gestia.icu Open in urlscan Pro
2606:4700:30::681f:525e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--24-glcxyiddekq.xn--p1ai//wp-content/uploads/aSWdXsev/membermap/account-login.php
Effective URL:
http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Submission: On February 16 via api (February 16th 2019, 2:16:06 am UTC) from CH

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 47 HTTP transactions. The main IP is 2606:4700:30::681f:525e, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is gestia.icu.

This is the only time gestia.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	31.28.24.114 31.28.24.114	12616 (HOSTING-MSK) (HOSTING-MSK)
2	176.123.9.52 176.123.9.52	200019 (ASCLOUDATA) (ASCLOUDATA)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	185.251.39.220 185.251.39.220	48282 (MCHOST-AS) (MCHOST-AS)
1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681f:525e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
12	2606:4700:30:... 2606:4700:30::681f:535e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
47	15

13 31.28.24.114 (Moscow, Russian Federation) 1 redirects

ASN12616 (HOSTING-MSK, RU)
PTR: c04w.hoster.ru

xn--24-glcxyiddekq.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.123.9.52 (Chisinau, Moldova)

ASN200019 (ASCLOUDATA, MD)
PTR: 176-123-9-52.alexhost.md

somelandingpage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getmyfreetraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.251.39.220 (None, ) 1 redirects

ASN48282 (MCHOST-AS, RU)
PTR: host-185-251-39-220.hosted-by-vdsina.ru

utiliserpoi.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heintgrersu.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681f:525e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

gestia.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:30::681f:535e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

gestia.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gestia.icu gestia.icu	100 KB
13	1 redirects function sub() { [native code] }.	513 KB
5	yandex.ru 1 redirects mc.yandex.ru	85 KB
4	googlesyndication.com pagead2.googlesyndication.com	175 KB
2	doubleclick.net googleads.g.doubleclick.net
2	google.com www.google.com adservice.google.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	485 B
1	heintgrersu.tk heintgrersu.tk	2 KB
1	utiliserpoi.tk utiliserpoi.tk Failed	1 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com	690 B
1	getmyfreetraffic.com getmyfreetraffic.com	884 B
1	somelandingpage.com somelandingpage.com	884 B
47	14

	Domain	Requested by
14	gestia.icu	www.google.com gestia.icu
13	xn--24-glcxyiddekq.xn--p1ai	1 redirects xn--24-glcxyiddekq.xn--p1ai
5	mc.yandex.ru	1 redirects gestia.icu
4	pagead2.googlesyndication.com	gestia.icu pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	heintgrersu.tk
1	heintgrersu.tk	getmyfreetraffic.com
1	utiliserpoi.tk	somelandingpage.com
1	fonts.gstatic.com	xn--24-glcxyiddekq.xn--p1ai
1	fonts.googleapis.com	xn--24-glcxyiddekq.xn--p1ai
1	getmyfreetraffic.com	xn--24-glcxyiddekq.xn--p1ai
1	somelandingpage.com	xn--24-glcxyiddekq.xn--p1ai
47	15

This site contains no links.

Subject Issuer	Validity	Valid
somelandingpage.com Let's Encrypt Authority X3	`2019-02-14` - `2019-05-15`	3 months	crt.sh
getmyfreetraffic.com Let's Encrypt Authority X3	`2019-02-03` - `2019-05-04`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Frame ID: 1C5E96737481B91421ABC4A755E5A1F2
Requests: 44 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/show_ads_impl.js
Frame ID: BA2E470FAD145AD2313C3B9F3F987087
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190212/r20190131/zrt_lookup.html
Frame ID: 1143B504BE612BC143A0FE63227BB5C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464143210005815&output=html&h=280&slotname=6523585794&adk=3258279889&adf=2445207189&w=336&lmt=1550283351&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&flash=0&wgl=1&adsid=NT&dt=1550283351886&bpp=13&bdt=228&fdt=58&idt=57&shv=r20190212&cbv=r20190131&saldr=aa&abxe=1&correlator=4278543631391&frm=20&pv=2&ga_vid=2059956015.1550283352&ga_sid=1550283352&ga_hid=891544484&ga_fc=0&iag=0&icsg=147119&dssz=12&mdo=0&mso=0&u_tz=0&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.877a9lok3jpy&fsb=1&xpc=J3rxReG6rB&p=http%3A//gestia.icu&dtd=80
Frame ID: E1E8EAAF82120D9D6727B19FAB4B77C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xn--24-glcxyiddekq.xn--p1ai//wp-content/uploads/aSWdXsev/membermap/account-login.php HTTP 301
http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php Page URL
http://utiliserpoi.tk/index/?4831537102803 HTTP 302
http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261 Page URL
http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%... Page URL
http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

