KB
0 33ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 210270772847015822
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/ Frame 8286 200 KB
0 33ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Sun, 23 Dec 2018 03:59:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 210270772847015822
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 75629
X-XSS-Protection: 1; mode=block
Expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
H/1.1

200
OK

firstpost_160x600.html
rtbpassback.andbeyond.media/ Frame EA0B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7439041255533808&output=html&h=600&slotname=3311225591&adk=639928695&adf=1174745089&w=160&lmt=1545537602&guci=1.2.0.0.2.2.0.0&url=http%3...
https://rtbpassback.andbeyond.media/firstpost_160x600.html

0
0

18ms
18ms

Document
text/html

205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpassback.andbeyond.media/firstpost_160x600.html
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: rtbpassback.andbeyond.media
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Date: Sun, 23 Dec 2018 04:00:02 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=29642458
Content-Encoding: gzip
Content-Length: 208
Content-Type: text/html
Last-Modified: Mon, 03 Sep 2018 05:12:23 GMT
Access-Control-Allow-Origin: *
x-amz-id-2: whMhkoI7usofJ0CJnjuS1yFP1hh1ax6vRWOoG2c0MlPAf0vn5aYljscvQSWqqaGvJ1XrPUr3F+4=
x-amz-request-id: E5D688B9D625F18B
ETag: "24545026abe5fe46f404c6e080ccfd52"
Server: AmazonS3
X-HW: 1545537597.dop004.pa1.t,1545537597.cds021.pa1.shn,1545537597.dop004.pa1.t,1545537602.cds026.pa1.c

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://rtbpassback.andbeyond.media/firstpost_160x600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 23 Dec 2018 04:00:02 GMT
server: cafe
content-length: 46
x-xss-protection: 1; mode=block
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/ Frame 4807 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181205/r20100101/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181205/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jan 2019 18:15:13 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4807 73 KB
0 41ms
40ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sun, 23 Dec 2018 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 23 Dec 2018 03:59:57 GMT

GET
DATA 200
OK truncated
/ Frame 4807 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b819d6c00b292b3bfc3d3eb5327126a0b20efcbc2aa9ed20154540e4a1ac6166

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4807 0
65 B 43ms
43ms Image
image/gif 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssl8HSTLOt4r8IjtU3HXQFtBHCqZ4gjUH808C-EiWtm0RnbcGXB6weiSc5PMx6kXiATuqr0ZGtNp6zR2dUY4EbEdAhckADf4lg7g9A4-zfVKrLhuVwA7bsrlcw64TKtfAzzR19UgsQ-4LMCyjYeKPxI3udasDJHXMndVhMwo-iZ2cAnCAsa3nd1DV8UyLwfnUCYKUkLChDAuW280cGAOo9fZ8HON9khWUPLBTSqEwwQ8g3CFx8E8qQCRqO_2UyUEJLcQnkLORJ88ujcK3_2aw&sai=AMfl-YRrP1YMuVo8GS95LyphYwC7_0UD7arACC9T5Q4YtAp7kQ_SlwQ4imAAw-DnuLFftVD3KXn714oDuBcwPSbJDTgHt3EPv1mFVqEyDWWA1Mew1Le1mMgrJ2ivHtYh&sig=Cg0ArKJSzGf-nxO3zhBSEAE&urlfix=1&adurl=

Requested by

Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D632 42 B
122 B 40ms
40ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKSLA7a1-ZxC076hHiCWiSGlCWOvKb8RazGBbX323gvDoEK41m-7M8DSVKT-4-zyp9Rg_VlIwLLB6zPCoU1laEA-iEmRTDaaewFtU&sig=Cg0ArKJSzCBfWdusDG46EAE&adk=1795874516&tt=5048&bs=1585%2C1200&mtos=0,1012,1012,1012,1012&tos=0,1012,0,0,0&p=952,1183,1202,1483&mcvt=1012&rs=3&ht=0&tfs=4049&tls=5061&mc=0.99&lte=0.99&bas=0&bac=0&avms=geo&rst=1545537601222&rpt=44&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C7093&ss=1600%2C1200&pt=14&deb=1-2-8-40-51-15-222-42&tvt=5049&r=v&id=osdim&uc=10&upc=10&tgt=DIV&cl=1&cec=12&clc=1&cac=0&cd=300x250&v=20181207

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Dec 2018 04:00:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 30ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.regaindermayouth.icu
URL: http://www.regaindermayouth.icu/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B2) /
Resource Hash: b435e0c1948fc0179dd72f3a581fc9dec019ce106aea793bec27914d904d04f9

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:09:31 GMT
Server: ECS (fcn/40B2)
Etag: "3db86ef055d51cd0e7082890f848dae9+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 27966

GET
H/1.1 200
OK widget_iframe.d30011b0f5ce05b98f24b01d3331b3c1.html
platform.twitter.com/widgets/ Frame 31BB 0
0 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d30011b0f5ce05b98f24b01d3331b3c1.html?origin=http%3A%2F%2Fwww.regaindermayouth.icu&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 23 Dec 2018 04:00:03 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Tue, 18 Dec 2018 21:08:43 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK grid~moment~timeline~tweet.f6b0f36b73a281bec32b0af5bce83257.js Show response
platform.twitter.com/js/ 15 KB
5 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/grid~moment~timeline~tweet.f6b0f36b73a281bec32b0af5bce83257.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D6) /
Resource Hash: 702efb477e5c073ef04b20530765f941c9cc6c5e5b0e0b88d40e88ab8f35646e

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:08:36 GMT
Server: ECS (fcn/40D6)
Etag: "0672c350d2cc932bd8658765eff7f85d+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 5151

GET
H/1.1 200
OK moment~timeline~tweet.50bff1a04f1f37b6a41fa15859518e07.js Show response
platform.twitter.com/js/ 9 KB
4 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.50bff1a04f1f37b6a41fa15859518e07.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 1da3db939ce70f4489f44f7466d79bdd91568aedba46ff3d8598b982e215c3a7

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:08:36 GMT
Server: ECS (fcn/4195)
Etag: "198d51c94e63ef08344a7234cb425aa1+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 3164

GET
H/1.1 200
OK timeline.17155eeb0cf5555663bfbf170a13c141.js Show response
platform.twitter.com/js/ 34 KB
11 KB 15ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.17155eeb0cf5555663bfbf170a13c141.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D8) /
Resource Hash: 1ceaf2b4629fe7da4af4e4f5c351cb9fbcb59ff412e23c13daeeaa6ae99c05f8

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:08:36 GMT
Server: ECS (fcn/41D8)
Etag: "fd5b74421da688a074ff4ee39257070c+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 10376

