URL: http://download.weatherblink.com/index.jhtml
Submission: On November 17 via manual from GB

Summary

This website contacted 22 IPs in 6 countries across 26 domains to perform 44 HTTP transactions.
The main IP is 74.113.235.138, located in Dublin, Ireland and belongs to ASN-IWON - Mindspark Interactive Network, Inc., US. The main domain is download.weatherblink.com.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
5 74.113.235.138 14829 (ASN-IWON)
1 2a00:1450:400... 15169 (GOOGLE)
11 92.123.92.215 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.193.37.34 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.22.98 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 95.100.248.123 20940 (AKAMAI-ASN1)
11 12 176.34.233.74 16509 (AMAZON-02)
1 92.123.93.2 20940 (AKAMAI-ASN1)
2 2 195.93.42.12 1668 (AOL-ATDN)
1 2 52.59.27.58 16509 (AMAZON-02)
1 2 92.123.93.251 20940 (AKAMAI-ASN1)
1 2 62.67.193.75 26667 (RUBICONPR...)
1 185.64.189.236 62713 (AS-PUBMATIC)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 35.187.187.185 15169 (GOOGLE)
1 2 52.29.241.152 16509 (AMAZON-02)
1 185.33.223.215 29990 (ASN-APPNEXUS)
1 2 52.21.181.234 14618 (AMAZON-AES)
1 2 173.241.240.143 36089 (OPENX-AS1)
44 22
Domain
Subdomains
Transfer
14 adroll.com
16 KB
11 imgfarm.com
106 KB
5 weatherblink.com
41 KB
3 facebook.com
159 B
3 facebook.net
32 KB
2 openx.net
447 B
2 rlcdn.com
474 B
2 3lift.com
528 B
2 bidswitch.net
1 KB
2 rubiconproject.com
444 B
2 casalemedia.com
746 B
2 advertising.com
301 B
2 adtech.de
940 B
2 doubleclick.net
2 KB
2 gstatic.com
17 KB
2 google-analytics.com
17 KB
1 adnxs.com
0 B
1 yahoo.com
0 B
1 pubmatic.com
1 B
1 google.de
81 B
1 google.com
579 B
1 googleadservices.com
7 KB
1 staticimgfarm.com
4 KB
1 fonts.googleapis.com
833 B
0 ask.com Failed
weatherblink.dl.tb.ask.com Failed
0 B
0 myway.com Failed
weatherblink.dl.myway.com Failed
0 B
44 26
Domain Requested by
12 d.adroll.com 11 redirects
10 ak.imgfarm.com download.weatherblink.com
5 download.weatherblink.com download.weatherblink.com
3 www.facebook.com download.weatherblink.com
3 connect.facebook.net download.weatherblink.com
connect.facebook.net
2 us-u.openx.net 1 redirects
2 idsync.rlcdn.com 1 redirects
2 eb2.3lift.com 1 redirects
2 x.bidswitch.net 2 redirects
2 pixel.rubiconproject.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 pixel.advertising.com 1 redirects
2 ums.adtech.de 2 redirects
2 fonts.gstatic.com download.weatherblink.com
2 www.google-analytics.com 1 redirects download.weatherblink.com
1 cm.g.doubleclick.net 1 redirects
1 ib.adnxs.com
1 ads.yahoo.com
1 simage2.pubmatic.com
1 s.adroll.com
1 a.adroll.com download.weatherblink.com
1 www.google.de download.weatherblink.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com download.weatherblink.com
1 akz.imgfarm.com download.weatherblink.com
1 ak.staticimgfarm.com download.weatherblink.com
1 fonts.googleapis.com download.weatherblink.com
0 weatherblink.dl.tb.ask.com Failed download.weatherblink.com
0 weatherblink.dl.myway.com Failed download.weatherblink.com
download.weatherblink.com
44 30

This site contains links to these domains. Also see Links.

Domain
eula.mindspark.com
support.mindspark.com
trustsealinfo.verisign.com
Subject / Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2
2017-11-01 -
2018-01-24
3 months
www.mindspark.com
GeoTrust SSL CA - G3
2017-09-29 -
2018-06-27
9 months
*.google-analytics.com
Google Internet Authority G3
2017-11-01 -
2018-01-24
3 months
*.google.com
Google Internet Authority G2
2017-11-01 -
2018-01-24
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2016-12-09 -
2018-01-25
a year
www.google.de
Google Internet Authority G3
2017-11-01 -
2018-01-24
3 months
*.adroll.com
Symantec Class 3 Secure Server CA - G4
2016-11-07 -
2018-01-06
a year
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2017-06-14 -
2020-06-18
3 years
san.casalemedia.com
GeoTrust SSL CA - G3
2017-08-03 -
2018-11-02
a year
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2016-01-12 -
2019-03-01
3 years
*.pubmatic.com
COMODO RSA Organization Validation Secure Server CA
2016-04-12 -
2019-05-27
3 years
ad.yieldmanager.com
Symantec Class 3 Secure Server CA - G4
2017-07-27 -
2018-01-23
6 months
*.3lift.com
Amazon
2017-08-13 -
2018-09-13
a year
*.adnxs.com
Symantec Class 3 ECC 256 bit SSL CA - G2
2017-01-25 -
2019-01-25
2 years
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2
2017-05-08 -
2019-06-21
2 years
*.openx.net
GeoTrust SSL CA - G3
2017-05-11 -
2020-07-09
3 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set index.jhtml
166 KB
39 KB
Document
General
Full URL
http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
74.113.235.138 Dublin, Ireland, ASN14829 (ASN-IWON - Mindspark Interactive Network, Inc., US),
Reverse DNS
74.113.235.138.dub.iaccap.com
Software
Apache-Coyote/1.1 /
Resource Hash
0943d4e1a78fe37e5ece72199e181235ca641f46bb9f95954e651fa8223cd128