47
Requests

30 %
HTTPS

79 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

920 kB
Transfer

1603 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--24-glcxyiddekq.xn--p1ai//wp-content/uploads/aSWdXsev/membermap/account-login.php HTTP 301
http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php Page URL
http://utiliserpoi.tk/index/?4831537102803 HTTP 302
http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261 Page URL
http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%69t%69o%6e%61%6c-c%72%65%64it-%61%74%2d%6c%69%62%65r%74%79%2duni%76ersit%79-%6f%6el%69ne%2F&sa=D&sntz=1&usg=AFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA Page URL
http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://xn--24-glcxyiddekq.xn--p1ai//wp-content/uploads/aSWdXsev/membermap/account-login.php HTTP 301
http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Request Chain 18

http://utiliserpoi.tk/index/?4831537102803 HTTP 302
http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261

Request Chain 43

https://mc.yandex.ru/watch/52287598?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&page-url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1550283351120%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190216021552%3Aet%3A1550283352%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A626237644%3Ahid%3A314107906%3Ads%3A21%2C5%2C505%2C168%2C2%2C0%2C0%2C182%2C4%2C%2C%2C%2C720%3Afp%3A640%3Awn%3A58139%3Ahl%3A4%3Agdpr%3A14%3Av%3A1409%3Awv%3A2%3Ast%3A1550283352%3Au%3A1550283352911137775%3At%3A%C2%BB%20How%20to%20Earn%20Additional%20Credit%20at%20Liberty%20University%20Online%20%E2%80%A2%20Index%20of%20Online%20Schools HTTP 302
https://mc.yandex.ru/watch/52287598/1?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&page-url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1550283351120%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190216021552%3Aet%3A1550283352%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A626237644%3Ahid%3A314107906%3Ads%3A21%2C5%2C505%2C168%2C2%2C0%2C0%2C182%2C4%2C%2C%2C%2C720%3Afp%3A640%3Awn%3A58139%3Ahl%3A4%3Agdpr%3A14%3Av%3A1409%3Awv%3A2%3Ast%3A1550283352%3Au%3A1550283352911137775%3At%3A%C2%BB%20How%20to%20Earn%20Additional%20Credit%20at%20Liberty%20University%20Online%20%E2%80%A2%20Index%20of%20Online%20Schools

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

account-login.php Show response
xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/
Redirect Chain

http://xn--24-glcxyiddekq.xn--p1ai//wp-content/uploads/aSWdXsev/membermap/account-login.php
http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

76 KB
77 KB

115ms
115ms

Document
text/html

31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) / PHP/5.6.31
Resource Hash: cbaf0c4157474a0a966fd04678d01f9b1289d4d1cfb9ea5bab97f53c5d77b4b8

Request headers

Host: xn--24-glcxyiddekq.xn--p1ai
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.6.31
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://xn--24-glcxyiddekq.xn--p1ai/wp-json/>; rel="https://api.w.org/"
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Date: Sat, 16 Feb 2019 02:15:48 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.6.31
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Location: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 3gGykjDJ Show response
somelandingpage.com/ 289 B
884 B 365ms
255ms Script
application/javascript 176.123.9.52
ASCLOUDATA

General

Check archive.org

Show headers Download Go to

Full URL

https://somelandingpage.com/3gGykjDJ?frm=script&_cid=0000000000000

Requested by

Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

176.123.9.52 Chisinau, Moldova, ASN200019 (ASCLOUDATA, MD),

Reverse DNS

176-123-9-52.alexhost.md

Software

nginx / PHP/7.2.15RC1

Resource Hash

a3269fa19e79070ae92c62fe39270ae30a8bbb943a4794f84be922bf3174ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: PHP/7.2.15RC1
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK 14xBSB Show response
getmyfreetraffic.com/ 289 B
884 B 486ms
107ms Script
application/javascript 176.123.9.52
ASCLOUDATA

General

Check archive.org

Show headers Download Go to

Full URL

https://getmyfreetraffic.com/14xBSB?frm=script&_cid=78e53b67-f56a-d14b-37f4-f8495a3e5731

Requested by

Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

176.123.9.52 Chisinau, Moldova, ASN200019 (ASCLOUDATA, MD),

Reverse DNS

176-123-9-52.alexhost.md

Software

nginx / PHP/7.2.15RC1

Resource Hash

a3269fa19e79070ae92c62fe39270ae30a8bbb943a4794f84be922bf3174ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: PHP/7.2.15RC1
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK style.min.css
xn--24-glcxyiddekq.xn--p1ai/wp-includes/css/dist/block-library/ 25 KB
25 KB 125ms
45ms Stylesheet
text/css 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/css/dist/block-library/style.min.css?ver=5.0.3
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Wed, 06 Feb 2019 14:21:43 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e465a8-643a-5813a71fbbcc9"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25658