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 181 KB
14 KB 183ms
182ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_firstpost_old&dnt=false&domain=www.regaindermayouth.icu&lang=en&screen_name=firstpost&suppress_response_codes=true&t=1717264&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

64934ee4be7ac514da700d0db0bf2e1d52344ed977057c0a79cb35c631859299

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 13562
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 175
last-modified: Sun, 23 Dec 2018 04:00:03 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 426c3f0016534b6c10486909c613da2d
timing-allow-origin: *
x-transaction: 009fc468005b884b
expires: Sun, 23 Dec 2018 04:05:03 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
205 B 122ms
122ms Image
image/gif 199.16.156.201
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1545537603153%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.201 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 5
pragma: no-cache
last-modified: Sun, 23 Dec 2018 04:00:03 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9e551c685e1185faa10ded74bec5cec1
x-transaction: 00cb861800b23bf2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 NkgRia6j
pbs.twimg.com/card_img/1076685130066944000/ Frame 0C7B 15 KB
15 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076685130066944000/NkgRia6j?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

d71d938ef1da95d0110eda49554e8f792ed2d2651faf47f6ad3fa0c69bfcddbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 265
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/6 card_img/1076685130066944000
last-modified: Sun, 23 Dec 2018 03:43:13 GMT
server: ECS (fcn/41AF)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 08fa42b9f001d64d5e8e2f281f846dc0
accept-ranges: bytes
content-length: 15417

GET
H2 200 elHlzKA9
pbs.twimg.com/card_img/1076684472194543616/ Frame 0C7B 34 KB
34 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076684472194543616/elHlzKA9?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

055df94c78eb245421c38ce2dd6b5517213e5c2b63bdd5db6fc33c4e0a09c333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 271
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076684472194543616
last-modified: Sun, 23 Dec 2018 03:40:36 GMT
server: ECS (fcn/40B1)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c8b0bc1bac5587a4c57c8bb3680501f2
accept-ranges: bytes
content-length: 34507

GET
H2 200 6D3XnCS7
pbs.twimg.com/card_img/1076679954174111744/ Frame 0C7B 68 KB
68 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076679954174111744/6D3XnCS7?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

e1672a3e60118a8893f87245c2d14ee09347790a1a3437e4181b2f0e8db36a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 282
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/6 card_img/1076679954174111744
last-modified: Sun, 23 Dec 2018 03:22:39 GMT
server: ECS (fcn/40FE)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2df12ce0628e3839acbc875e668c1109
accept-ranges: bytes
content-length: 69727

GET
H2 200 asGeKx0O
pbs.twimg.com/card_img/1076677115792093186/ Frame 0C7B 60 KB
60 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076677115792093186/asGeKx0O?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

09610d0f7d3636f4f0c778649c65bb9f9f3a0fcdeaf23434920dcaadde910c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 181
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076677115792093186
last-modified: Sun, 23 Dec 2018 03:11:22 GMT
server: ECS (fcn/40E4)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 583f318e200116133bdb0cdc7872be6c
accept-ranges: bytes
content-length: 61523

GET
H2 200 -hMb2nGr
pbs.twimg.com/card_img/1076676881863237632/ Frame 0C7B 30 KB
30 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076676881863237632/-hMb2nGr?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

7451c634b00cb043ee7a4dfe1c88c6693f2032f2042b01213565092a02c25ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 273
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076676881863237632
last-modified: Sun, 23 Dec 2018 03:10:26 GMT
server: ECS (fcn/41AC)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eb30774207b9bfc0572f5d44aee7a26d
accept-ranges: bytes
content-length: 30440

GET
H2 200 L-0iN_kr
pbs.twimg.com/card_img/1076675590453784576/ Frame 0C7B 27 KB
27 KB 12ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076675590453784576/L-0iN_kr?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4184) /

Resource Hash

9e46b4d36247f310b238e29fd09d9c2f70067afd70dfeab1834974c4ed2afc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 279
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/3 card_img/1076675590453784576
last-modified: Sun, 23 Dec 2018 03:05:19 GMT
server: ECS (fcn/4184)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e2f78245510e710a9d13d743ed23d2c1
accept-ranges: bytes
content-length: 27867

GET
H2 200 H44tXd2N
pbs.twimg.com/card_img/1076673882029842432/ Frame 0C7B 50 KB
50 KB 9ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076673882029842432/H44tXd2N?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

5ce707c99c9a03938ddd4148d2037b8de218c9312b5312895eb140538b85596b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 262
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/0 card_img/1076673882029842432
last-modified: Sun, 23 Dec 2018 02:58:31 GMT
server: ECS (fcn/4193)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 38572450f716e2c8262c8e6ff82b40d7
accept-ranges: bytes
content-length: 51172

GET
H2 200 kBrdlRqP
pbs.twimg.com/card_img/1076670137489547264/ Frame 0C7B 48 KB
48 KB 8ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076670137489547264/kBrdlRqP?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

fa3c41ad21abaea8b1eba922868ed108ec82d84e6363c60ac048255fcba81294

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 290
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/7 card_img/1076670137489547264
last-modified: Sun, 23 Dec 2018 02:43:38 GMT
server: ECS (fcn/40F7)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f0c1be7157b37f3f8b79cfe2b515f283
accept-ranges: bytes
content-length: 48673

GET
H2 200 h06iCL-D
pbs.twimg.com/card_img/1076670081004785664/ Frame 0C7B 50 KB
50 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076670081004785664/h06iCL-D?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E3) /

Resource Hash

58014c0da334a8cc5de75fe05e6429e11f667bdf3e745afd2dad5b9b48f96f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 281
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076670081004785664
last-modified: Sun, 23 Dec 2018 02:43:25 GMT
server: ECS (fcn/40E3)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ee9ca4cfd0c1c8bfc521bbb15c2cc305
accept-ranges: bytes
content-length: 50891

GET
H2 200 q3ZMFJ1g
pbs.twimg.com/card_img/1076233633763975168/ Frame 0C7B 74 KB
74 KB 10ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076233633763975168/q3ZMFJ1g?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

38774cdffbda58c41761e5fe20a54755e321e65886d1f14fed26470fb725a8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 298
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076233633763975168
last-modified: Fri, 21 Dec 2018 21:49:08 GMT
server: ECS (fcn/41AF)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1b9fe4dd01fccd6721bad36443b29110
accept-ranges: bytes
content-length: 75639

GET
H2 200 egsyvfwC
pbs.twimg.com/card_img/1075730073347452928/ Frame 0C7B 25 KB
25 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1075730073347452928/egsyvfwC?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