GET
H/1.1 200
OK theme.min.css
xn--24-glcxyiddekq.xn--p1ai/wp-includes/css/dist/block-library/ 1 KB
1 KB 156ms
46ms Stylesheet
text/css 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/css/dist/block-library/theme.min.css?ver=5.0.3
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: faea334f7f5d87581fa041a3a6e424bb656ddf021f189ac97200af99d382662e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Mon, 17 Dec 2018 11:02:07 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e465af-44e-57d35b631a9c0"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1102

GET
H2 200 css
fonts.googleapis.com/ 7 KB
690 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

58620cf636ee290da99f1b19f154761ff2a9df38cc44a7d9308b64bf59fc5551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 16 Feb 2019 02:15:49 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 16 Feb 2019 02:15:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Sat, 16 Feb 2019 02:15:49 GMT

GET
H/1.1 200
OK style.css
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/ 81 KB
82 KB 155ms
45ms Stylesheet
text/css 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/style.css?ver=5.0.3
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cb98b3bc899585d9d5579cd82c40a5837d6ae4c0d0bc136b316ffcb945e391f5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Mon, 17 Dec 2018 11:02:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e47512-145c9-57d35b7721900"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83401

GET
H/1.1 200
OK blocks.css
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/css/ 6 KB
6 KB 157ms
47ms Stylesheet
text/css 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=1.0
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5e324e0f99af1aa1b8368d0ce28a29478790454f934be5967a2a2825dc50a693

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Mon, 17 Dec 2018 11:02:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e46692-16de-57d35b7721900"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5854

GET
H/1.1 200
OK jquery.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/jquery/ 108 KB
108 KB 156ms
46ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 653f029bd72bee3d21094d3b2396b37739bab717dc80f327629884c2aac595b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:15 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e45d0e-1ae4e-58179e74c4df5"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110158

GET
H/1.1 200
OK jquery-migrate.min.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/jquery/ 22 KB
23 KB 157ms
47ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 93ccff771587c2e33345363f1562836c3246330567fed83d79c56289ef978ad3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:15 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e45d1a-59f6-58179e74be47d"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23030

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/ 24 KB
25 KB 47ms
47ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/wp-emoji-release.min.js?ver=5.0.3
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d429665bef15020a256fcd9d95087c1b73518b1f657bad448e4aa668213a9fb8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:16 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e44483-61a8-58179e75a348e"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25000

GET
H/1.1 200
OK header.jpg
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/images/ 112 KB
113 KB 48ms
47ms Image
image/jpeg 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/images/header.jpg
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Mon, 17 Dec 2018 11:02:28 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e46686-1c0a6-57d35b7721900"
X-Cache: MISS from t0.hoster.ru
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114854
Expires: Sun, 17 Feb 2019 02:15:49 GMT

GET skip-link-focus-fix.js
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/ 0
0

GET
H/1.1 200
OK global.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/ 20 KB
21 KB 47ms
46ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3925ae94b24f274ccecedae80acca3dfccd2e77bd431a2d0eb060c8cbedaf7c9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:14 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e4668c-50b0-58179e73cec75"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20656

GET
H/1.1 200
OK jquery.scrollTo.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/ 18 KB
19 KB 47ms
46ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62466a8fbf8fe1616af8fad22b570140371f6c597eba26b3677800ba526c257e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:14 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e4668f-497a-58179e73cfffd"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18810

GET
H/1.1 200
OK wp-embed.min.js Show response
xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/ 14 KB
14 KB 48ms
48ms Script
text/javascript 31.28.24.114
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/wp-embed.min.js?ver=5.0.3
Requested by: Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Protocol: HTTP/1.1
Server: 31.28.24.114 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: c04w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0bfe5dec17e59d9df64818bc6a95431caeac121dbab846a5efd19bd755c7f57d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xn--24-glcxyiddekq.xn--p1ai
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:49 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Sat, 09 Feb 2019 18:04:16 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e45cd8-3829-58179e75a2106"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14377

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v2/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v2/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2d4bbb80408f5e9cba30a91b44c8d050181320309fc54519ca56a51170ac1003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Origin: http://xn--24-glcxyiddekq.xn--p1ai

Response headers

date: Tue, 05 Feb 2019 02:03:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:07:22 GMT
server: sffe
age: 951119
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13952
x-xss-protection: 1; mode=block
expires: Wed, 05 Feb 2020 02:03:50 GMT