5716eb97a51c168b40fbcbb79df4dcd8a81016bd3f033448548c5fc6794dc3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 273
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/1 card_img/1075730073347452928
last-modified: Thu, 20 Dec 2018 12:28:10 GMT
server: ECS (fcn/41AC)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cb9d88dc7b53158d8cd0d7fa7968e372
accept-ranges: bytes
content-length: 25913

GET
H2 200 -6MugGLR
pbs.twimg.com/card_img/1074369595123744768/ Frame 0C7B 23 KB
23 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1074369595123744768/-6MugGLR?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

97b065baf4b62bf64783bb34a5faa35a86dc1b6dc04bcb47af79ae1854c6d066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 159
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/9 card_img/1074369595123744768
last-modified: Sun, 16 Dec 2018 18:22:06 GMT
server: ECS (fcn/40E5)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4e76d0d206e2a3b27835c595c86bf910
accept-ranges: bytes
content-length: 23254

GET
H2 200 IPLYTynv
pbs.twimg.com/card_img/1073939942261149701/ Frame 0C7B 53 KB
53 KB 9ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1073939942261149701/IPLYTynv?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

74beb622e7655344bd1a448e9b99240d5a9cd4c7f091f61142306c06419e679b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 175
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1073939942261149701
last-modified: Sat, 15 Dec 2018 13:54:49 GMT
server: ECS (fcn/40EA)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: be6c8cdeec11cca9fd3aa40cbbfdacfd
accept-ranges: bytes
content-length: 54068

GET
H2 200 X3shiRQg
pbs.twimg.com/card_img/1076422515918921728/ Frame 0C7B 31 KB
31 KB 9ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076422515918921728/X3shiRQg?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A5) /

Resource Hash

f0e01b85dd85a94ccac62f3e4a0078a10a1bf89f75a9a9d87ffacdecfdba2a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 169
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/6 card_img/1076422515918921728
last-modified: Sat, 22 Dec 2018 10:19:41 GMT
server: ECS (fcn/41A5)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 59c0f9056d1e1f6cc5574daa2f89a37d
accept-ranges: bytes
content-length: 31471

GET
H2 200 gAq7DnaG
pbs.twimg.com/card_img/1076545680146018304/ Frame 0C7B 43 KB
43 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076545680146018304/gAq7DnaG?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

78c555b321a02e278a8d52391c4967ed5f523ff4c351fcff7c09bd62106a3b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 172
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/9 card_img/1076545680146018304
last-modified: Sat, 22 Dec 2018 18:29:06 GMT
server: ECS (fcn/40E7)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d21464847a0800303158bd6ddc48ed85
accept-ranges: bytes
content-length: 44055

GET
H2 200 crrjOnPq
pbs.twimg.com/card_img/1076543639721979904/ Frame 0C7B 35 KB
35 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076543639721979904/crrjOnPq?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

9583dadf3dfd686f805f9e693b87f828dee96b55e79e6c459a4d85c972503c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 162
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/1076543639721979904
last-modified: Sat, 22 Dec 2018 18:20:59 GMT
server: ECS (fcn/40EA)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d7cfd25e6b8af4efb97a5c90874a578c
accept-ranges: bytes
content-length: 36001

GET
H2 200 fdu6F-gv
pbs.twimg.com/card_img/1076542542701678592/ Frame 0C7B 49 KB
49 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076542542701678592/fdu6F-gv?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

72111590a4a6c74a2fdbb006dc7fc5d8240e4c7922e400965d5e28cb5e436fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 195
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/5 card_img/1076542542701678592
last-modified: Sat, 22 Dec 2018 18:16:38 GMT
server: ECS (fcn/40D1)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 497d8ba48c34964c888b326ff49d2c5d
accept-ranges: bytes
content-length: 50031

GET
H2 200 a0oFdgbz
pbs.twimg.com/card_img/1076535937423687680/ Frame 0C7B 22 KB
22 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076535937423687680/a0oFdgbz?format=jpg&name=386x202

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

c041ab0d2a277e0146cca59a0d448035f3943b1a338ffde8dbfd1648ebaafcfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 136
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/6 card_img/1076535937423687680
last-modified: Sat, 22 Dec 2018 17:50:23 GMT
server: ECS (fcn/40DE)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9cd59756c54ee92ed9a53e95bd3e9fad
accept-ranges: bytes
content-length: 22260

GET
H2 200 -yyDlAcV
pbs.twimg.com/card_img/1076535869006262272/ Frame 0C7B 15 KB
15 KB 8ms
5ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076535869006262272/-yyDlAcV?format=jpg&name=386x202

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

4e3c5e75e4181802fcb9050681579526c726bdb78e6ec87b074d5fa9158951c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 137
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/1 card_img/1076535869006262272
last-modified: Sat, 22 Dec 2018 17:50:06 GMT
server: ECS (fcn/40FA)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bf112a18564c6d32d9678c5ec7e1ce10
accept-ranges: bytes
content-length: 15083

GET
H2 200 be_JRZtk
pbs.twimg.com/card_img/1076532606273871872/ Frame 0C7B 25 KB
25 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1076532606273871872/be_JRZtk?format=jpg&name=600x314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

bc0376b776f16b342b1f20426447f4525b434caf4ee8435a47a994768b1299e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 159
date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/9 card_img/1076532606273871872
last-modified: Sat, 22 Dec 2018 17:37:09 GMT
server: ECS (fcn/4185)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bfcabbbe78dfe9329250ac66e3d40337
accept-ranges: bytes
content-length: 25234

GET
H/1.1 200
OK timeline.e6f368aca6135121e2a94694b4cd059c.light.ltr.css
platform.twitter.com/css/ Frame 0C7B 55 KB
13 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.e6f368aca6135121e2a94694b4cd059c.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418F) /
Resource Hash: 7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:08:33 GMT
Server: ECS (fcn/418F)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H/1.1 200
OK timeline.e6f368aca6135121e2a94694b4cd059c.light.ltr.css
platform.twitter.com/css/ 10 KB
10 KB 7ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.e6f368aca6135121e2a94694b4cd059c.light.ltr.css
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418F) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 23 Dec 2018 04:00:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 21:08:33 GMT
Server: ECS (fcn/418F)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H2 200 svSxRGyn_normal.jpg
pbs.twimg.com/profile_images/696601463322075137/ Frame 0C7B 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/696601463322075137/svSxRGyn_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

a3c55de84a0840f00fba33c1abf091e7546d567d01ae606edfafc5b25b9f48bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
content-md5: fcfh5HOs9oXbbx4WlDNKgA==
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/7 profile_images/696601463322075137
last-modified: Mon, 08 Feb 2016 07:46:25 GMT
server: ECS (fcn/40B2)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5040128b6294cf08a80da1860af7ab7c
accept-ranges: bytes

GET
H2 200 lc89nnbhz3tvpkztrxhe_normal.png
pbs.twimg.com/profile_images/2503138588/ Frame 0C7B 1 KB
1 KB 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/2503138588/lc89nnbhz3tvpkztrxhe_normal.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

af8fd596ea5756d93c22ecdec6cc0acf8010dbb4564075f01c5601009de40907

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
x-content-type-options: nosniff
content-md5: wMhedc9RInwpUo2iqj8IAw==
x-cache: HIT
status: 200
content-length: 1123
x-response-time: 157
surrogate-key: profile_images profile_images/bucket/3 profile_images/2503138588
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4186)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a69385e774157d91a83c7fde4cf1adbd
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 0C7B 44 KB
7 KB 6ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 121
surrogate-key: tfw
last-modified: Wed, 14 Nov 2018 10:22:43 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: c33322de1319ba65d03029c55b162955
accept-ranges: bytes
expires: Sun, 30 Dec 2018 04:00:03 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 6ms
6ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 23 Dec 2018 04:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 121
surrogate-key: tfw
last-modified: Wed, 14 Nov 2018 10:22:43 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: c33322de1319ba65d03029c55b162955
accept-ranges: bytes
expires: Sun, 30 Dec 2018 04:00:03 GMT

GET
DATA 200
OK truncated
/ Frame 0C7B 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C7B 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C7B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C7B 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C7B 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 0C7B 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 32ms
32ms Script
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=41630:bad_user_visit[url:%2F,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%2067,user_type:new,returned:new,domain:www.regaindermayouth.icu,cdn_version:41,user_agent:Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/67.0.3396.87%20Safari/537.36,page:LIVE%20updates%2344%3B%20Latest%20headlines%2344%3B%20Breaking%20news%2344%3B%20Top%20stories%2344%3B%20Trending%20topics%20-%20Firstpost,reference_time:undefined]&s=0af833a13f1cbc54e30c57eb405f3b20&1545537603734
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:03 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 8EC1
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

9ms
9ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 23 Dec 2018 04:00:04 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 18 Dec 2018 21:09:31 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D4)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Sun, 23 Dec 2018 04:00:04 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Sun, 23 Dec 2018 04:00:04 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_b
strict-transport-security: max-age=631138519
x-connection-hash: 9e551c685e1185faa10ded74bec5cec1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 12
x-transaction: 00a9172900b3338a
x-tsa-request-body-time: 116
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9AA6 0
0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9EDF 0
0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B875 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame A5B9 0
0

GET
H/1.1

200
OK

Cookie set pd
eu-u.openx.net/w/1.0/ Frame B208
Redirect Chain

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

0
0

69ms
22ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

Host: eu-u.openx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate
Cookie: i=951f2564-a56f-04b7-2fcc-a60b16005e36|1545537606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Vary: Accept
Set-Cookie: i=951f2564-a56f-04b7-2fcc-a60b16005e36|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1545537606|cP968U9ce78X; Version=1; Expires=Mon, 07-Jan-2019 04:00:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip

Redirect headers

Set-Cookie: i=951f2564-a56f-04b7-2fcc-a60b16005e36|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Length: 0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3264 0
0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F86E 0
0

GET
H/1.1

200
OK

Cookie set pd
eu-u.openx.net/w/1.0/ Frame EE9E
Redirect Chain

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

0
0

50ms
17ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

Host: eu-u.openx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate
Cookie: i=d1f32728-2156-02e4-1f58-176d43f348d2|1545537606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Vary: Accept
Set-Cookie: i=d1f32728-2156-02e4-1f58-176d43f348d2|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1545537606|cP968U9ce78X; Version=1; Expires=Mon, 07-Jan-2019 04:00:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip

Redirect headers

Set-Cookie: i=d1f32728-2156-02e4-1f58-176d43f348d2|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 3583 0
0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 0651 0
0 15ms
10ms Document
text/html 104.94.183.192
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.183.192 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-94-183-192.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 06 Dec 2018 12:00:00 GMT
Content-Encoding: gzip
Content-Length: 7420
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=85188
Expires: Mon, 24 Dec 2018 03:39:53 GMT
Date: Sun, 23 Dec 2018 04:00:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4736 0
0

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame FF92 0
0

GET
H/1.1

200
OK

Cookie set pd
eu-u.openx.net/w/1.0/ Frame E822
Redirect Chain

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

0
0

51ms
17ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

Host: eu-u.openx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate
Cookie: i=669703d1-fe35-0422-0c24-7195c2199cb8|1545537606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Vary: Accept
Set-Cookie: i=669703d1-fe35-0422-0c24-7195c2199cb8|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1545537606|cP968U9ce78X; Version=1; Expires=Mon, 07-Jan-2019 04:00:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip

Redirect headers

Set-Cookie: i=669703d1-fe35-0422-0c24-7195c2199cb8|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Length: 0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame F7DD 0
0

GET
H/1.1

200
OK

Cookie set pd
eu-u.openx.net/w/1.0/ Frame 8193
Redirect Chain

http://eu-u.openx.net/w/1.0/pd?plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1

0
0

38ms
19ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Requested by: Host: rtbpassback.andbeyond.media
URL: http://rtbpassback.andbeyond.media/prebid-fp-1.31.0.js
Protocol: HTTP/1.1
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

Host: eu-u.openx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.regaindermayouth.icu/
Accept-Encoding: gzip, deflate
Cookie: i=d3bf6139-7a7e-05c9-1366-3d87cab2231d|1545537606
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.regaindermayouth.icu/

Response headers

Vary: Accept
Set-Cookie: i=d3bf6139-7a7e-05c9-1366-3d87cab2231d|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1545537606|cP968U9ce78X; Version=1; Expires=Mon, 07-Jan-2019 04:00:06 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip

Redirect headers

Set-Cookie: i=d3bf6139-7a7e-05c9-1366-3d87cab2231d|1545537606; Version=1; Expires=Mon, 23-Dec-2019 04:00:06 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.117.2
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=1
Date: Sun, 23 Dec 2018 04:00:06 GMT
Content-Length: 0