GET /
utiliserpoi.tk/index/ 0
0

GET
H/1.1

200
OK

Cookie set / Show response
heintgrersu.tk/index/
Redirect Chain

http://utiliserpoi.tk/index/?4831537102803
http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261

599 B
2 KB

624ms
568ms

Document
text/html

185.251.39.220
MCHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261
Requested by: Host: getmyfreetraffic.com
URL: https://getmyfreetraffic.com/14xBSB?frm=script&_cid=78e53b67-f56a-d14b-37f4-f8495a3e5731
Protocol: HTTP/1.1
Server: 185.251.39.220 -, , ASN48282 (MCHOST-AS, RU),
Reverse DNS: host-185-251-39-220.hosted-by-vdsina.ru
Software: nginx/1.12.2 /
Resource Hash: d5f95f83a84f3e270b7d40d134029feaee69c46eebefedec9f64bc84628617e1

Request headers

Host: heintgrersu.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/uploads/aSWdXsev/membermap/account-login.php

Response headers

Server: nginx/1.12.2
Date: Sat, 16 Feb 2019 02:15:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Sat, 16 Feb 2019 02:15:50 GMT
Cache-Control: max-age=0
Pragma: no-cache
Set-Cookie: 00831=%7B%22streams%22%3A%7B%225505%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22182%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.heintgrersu.tk 00831=%7B%22streams%22%3A%7B%225505%22%3A1550283350%2C%226823%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22182%22%3A1550283350%2C%22653%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.heintgrersu.tk 00831=%7B%22streams%22%3A%7B%225505%22%3A1550283350%2C%226823%22%3A1550283350%2C%226063%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22182%22%3A1550283350%2C%22653%22%3A1550283350%2C%22645%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.heintgrersu.tk 00831=%7B%22streams%22%3A%7B%225505%22%3A1550283350%2C%226823%22%3A1550283350%2C%226063%22%3A1550283350%2C%226058%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22182%22%3A1550283350%2C%22653%22%3A1550283350%2C%22645%22%3A1550283350%2C%22695%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.heintgrersu.tk

Redirect headers

Server: nginx/1.12.2
Date: Sat, 16 Feb 2019 02:15:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Sat, 16 Feb 2019 02:15:50 GMT
Cache-Control: max-age=0
Pragma: no-cache
Set-Cookie: 00831=%7B%22streams%22%3A%7B%225234%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22632%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.utiliserpoi.tk 00831=%7B%22streams%22%3A%7B%225234%22%3A1550283350%2C%221509%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22632%22%3A1550283350%2C%22250%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.utiliserpoi.tk 00831=%7B%22streams%22%3A%7B%225234%22%3A1550283350%2C%221509%22%3A1550283350%2C%226187%22%3A1550283350%7D%2C%22campaigns%22%3A%7B%22632%22%3A1550283350%2C%22250%22%3A1550283350%2C%22261%22%3A1550283350%7D%2C%22time%22%3A1550283350%7D; expires=Tue, 19-Mar-2019 02:15:50 GMT; Max-Age=2678400; path=/; domain=.utiliserpoi.tk
Location: http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261

POST
H/1.1 200
OK Cookie set url Show response
www.google.com/ 487 B
1 KB 31ms
25ms Document
text/html 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%69t%69o%6e%61%6c-c%72%65%64it-%61%74%2d%6c%69%62%65r%74%79%2duni%76ersit%79-%6f%6el%69ne%2F&sa=D&sntz=1&usg=AFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA

Requested by

Host: heintgrersu.tk
URL: http://heintgrersu.tk/index/?8mMwj2&extra_param_1=261

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

e7e11a2e1e3f024b8f11794a50bd10f89a53476f1a325132a6c2421ea43ef6b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: www.google.com
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Date: Sat, 16 Feb 2019 02:15:51 GMT
Server: gws
Content-Length: 487
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Feb 2019 02:15:51 GMT
Set-Cookie: NID=160=ahPQnes7v6rJaxWtRx4QE4bfL1qAIi5z-XIv_7_qKhxjl99aBiYC32ZWcuekEOI2Os-Ny3BL8K4FMC0HdKix11oSaJuLGsNrc3-OzcncQCEJmwbCtAweiOU7U0y6u_OssRLy2b3oM_b6dlz8n3x6TurnKHpvXkqFu73WquRImzs; expires=Sun, 18-Aug-2019 02:15:51 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.276cfd; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com

GET
H/1.1 200
OK Primary Request Cookie set / Show response
gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/ 29 KB
8 KB 531ms
504ms Document
text/html 2606:4700:30::681f:525e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Requested by

Host: www.google.com
URL: http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%69t%69o%6e%61%6c-c%72%65%64it-%61%74%2d%6c%69%62%65r%74%79%2duni%76ersit%79-%6f%6el%69ne%2F&sa=D&sntz=1&usg=AFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA

Protocol

HTTP/1.1

Server

2606:4700:30::681f:525e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1df147272663f440bebd03ceb16ba72afd7c8e8d837589a5cbee066806e187b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: gestia.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%69t%69o%6e%61%6c-c%72%65%64it-%61%74%2d%6c%69%62%65r%74%79%2duni%76ersit%79-%6f%6el%69ne%2F&sa=D&sntz=1&usg=AFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.google.com/url?q=ht%74%70%3A%2F%2Fg%65%73t%69%61%2e%69%63u%2Fho%77-%74o%2dear%6e%2dadd%69t%69o%6e%61%6c-c%72%65%64it-%61%74%2d%6c%69%62%65r%74%79%2duni%76ersit%79-%6f%6el%69ne%2F&sa=D&sntz=1&usg=AFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351; expires=Sun, 16-Feb-20 02:15:51 GMT; path=/; domain=.gestia.icu; HttpOnly
Link: <http://gestia.icu/wp-json/>; rel="https://api.w.org/" <http://gestia.icu/?p=340>; rel=shortlink
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 4a9c8240bb36bf0c-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
gestia.icu/wp-content/themes/MyTheme/ 19 KB
4 KB 18ms
12ms Stylesheet
text/css 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-content/themes/MyTheme/style.css

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d06a143cd0f905fbbef92dd06965556e8ca9e89172bbb1a59f15ed8fb528e4d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:19 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f21b-4b67"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8243faf297b6-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK styles.css
gestia.icu/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 16ms
10ms Stylesheet
text/css 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.3

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:45:00 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f2bc-6cf"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8243f7f79774-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.js Show response
gestia.icu/wp-includes/js/jquery/ 95 KB
33 KB 27ms
21ms Script
application/javascript 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:47:14 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f342-17ba0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8243faf497b6-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
gestia.icu/wp-includes/js/jquery/ 10 KB
4 KB 20ms
14ms Script
application/javascript 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:47:14 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f342-2748"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8243f57e97c8-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo.gif
gestia.icu/wp-content/themes/MyTheme/images/logo/ 3 KB
4 KB 17ms
11ms Image
image/gif 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/logo/logo.gif

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

72c0438f6ed0d59b414d085fb2556cee7ffedd487cdb7db490b5f8533ec76c65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:45:00 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f2bc-cd3"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c8243fa939816-FRA
Content-Length: 3283
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK home_banner.jpg
gestia.icu/wp-content/themes/MyTheme/images/ 33 KB
34 KB 9ms
9ms Image
image/jpeg 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/home_banner.jpg

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22278f45fb6a951b4939813f63a769cafcde64a775c3bef8592d5fef091940bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:53 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f23d-8460"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c82444b1a97b6-FRA
Content-Length: 33888
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK body_bar_bg2.jpg
gestia.icu/wp-content/themes/MyTheme/images/ 425 B
840 B 10ms
10ms Image
image/jpeg 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/body_bar_bg2.jpg

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfcfe54a77e4a5c254cb71464006168b6920fdd56bc3dac7257ec3ec9acf5c00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:51 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f23b-1a9"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c8244459c97c8-FRA
Content-Length: 425
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 80 KB
30 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f01b2ede5fa3aeaace6b649939aa9e4f5862312d9dcf37f0ede2245841c14a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 15898220363247554870
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 30673
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Feb 2019 02:15:51 GMT

GET
H/1.1 200
OK copyscape.gif
gestia.icu/wp-content/themes/MyTheme/images/ 1 KB
1 KB 10ms
8ms Image
image/gif 2606:4700:30::681f:525e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/copyscape.gif

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:525e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec89d1047ec65c1635598f9a35a3a20a972e1a9b4587ae7505e193c64d45e702

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:51 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f23b-447"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c8244eedcbf0c-FRA
Content-Length: 1095
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
gestia.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 7ms
6ms Script
application/javascript 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 11 Feb 2019 17:08:51 GMT
Server: cloudflare
ETag: W/"5c61ac23-4d7"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=172800 public
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8244e5cc97c8-FRA
Expires: Mon, 18 Feb 2019 02:15:51 GMT

GET
H/1.1 200
OK scripts.js Show response
gestia.icu/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.3