GET p
b.scorecardresearch.com/ 0
0

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 33ms
33ms Script
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=41630:time[page:LIVE%20updates%2344%3B%20Latest%20headlines%2344%3B%20Breaking%20news%2344%3B%20Top%20stories%2344%3B%20Trending%20topics%20-%20Firstpost]&s=0af833a13f1cbc54e30c57eb405f3b20&1545537606644
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.regaindermayouth.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Dec 2018 04:00:06 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: as.casalemedia.com
URL: http://as.casalemedia.com/cygnus?s=317372&v=7.2&r=%7B%22id%22%3A%221464db1123384f4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22157a602a02e9739%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2216e00037fd76073%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.regaindermayouth.icu%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: prebid.media.net
URL: http://prebid.media.net/rtb/prebid

Domain: prebid.media.net
URL: http://prebid.media.net/rtb/prebid

Domain: as.casalemedia.com
URL: http://as.casalemedia.com/cygnus?s=317373&v=7.2&r=%7B%22id%22%3A%2233bba091ccc776f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2234b778b7166aa9f%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317373%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2235148aecdfa16d4%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317373%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.regaindermayouth.icu%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: as.casalemedia.com
URL: http://as.casalemedia.com/cygnus?s=317372&v=7.2&r=%7B%22id%22%3A%2249afbab623d9006%22%2C%22imp%22%3A%5B%7B%22id%22%3A%225062c1a130763ee%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%225172fbf77f010d9%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.regaindermayouth.icu%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: as.casalemedia.com
URL: http://as.casalemedia.com/cygnus?s=317372&v=7.2&r=%7B%22id%22%3A%22747819dabec3dad%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2275c76860df0247d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%227619989d4dd2f14%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22317372%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.regaindermayouth.icu%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/showad.js

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/showad.js

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: acdn.adnxs.com
URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/showad.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/p?c1=2&c2=6683813&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1545537606029&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=NaN&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=vdo_5696121&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1545537606032&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_an=1&ns_st_pr=Steve%20Madden%20%23Selfmade&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vaContentType.ShortFormOnDemand&ns_st_ge=&ns_st_st=First%20Post&ns_st_ce=1&ns_st_pu=First%20Post&c3=3&c4=null&c6=null&c7=http%3A%2F%2Fwww.regaindermayouth.icu%2F&c8=LIVE%20updates%2C%20Latest%20headlines%2C%20Breaking%20news%2C%20Top%20stories%2C%20Trending%20topics%20-%20Firstpost&c9=

Verdicts & Comments Add Verdict or Comment

418 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dailymotion.com/	1970-01-19 06:47:45	Name: v1st Value: E6A64743CABEEB5AE72E3650F818CC9B
www.regaindermayouth.icu/	1970-02-24 09:18:57	Name: _w18g Value: 293a285dc64b8eac37e315241cb05d6c
www.regaindermayouth.icu/	1969-12-31 23:59:59	Name: __aaxsc Value: 0
www.regaindermayouth.icu/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1545537594092
.www.regaindermayouth.icu/	1970-01-19 06:04:33	Name: _io_un Value:
www.regaindermayouth.icu/	1970-01-19 06:04:33	Name: __io Value: 70c110d35.264db1b18_1545537593734
.dailymotion.com/	1970-01-19 06:47:45	Name: ts Value: 518169
.regaindermayouth.icu/	1970-01-19 06:04:33	Name: _io_un Value:
www.regaindermayouth.icu/	1970-01-19 06:04:33	Name: __io_uid_test Value: 12
www.regaindermayouth.icu/	1970-01-19 06:04:33	Name: _io_un Value: 23
www.regaindermayouth.icu/	1970-01-19 06:04:33	Name: __io_lv Value: 1545537593732
.dailymotion.com/	1969-12-31 23:59:59	Name: dmvk Value: 5c1f083ad19a3
www.regaindermayouth.icu/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22VETJ0pESV%22%7D%2C%22C284677%22%3A%7B%22page%22%3A1%2C%22time%22%3A1545537593479%7D%7D
www.regaindermayouth.icu/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1545537593550
.regaindermayouth.icu/	1970-01-18 21:18:57	Name: _gat Value: 1
www.regaindermayouth.icu/	1970-01-18 21:29:02	Name: interstitial Value: 1
.regaindermayouth.icu/	1970-01-18 21:19:05	Name: _fbp Value: fb.1.1545537592969.1235760566
.regaindermayouth.icu/	1970-01-19 14:50:09	Name: _ga Value: GA1.2.639183350.1545537593
.regaindermayouth.icu/	1970-01-19 14:50:09	Name: __gads Value: ID=f91dbc31012cc163:T=1545537592:S=ALNI_MZkcmvncBPHMJCFQAwoiRi1d4A5zw
.regaindermayouth.icu/	1970-01-18 21:20:23	Name: _gid Value: GA1.2.1375811041.1545537593
.regaindermayouth.icu/	1970-01-19 06:04:33	Name: __cfduid Value: da91e3edd43b68d8189bd6cc0af3bf04e1545537582

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js(Line 1) Message: Exception in queued GPT command
console-api	log	URL: https://www.firstpost.com/assets/js/app.min.js?v=18(Line 1) Message:
console-api	log	URL: https://cdn.onthe.io/io.js/xmKBQHduOqzQ(Line 778) Message: TypeError: Cannot read property '_io_previous_post_id_exp' of null
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 58) Message: countryDE
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 23) Message: refresh1andbeyond3009
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: requesting prebid
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 23) Message: refresh1andbeyond1601
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: requesting prebid
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 23) Message: refresh1andbeyond30010
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: requesting prebid
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 23) Message: refresh1andbeyond30011
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: requesting prebid
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: REFRESHING AGAIN AS NO PREBID RETURNED
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: REFRESHING AGAIN AS NO PREBID RETURNED
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: REFRESHING AGAIN AS NO PREBID RETURNED
console-api	log	URL: https://rtbcdn.andbeyond.media/prod-global-322856.js(Line 37) Message: REFRESHING AGAIN AS NO PREBID RETURNED
console-api	info	URL: http://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295.
console-api	log	URL: http://www.regaindermayouth.icu/(Line 1620) Message: NaN======0
console-api	log	URL: http://www.regaindermayouth.icu/(Line 1645) Message: AutoPlay