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6138c4b65aaff6e46d51c26096ffffadd202974003ad0f6d4475b45204bd0ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:45:00 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f2bc-38f9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8244eb7c97b6-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
gestia.icu/wp-includes/js/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

http://gestia.icu/wp-includes/js/wp-embed.min.js?ver=4.9.8

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:46:20 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: W/"5bd6f30c-576"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4a9c8244eb7d97b6-FRA
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 317 KB
82 KB 104ms
30ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

cfd1f27588244fe04234d4dd9d5e57ed3b1c8188de26f218dae08778ef0df1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: br
Last-Modified: Thu, 14 Feb 2019 10:52:39 GMT
Server: nginx/1.12.2
ETag: "5c654877-14727"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 83751
Expires: Sat, 16 Feb 2019 03:15:51 GMT

GET
H/1.1 200
OK single_article_heading.jpg
gestia.icu/wp-content/themes/MyTheme/images/ 2 KB
3 KB 9ms
8ms Image
image/jpeg 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/single_article_heading.jpg

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f60c49242d1eebc890aaa3db5a43a7d051d809bed560ba15f502db1977a47c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:55 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f23f-8ff"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c8244eb749816-FRA
Content-Length: 2303
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sidebar_li_bg.gif
gestia.icu/wp-content/themes/MyTheme/images/ 43 B
455 B 9ms
9ms Image
image/gif 2606:4700:30::681f:535e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://gestia.icu/wp-content/themes/MyTheme/images/sidebar_li_bg.gif

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Server

2606:4700:30::681f:535e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05237dc00f7390cf0e59f92698c6790cb1deae2aacc8c5db13ccd0cac83f55fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
Cookie: __cfduid=d7971a9de829e79bb365d8e4e940568a91550283351
Connection: keep-alive
Cache-Control: no-cache
Referer: http://gestia.icu/wp-content/themes/MyTheme/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 29 Oct 2018 11:42:55 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
ETag: "5bd6f23f-2b"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4a9c8244e0129774-FRA
Content-Length: 43
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
485 B 46ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gestia.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 16 Feb 2019 02:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gestia.icu

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 16 Feb 2019 02:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/ 193 KB
72 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

58feff9381c9b0cc93b7da12ec2236ac4d5f3470a04fd636cc51cd967bd4710f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 14416244861898062777
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 73046
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Feb 2019 02:15:51 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/ Frame BA2E 193 KB
72 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

58feff9381c9b0cc93b7da12ec2236ac4d5f3470a04fd636cc51cd967bd4710f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 14416244861898062777
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 73046
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Feb 2019 02:15:51 GMT

GET
H2 200 ca-pub-3464143210005815.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 223 B
465 B 19ms
6ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3464143210005815.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

73669113afdc988efac7c4108caa1f31c5422fa1fbc84c554abcdc6819819492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Feb 2019 18:43:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 00:20:53 GMT
server: sffe
age: 27119
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 158
x-xss-protection: 1; mode=block
expires: Sat, 16 Feb 2019 06:43:52 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190212/r20190131/ Frame 1143 0
0 8ms
5ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 12 Feb 2019 20:25:08 GMT
expires: Tue, 26 Feb 2019 20:25:08 GMT
content-type: text/html; charset=UTF-8
etag: 14090563764879558401
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6959
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 280243
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E1E8 0
0 231ms
230ms Document
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464143210005815&output=html&h=280&slotname=6523585794&adk=3258279889&adf=2445207189&w=336&lmt=1550283351&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&flash=0&wgl=1&adsid=NT&dt=1550283351886&bpp=13&bdt=228&fdt=58&idt=57&shv=r20190212&cbv=r20190131&saldr=aa&abxe=1&correlator=4278543631391&frm=20&pv=2&ga_vid=2059956015.1550283352&ga_sid=1550283352&ga_hid=891544484&ga_fc=0&iag=0&icsg=147119&dssz=12&mdo=0&mso=0&u_tz=0&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.877a9lok3jpy&fsb=1&xpc=J3rxReG6rB&p=http%3A//gestia.icu&dtd=80

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3464143210005815&output=html&h=280&slotname=6523585794&adk=3258279889&adf=2445207189&w=336&lmt=1550283351&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&flash=0&wgl=1&adsid=NT&dt=1550283351886&bpp=13&bdt=228&fdt=58&idt=57&shv=r20190212&cbv=r20190131&saldr=aa&abxe=1&correlator=4278543631391&frm=20&pv=2&ga_vid=2059956015.1550283352&ga_sid=1550283352&ga_hid=891544484&ga_fc=0&iag=0&icsg=147119&dssz=12&mdo=0&mso=0&u_tz=0&u_his=4&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=524&ady=309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040010&oid=3&ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.877a9lok3jpy&fsb=1&xpc=J3rxReG6rB&p=http%3A//gestia.icu&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 16 Feb 2019 02:15:52 GMT
server: cafe
content-length: 325
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 16-Feb-2019 02:30:51 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Sat, 16 Feb 2019 02:15:52 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
28 KB 69ms
39ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

865fa6caa8e124b523f63a1d5ecc6e63c8fa6dc4c0558a911d570b3d71751195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 16 Feb 2019 02:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1550060300709671"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28621
x-xss-protection: 1; mode=block
expires: Sat, 16 Feb 2019 02:15:52 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/52287598/
Redirect Chain

https://mc.yandex.ru/watch/52287598?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dad...
https://mc.yandex.ru/watch/52287598/1?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252d...

0
-1 B

31ms
31ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52287598/1?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&page-url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1550283351120%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190216021552%3Aet%3A1550283352%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A626237644%3Ahid%3A314107906%3Ads%3A21%2C5%2C505%2C168%2C2%2C0%2C0%2C182%2C4%2C%2C%2C%2C720%3Afp%3A640%3Awn%3A58139%3Ahl%3A4%3Agdpr%3A14%3Av%3A1409%3Awv%3A2%3Ast%3A1550283352%3Au%3A1550283352911137775%3At%3A%C2%BB%20How%20to%20Earn%20Additional%20Credit%20at%20Liberty%20University%20Online%20%E2%80%A2%20Index%20of%20Online%20Schools

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Feb 2019 02:15:52 GMT
Last-Modified: Sat, 16-Feb-2019 02:15:52 GMT
Server: nginx/1.12.2
Location: /watch/52287598/1?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&page-url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1550283351120%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190216021552%3Aet%3A1550283352%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A626237644%3Ahid%3A314107906%3Ads%3A21%2C5%2C505%2C168%2C2%2C0%2C0%2C182%2C4%2C%2C%2C%2C720%3Afp%3A640%3Awn%3A58139%3Ahl%3A4%3Agdpr%3A14%3Av%3A1409%3Awv%3A2%3Ast%3A1550283352%3Au%3A1550283352911137775%3At%3A%C2%BB%20How%20to%20Earn%20Additional%20Credit%20at%20Liberty%20University%20Online%20%E2%80%A2%20Index%20of%20Online%20Schools
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://gestia.icu
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sat, 16-Feb-2019 02:15:52 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Feb 2019 02:15:52 GMT
Last-Modified: Sat, 16-Feb-2019 02:15:52 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: http://gestia.icu
Strict-Transport-Security: max-age=31536000
Location: /watch/52287598/1?wmode=7&page-ref=http%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dht%2574%2570%253A%252F%252Fg%2565%2573t%2569%2561%252e%2569%2563u%252Fho%2577-%2574o%252dear%256e%252dadd%2569t%2569o%256e%2561%256c-c%2572%2565%2564it-%2561%2574%252d%256c%2569%2562%2565r%2574%2579%252duni%2576ersit%2579-%256f%256el%2569ne%252F%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNHxOR_FjYW2ca0r_soHGQQD_8uAxA&page-url=http%3A%2F%2Fgestia.icu%2Fhow-to-earn-additional-credit-at-liberty-university-online%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1550283351120%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190216021552%3Aet%3A1550283352%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A626237644%3Ahid%3A314107906%3Ads%3A21%2C5%2C505%2C168%2C2%2C0%2C0%2C182%2C4%2C%2C%2C%2C720%3Afp%3A640%3Awn%3A58139%3Ahl%3A4%3Agdpr%3A14%3Av%3A1409%3Awv%3A2%3Ast%3A1550283352%3Au%3A1550283352911137775%3At%3A%C2%BB%20How%20to%20Earn%20Additional%20Credit%20at%20Liberty%20University%20Online%20%E2%80%A2%20Index%20of%20Online%20Schools
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sat, 16-Feb-2019 02:15:52 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 55ms
30ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Feb 2019 02:15:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Sat, 16 Feb 2019 03:15:52 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/52287598/ 152 B
697 B 61ms
31ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gestia.icu
URL: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

f22a9c0f76d9a2e566cc7b05e60a0365aaf116c3f33e76c875c31ddace0e0010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gestia.icu/how-to-earn-additional-credit-at-liberty-university-online/
Origin: http://gestia.icu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 16 Feb 2019 02:15:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 16-Feb-2019 02:15:52 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://gestia.icu
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Sat, 16-Feb-2019 02:15:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xn--24-glcxyiddekq.xn--p1ai
URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0

Domain: utiliserpoi.tk
URL: http://utiliserpoi.tk/index/?4831537102803

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 22:38:04	Name: test_cookie Value: CheckForPermission
.gestia.icu/	1970-01-18 22:39:15	Name: _ym_isad Value: 2
.gestia.icu/	1970-01-19 07:23:39	Name: _ym_d Value: 1550283352
.gestia.icu/	1970-01-19 07:23:39	Name: _ym_uid Value: 1550283352911137775
.gestia.icu/	1970-01-18 22:38:05	Name: _ym_visorc_52287598 Value: w
.gestia.icu/	1970-01-19 07:23:39	Name: __cfduid Value: d7971a9de829e79bb365d8e4e940568a91550283351