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaxdetect.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.dmcdn.net
as.casalemedia.com
b.scorecardresearch.com
bcp.crwdcntrl.net
c.aaxads.com
cdn.adpushup.com
cdn.mgid.com
cdn.onthe.io
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.marketgid.com
cm.mgid.com
cm.steepto.com
connect.facebook.net
contextual.media.net
e3.adpushup.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
images.firstpost.com
imgg-cdn.mgid.com
inapi.posst.co
jsc.mgid.com
l.aaxads.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
prebid.media.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbpassback.andbeyond.media
s.in.com
securepubads.g.doubleclick.net
servicer.mgid.com
static.firstpost.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
tt.onthe.io
usa.cloud.netacuity.com
www.dailymotion.com
www.facebook.com
www.firstpost.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.regaindermayouth.icu
x.bidswitch.net
acdn.adnxs.com
ads.pubmatic.com
as.casalemedia.com
b.scorecardresearch.com
prebid.media.net
104.111.246.186
104.94.183.192
165.227.149.5
172.217.18.98
173.241.240.143
173.241.240.220
178.79.251.129
18.153.11.14
185.33.223.218
185.33.223.221
185.33.223.80
185.64.189.112
185.86.139.58
195.8.215.136
199.16.156.201
2.16.186.51
2.16.186.67
205.185.216.42
205.234.175.175
213.19.162.21
216.58.208.34
23.45.107.135
23.45.98.199
23.62.140.165
23.97.225.52
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::6812:24ae
2606:4700::6813:c597
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:815::2002
2a00:1450:4001:815::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2002
2a00:1450:4001:821::2003
2a00:1450:4001:821::2013
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c08::9b
2a02:26f0:64:490::3393
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:9997::9997
52.16.68.29
54.69.212.202
64.58.116.132
64.58.116.134
64.58.116.144
88.212.201.79
95.216.24.150
01542e4715dc8773238b9fd57341ae4d5f538b57bdbc0183b650ba4549a83fce
018d5e1339cb519a343c83c7e1f5a17bcd9a856134a3a6ca83fa8edafd7933a7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04ed98ed493517eb75f5d2d08d3eda9c79d730b166e6caf2e084eb7cfee33f9d
055df94c78eb245421c38ce2dd6b5517213e5c2b63bdd5db6fc33c4e0a09c333
069f3af320b0caad468a4a26af0fa4a0c4175168a153bb3332ea74ae3ccc4c53
09610d0f7d3636f4f0c778649c65bb9f9f3a0fcdeaf23434920dcaadde910c88
0b546dcba4896615b50f256aa1957b4c50e833ce6513612cd2a0bb0bfba0c282
0bf5e707f12a85ca4d9d73b824208ecaa88167a2e94e621c67134d9137d44f78
0d791014179be44a73638a18eb890fb6b876fadf2046fd05284453b02898071f
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
1952e32e4644cb5dfddaf0d13deee83ede891dc7ebdde89e4514db455ae3a2f8
19e7854d2815868c8813f72f8e8b772673029e6f21b84f0f5a25bb42b226bc42
1a4592775270d38f8466d0e1f19251680683cd8d22681c1d7c99bb1b327e7a49
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
1b6f4c9f0a413314d1fd9e2d59e3990b5a16f030e2012665db1b81e02a658b8e
1c1f323d5b51033bb04b2f941c91315a14d6da4df31ce63cee8be9f1a47b3b69
1ceaf2b4629fe7da4af4e4f5c351cb9fbcb59ff412e23c13daeeaa6ae99c05f8
1da3db939ce70f4489f44f7466d79bdd91568aedba46ff3d8598b982e215c3a7
1f1b73e33a02861709b2f76f67fdec234c7dd55ce4c15382e87905cbd17c36c8
1fad39d26466ddc86e071c35351dbfd1766b777436543997b535dc329e44f6fd
2058482ec17fec2b0588251bbff98f8e2cbab5a73d57f7a15e864c8779a3319d
2139ef060b420e228f9d01da469e262fc0ce69ceb382254be9c6f00adc42eb84
222c73d22f661542a5a5df398fd80ff3cad7b94914b755f0bdccf312648fd4db
23e507ecedce73a566c51cbacb95fdf550bcfa8e2f01d5c45c7cc7f1cc2a564d
272cd2423a558287cb305a1b9d7b4703c912db4e172c9ef02d95c1bd3ee3f715
275ffc094889f5e0cd0f3dc455f6dddbf670103e8d5cc750bcef5b4171ef26df
2878e261f4608effb59d39ee9e01dd3ea7c16c7ff60b470ee8032009c8994099
28c0ce211712ae60b4d50fdcf22fef0b107613cf6fba8c7342dee96be2550300
299b81aa166c9ac47ad81624038bfa1bf74e88b91445fa9ca86d3a87f817a9b9
2bce4618690d20ff646f66bf97e2295f8966c083b5f64e5ca12861cc5d725882
2f45fc8257200dad30a1421d4a2ce979581653cd4245ce8ee1cc399a21278942
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30aead956f040326d9051f425fb6e96f96bd7f7510fd1089afd3fc67af1ecf9f
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
3147ef6868a5ee7ebfec56adf48720dabcde46377a9da1a9acd768728b308038
315c5a96e078fd380a6a4c2a90ebc3ccc72e71bc134459de0757993cfb5c9c75
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
329c0f50c0e5307aa6980a048dd2e6df3739371ae68c514173e7bd26a9d9ba36
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3436077a009c112254cbcd111a6d92bfd539626aa1e23bf3913280c375bb3aa3
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
366d2dd623ea9d2b89ba04200ffce429005cacab6818a47035648dcdd5fdf31a
38774cdffbda58c41761e5fe20a54755e321e65886d1f14fed26470fb725a8c3
3a92201d2e1d73130981d5d6ad924c6254fdeb1ff811ba6a9d078d6d70a33d36
3bd2be13e71269b9ceef6bc34f03d8264f4dfa860500f3602172f97413b514a5
3c51e530d7bd1973ddd934be3ff0ebf293e009e392445574088f507f99967616
3ca3d3d7b0c614358d0d044e38624764c08bbda625bd3adb20006a65e670bb69
3e4cbcc2444db3b780599d5507cfed1cd978f166fea915a3f58410d483a13b4b