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://xn--24-glcxyiddekq.xn--p1ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: http://gestia.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
gestia.icu
getmyfreetraffic.com
googleads.g.doubleclick.net
heintgrersu.tk
mc.yandex.ru
pagead2.googlesyndication.com
somelandingpage.com
utiliserpoi.tk
www.google.com
www.googletagservices.com
xn--24-glcxyiddekq.xn--p1ai
utiliserpoi.tk
xn--24-glcxyiddekq.xn--p1ai
176.123.9.52
185.251.39.220
2606:4700:30::681f:525e
2606:4700:30::681f:535e
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2004
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a02:6b8::1:119
31.28.24.114
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05237dc00f7390cf0e59f92698c6790cb1deae2aacc8c5db13ccd0cac83f55fb
0bfe5dec17e59d9df64818bc6a95431caeac121dbab846a5efd19bd755c7f57d
0f60c49242d1eebc890aaa3db5a43a7d051d809bed560ba15f502db1977a47c6
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
22278f45fb6a951b4939813f63a769cafcde64a775c3bef8592d5fef091940bd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d4bbb80408f5e9cba30a91b44c8d050181320309fc54519ca56a51170ac1003
3925ae94b24f274ccecedae80acca3dfccd2e77bd431a2d0eb060c8cbedaf7c9
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58620cf636ee290da99f1b19f154761ff2a9df38cc44a7d9308b64bf59fc5551
58feff9381c9b0cc93b7da12ec2236ac4d5f3470a04fd636cc51cd967bd4710f
5e324e0f99af1aa1b8368d0ce28a29478790454f934be5967a2a2825dc50a693
62466a8fbf8fe1616af8fad22b570140371f6c597eba26b3677800ba526c257e
653f029bd72bee3d21094d3b2396b37739bab717dc80f327629884c2aac595b1
72c0438f6ed0d59b414d085fb2556cee7ffedd487cdb7db490b5f8533ec76c65
73669113afdc988efac7c4108caa1f31c5422fa1fbc84c554abcdc6819819492
865fa6caa8e124b523f63a1d5ecc6e63c8fa6dc4c0558a911d570b3d71751195
8d06a143cd0f905fbbef92dd06965556e8ca9e89172bbb1a59f15ed8fb528e4d
93ccff771587c2e33345363f1562836c3246330567fed83d79c56289ef978ad3
a3269fa19e79070ae92c62fe39270ae30a8bbb943a4794f84be922bf3174ac43
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
c1df147272663f440bebd03ceb16ba72afd7c8e8d837589a5cbee066806e187b
c6138c4b65aaff6e46d51c26096ffffadd202974003ad0f6d4475b45204bd0ab
cb98b3bc899585d9d5579cd82c40a5837d6ae4c0d0bc136b316ffcb945e391f5
cbaf0c4157474a0a966fd04678d01f9b1289d4d1cfb9ea5bab97f53c5d77b4b8
cfd1f27588244fe04234d4dd9d5e57ed3b1c8188de26f218dae08778ef0df1ba
d429665bef15020a256fcd9d95087c1b73518b1f657bad448e4aa668213a9fb8
d5f95f83a84f3e270b7d40d134029feaee69c46eebefedec9f64bc84628617e1
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dfcfe54a77e4a5c254cb71464006168b6920fdd56bc3dac7257ec3ec9acf5c00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e11a2e1e3f024b8f11794a50bd10f89a53476f1a325132a6c2421ea43ef6b4
ec89d1047ec65c1635598f9a35a3a20a972e1a9b4587ae7505e193c64d45e702
f01b2ede5fa3aeaace6b649939aa9e4f5862312d9dcf37f0ede2245841c14a17
f22a9c0f76d9a2e566cc7b05e60a0365aaf116c3f33e76c875c31ddace0e0010
faea334f7f5d87581fa041a3a6e424bb656ddf021f189ac97200af99d382662e
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

gestia.icu Open in urlscan Pro 2606:4700:30::681f:525e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

30 %HTTPS

79 %IPv6

14 Domains

15 Subdomains

15 IPs

5 Countries

920 kBTransfer

1603 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gestia.icu Open in urlscan Pro
2606:4700:30::681f:525e Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

30 %
HTTPS

79 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

920 kB
Transfer

1603 kB
Size

6
Cookies

47 HTTP transactions
0 data transactions