3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa
425710c008e94d75865b13d9bc2458df097a51321c22ec15fe5c4d8937769193
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
47807fd6eb5c4c62bc3c3f75cf1ed1b9ed450422bc07e490a301865cae947776
482584ec2960073367fb8311f3111ea7f1e6f4ea5d2aa606a30cf0d710c55be9
4a39ab2722dbaa4e79e48315d8308025acea3c65c0b45584fa82bc89f9722681
4a9d29fc276a01a9ddfdff4afb9f99d8a022ff90e8633b3548bc2f07ee2d1209
4b8cb5f5226c91356bd8c48b57935f020d7547aeff2446da2dcac95cca9299ae
4e3c5e75e4181802fcb9050681579526c726bdb78e6ec87b074d5fa9158951c0
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5041861fe06669f24e8e1ad9fd906e9c9ed1bfbac180d005db0593dea73fc047
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
51d53c4e0cfdba0f11b25e4403a7aca311d14e877a427c12d52857a113cd6ef4
5372270d08befb84def08e77cedf5eafb141409dcf787fb6a23ee11ebca1603f
5716eb97a51c168b40fbcbb79df4dcd8a81016bd3f033448548c5fc6794dc3fb
58014c0da334a8cc5de75fe05e6429e11f667bdf3e745afd2dad5b9b48f96f4c
5a4a512d303f88981de4842dfa014a3253108389c94da25754376644d93686fa
5af6d3ec9de5b91bb64788bd67d80d4706b8decd9e0a11f197a1446a38385353
5ce707c99c9a03938ddd4148d2037b8de218c9312b5312895eb140538b85596b
600df8f151ea5a819b0aedda71241b5ae210ee8d9f6da739b3dc422f8a3a584c
64934ee4be7ac514da700d0db0bf2e1d52344ed977057c0a79cb35c631859299
657a505c35720009c0d0ade8ee6c471ac5353b98ad5a6dc3cf7b4feaa21e4339
658251ae34cbe86d6ea730324c78f36a6d1b584f77a0d8d179e6f2c25022ab30
66591fe9b8ead4d38217a5a04197a2da944595a439a59cc76a6b9efe49161358
67ad9445195cd1c0792d7da5a66ca393af2654e7424763295f475031e7a16ade
680f7dbd39ba32723efc8c093280c20a4353f1e112887e9a490d4eb688332725
68a071e7e29e0c40e8a133fa95dfbaa4740ad4be701ac6d9590c763f2880737c
6a0361d404891399935abd5cf42763edef3d60a0551fdd319b33932e418d3211
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6f60dcc2a85fdb0d3bb23baa2233dc8d2e6af38af44e56086f1ccff057051ea9
702efb477e5c073ef04b20530765f941c9cc6c5e5b0e0b88d40e88ab8f35646e
709a21b1701de4d52bc17e348a89774fe61167e691860e494c2f0872bf18e60b
71a7faee666e6c21829c14f0ca4a1e726b7ec63a14570d7cb9985d70a34d7408
72111590a4a6c74a2fdbb006dc7fc5d8240e4c7922e400965d5e28cb5e436fbb
7245642e4ea32e45c8d9eb45de8a3d057536ec5305ff708e7faa38f43af0a0f9
729397f72c05143c9121ab3f19c2ad5f19b109a0c5d35dcdcfc2c30356c7264a
7451c634b00cb043ee7a4dfe1c88c6693f2032f2042b01213565092a02c25ed2
747dae3b736051e32475c15bbc1e3d44f94d109bd292fc23d2a8f3bd11b18804
749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428
74beb622e7655344bd1a448e9b99240d5a9cd4c7f091f61142306c06419e679b
75e02594bf953bbf22ae74cfe0bb3c5e7eda1da6f8b0f32176dc923f39d8c14f
761367b322b93ffd07885086a96515c15622678fbfb9b3254821ac97d63dc25a
768631f889b0e2cc4c15f360b8e352a4ca2fe3aae90bf6c78c4f146acaa9c0d0
78c555b321a02e278a8d52391c4967ed5f523ff4c351fcff7c09bd62106a3b7b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a33c599a8235f79261fdfd1183db1eebcc588f2d3328d3780fdb6c8a0b0087f
7af6bb3419ce27ed692a90a0b9354c734bb5340df26fdf34a0510aaa6728482e
7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295
7d5885a4db174caaacddddf12f42454613e5c02c9fbd221100617188049dd589
7d6d9810f0208a60b5d648bb3ddee1eb8ac71fa8d506abee46f7aecc82ac82d8
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7fa06d686678c192219b50b29c5c57287aea3b79fd350f2d00273c9689311da1
81f03625cb281a43b7ece63cf10a20130fd8a900ca0e7656dd3558abdfe1987c
85c164f0f9f2a9aef8e7fd6d695c6818701122a25b8ad4a349f78569a10c018a
85dd8231c991457c75240ed96bd3afb3f39909123e003eb67c18f9d35d5547f3
88ae58d7ae00d4980aafe9f13418a26076ea293ab375cb1926a3ea8c98921b67
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1129049bece8dafdffe4698cd0c24c11e0bc198b6de0a6a9ad52caf87ebbc3
8cf5c2834f7029ba862738d47bde309ebc2d70ca69232a9b380b9a7dcc7ba48c
8d2e85b5c7e6918834a65bfdaaa385513f5c5aaea1be1bf52d41ced5dafc6982
8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035
8f7f1da2088c4f6b7d271abe9794686ba77ad697ca84a919908ed5c48484e000
8ff432d8c4418a2de29aa6b9cf3ccf79752cccc95a0a9b8c313896e628dfa79d
90c11446724b1b65dc2a4a700492bfac43e160499d71662d840252482f45b292
914da50e78b7ed8ad41f8bbc2374c5e36d01698202d3554ddadbf32f3804c975
92286822ac52a7cbb4ab65a34f62d343323ba0b536204d00ccbffb2752964295
92b1cfa6d55fe65d297ac238545c8f78a24e5090eca9938392c306dd454bc21c
938c5220e0c78b0efcf44573ca745ab326047c86d17c3f7e0525d8880791a2f5
9583dadf3dfd686f805f9e693b87f828dee96b55e79e6c459a4d85c972503c88
95f73390e618852d151ecda3281e47f20dfb45941ad21604f66bc528f968dea7
96da4a1458f0f41103e9d67957dca0e35e842da8d4b9592f2ce644afe00fbe61
97b065baf4b62bf64783bb34a5faa35a86dc1b6dc04bcb47af79ae1854c6d066
9932017b954e96f5f0f11a5a576b6d95db94e5ac274fbc234c479bf043be5461
9aa4b53efd71cb52ff08999cf19c8427ce32f5f77e2ef527a5bdb82b5d8cc2ec
9dbc77a83c57c1dfa8bcf91277d0ef1a221b136deb91531cedc4d362c3b2ae54
9e46b4d36247f310b238e29fd09d9c2f70067afd70dfeab1834974c4ed2afc8e
a27b0b4227791b0de37776dcec7abe151ae9a1b65c08df5a75e8a0c6d624e0c2
a2d5a947afa702d0a0815bf756a662e524d58c7cd45f5e899c938a5c82c36141
a2fcc35ff3eeffa7b4753d4fe1f478b9bf3bd76e52a1c8010c01659a668d1d01
a3c55de84a0840f00fba33c1abf091e7546d567d01ae606edfafc5b25b9f48bd
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a8857e3b47ebb56969de37dfc5f50920b9d8437ea6902b9d0db00e6831a8b389
a8ce7190c7f1e84d45c8a7209652219ebc99b0ba21f7891bced7cca2e5ad80da
a8d5971a1d19f4efaabcaa5ad4f207cd2abb4ed3ff4361f07dc8a61005deab71
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af58e3a4b8cac9dedee6f967439e624d40691dd57d21c31c77f1730efe6abb4b
af8fd596ea5756d93c22ecdec6cc0acf8010dbb4564075f01c5601009de40907
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b435e0c1948fc0179dd72f3a581fc9dec019ce106aea793bec27914d904d04f9
b67eb461e1a9e3cc15a15660277b419b19289970b91a536b20b496d8ecefa938
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b73f2fb579f540979991fb3e4deccbbfb863d0efece26d9588f05aab0c9f4f06
b819d6c00b292b3bfc3d3eb5327126a0b20efcbc2aa9ed20154540e4a1ac6166
b8856a6e25798cf5870649774bc6c343555a3404b4b78274c3d613f91515295b
b8dc4893306657c6c50cc8731657ea66ea6e22321fc5af558d9ad42c6a4034ba
b8fd2363a20be278eba41a816e2a408c480684151f1c9cdcf9c7c01d9fa80550
bc0376b776f16b342b1f20426447f4525b434caf4ee8435a47a994768b1299e4
bcd87be2cf250b94e6dd50e008724e72cc3f2703ec9cd6fac40aa8340da4f4d6
c041ab0d2a277e0146cca59a0d448035f3943b1a338ffde8dbfd1648ebaafcfb
c271f2fc09df9e6d1cd7dbd2fcebbe1652e576c4eca689868ced1c2b3d2835df
c279d8cff790a40fd545718c4fd548be7db2df1fd4a99c72f8b3acfb3c6f67dd
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c3b2252b563865cbbe3e6d6e3f597e43a1f3be0e000d566831f99bf8cef1ffc9
c48eddcc6b823f44d51d4f927e51b7e464c2be7f581720c98fb044931fb19d43
c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9
c8ccce4bf2373c3f57522d0e80f637eeef678d7b4be43b9f46399fa095403473
c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae
d004766e96fbdf5c921edf312e02ddfcd58867f7ed530ba6f24b562bb2bd2fdb
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2c87979258ab36dbc9d8171237132a6061e3fddeb7efbcf315ae4da59fd8416
d407da668d2f2aca11779ad67639cd6e3c2d07475756b77972748aade2efba4d
d694f98bb4193102e99942c64b79990a1e6790f0512c0851e65cad6520249166
d6d3144dbd018bc31d124d1114e79bb1997806839632d24c7726abcbed4f52e2
d71d938ef1da95d0110eda49554e8f792ed2d2651faf47f6ad3fa0c69bfcddbd
d9115c87af3ce4bd7fca09b7b56f5e755c0f2b1e97cd52f456a43b2a2f0940d6
d980788aa36689159991ebeb1a33ec0f9c7fb2f1eba368b850b3701dc731ca24
daae65b52740311ef6e5e7491126ec9c5bed1fd01400fb3079eaff8b59785414
de7ca01cd808b08bb2f018284fc59ee6e8f3f8f9052691bef4d190141278b90d
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e1672a3e60118a8893f87245c2d14ee09347790a1a3437e4181b2f0e8db36a93
e1bab2547887807822643e9a7b59191ac50c58b65fd2956aa745473c3735415f
e1cd0cb5e0ca68c29cdfb0cf76e941435519454b8b78ece2a600d1de2e28403a
e1db638893a609c398be0ec576b56ecefc919385a57cf04224e434e10d1205c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e48e3a96b1cb107fd1002fdf7f8ad2de1a04362c4eb0e8eac5fa17263414fd
e50d0198016698890f3a7e45280a8dcca274e8da47141d0286f66abafa79b97b
e5311271015ad7bba21211eeecb0de501644ea956918a77d83725a74d51812c0
e75f91e319b81e9218e91c7ea4a5a27978b9e61ebc433ca5f389f4910878e2e5
e9147f4bc885af4e9872b79f54e4190760f70b2983d4f6175921f7cf94d37dc8
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eccf7d6940b5cb331b0053776285757d5c83414c29456a7c149d5bf552794cec
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
ee53b1c17d2902119cf707d1a14fddb13805e24353fa9102dd1940f9b323e64b
ef0365af224bc84b9dda9c4b2d2f99977f2dc125333e40a4dbc1b7102c8136d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e01b85dd85a94ccac62f3e4a0078a10a1bf89f75a9a9d87ffacdecfdba2a27
f0e1a21924859f681bc1f0e3507d3145d20ee2475da119482449de4dc76fae31
f5d6b20eb01cb49957ffbdde242cf9532bf1b2c787fc6ff380cdcf40f123a77e
f60072530632d08084ac45f4868be9585fa27f52bcb57bf639f61081b04d6a25
f604eb0e9faf6e74fe462d791e38a4c49849a2c083f57332afebab29f288aa97
f926110fb4f29edf2d7929e75935325efb2339cc51952828b730c644c92785bf
f944dfb8bd6a22329a584ca12cf0db366833435ffbe78df7b93966ef326cda4c
fa3c41ad21abaea8b1eba922868ed108ec82d84e6363c60ac048255fcba81294
fd58a15adfc5ffe110bd74d2e2e75ae2117b0c316ca5074af4f3d43c995cbda3
fd7f224a7d90e9d7c8ed601d3b6fc92108555a107d9ad4a337250c093fb1f272
fe919a585bdda536c28f7fdd42fedc63b2ea24e82b679d11dac7cb8ba1237af6
fecc322c8afd0aaf76f11360771a1b3beb446dacf3fee9a192d70386e84c52ad
ffba61112f707c482eafbe013b15b7f6bc0002a4bb0ed4dea3f66d2910cf6356
ffe2a39ee406e67dbd1f6b38a596ec014b2a264aba61263fe0153c82c2d7c299

www.regaindermayouth.icu Open in urlscan Pro 2606:4700:30::6812:24ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

306 Requests

72 %HTTPS

43 %IPv6

41 Domains

64 Subdomains

55 IPs

10 Countries

3492 kBTransfer

9627 kBSize

21 Cookies

261 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.regaindermayouth.icu Open in urlscan Pro
2606:4700:30::6812:24ae Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

72 %
HTTPS

43 %
IPv6

41
Domains

64
Subdomains

55
IPs

10
Countries

3492 kB
Transfer

9627 kB
Size

21
Cookies

306 HTTP transactions
23 data transactions