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
download.weatherblink.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:20 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
P3P
CP='CURa ADMa DEVa PSA PSD OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Vary
Accept-Encoding
Content-Language
en-US
Via
1.1 www.mapsgalaxy.com
Set-Cookie
userSegment=""; Domain=.weatherblink.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ sessionData="Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="; Version=1; Domain=.weatherblink.com; Path=/ anx="xracl=&xckoid=&xgds=&lv=1510914801199&adfi=&xad=&xmvte=&add=&adc=&xit=&adn=&adm=&xlang=%3F%3F&adp=&xmvtv=&xmvtt=&adt=&xose=true&xckid=&xrm=&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrs=&xrt=TTAB02&adap=&xnt=&xriad=&xft=&nv=1&fv=1510914801199&xuer=1&ob=-&oc=-&od=none&xgc=false&sn=dubprdsndlbfe88.dub.jabodo.com&ok=-&om=-&xrco=XN&xrkw=&xrca=mchyyy&op=-&xrcc=de&xsee=true&os=-&surveyUrl=&xkw=&g=-&xct=&xiad=&xbkw=&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xg=&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&adti=&xn=&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xu=&xcid=bb6c76acaf314cf68b9421c6cf4a61ea"; Version=1; Domain=.weatherblink.com; Max-Age=7776000; Expires=Thu, 15-Feb-2018 10:33:21 GMT; Path=/ ltm-1d=rd119o00000000000000000000ffff0a904c72o80; expires=Sat, 18-Nov-2017 10:33:20 GMT; path=/
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Keep-Alive
timeout=5, max=100
Expires
-1
css?family=Open+Sans:regular,bold
fonts.googleapis.com
5 KB
833 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular,bold
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2dba02582094b6f1f8db4c9e1b55c9755b8f208a5654ecc007a76d9afde77c66
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Open+Sans:regular,bold
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
http://download.weatherblink.com/index.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 17 Nov 2017 10:33:21 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2017 10:33:21 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Fri, 17 Nov 2017 10:33:21 GMT
ttDetectUtil.js
ak.staticimgfarm.com/images/webtooltab/ttdetect-2/prd
11 KB
4 KB
Script
General
Full URL
http://ak.staticimgfarm.com/images/webtooltab/ttdetect-2/prd/ttDetectUtil.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
bba7e618a05fb82e63fcf89fd1d0c5ba1a1aaba15c33eea5d860e92bb21fd7e2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.staticimgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jul 2017 19:37:19 GMT
Server
Apache
ETag
"6dc177-2b42-5549ca4bc79c0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3899
Expires
Fri, 17 Nov 2017 10:33:21 GMT
1493394821593.png
ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_1
27 KB
27 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_1/1493394821593.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
e3eaebf230b3041eb95cf32844f0d049f7087e9e75a1e2f842a415be633181a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Fri, 28 Apr 2017 15:53:41 GMT
Server
Apache
ETag
"775c33-6aef-54e3c13d0ab40"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=71875
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
27375
Expires
Sat, 18 Nov 2017 06:31:16 GMT
1487350238670.jpg
ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_2
19 KB
19 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_2/1487350238670.jpg
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
46e3109719dd769ea8639f4bfc652d9966c65e11765d7dcb93fafe37adf42215

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Fri, 17 Feb 2017 16:50:38 GMT
Server
Apache
ETag
"a8ed5-4d3c-548bcb697b380"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=20144
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
19772
Expires
Fri, 17 Nov 2017 16:09:05 GMT
1478879537852.png
ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_5
4 KB
4 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_5/1478879537852.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
cee8a9d03dc3edde73200207e5956f3114bc51f1db06f171725c9dde8b6fc9ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Fri, 11 Nov 2016 15:52:19 GMT
Server
Apache
ETag
"b30244-f85-54108799672c0"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=59681
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3973
Expires
Sat, 18 Nov 2017 03:08:02 GMT
1487865384117.png
ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_14
8 KB
8 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/asset1_14/1487865384117.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
c2a86065a3d4cb59fd29199c7ffc4762cd59d261e983af9a1d07e43847cb89b3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Thu, 23 Feb 2017 15:56:20 GMT
Server
Apache
ETag
"965d7d-21a9-54934a772d100"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=71876
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
8617
Expires
Sat, 18 Nov 2017 06:31:17 GMT
ga.js
www.google-analytics.com
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/ga.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://download.weatherblink.com/index.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
2145
date
Fri, 17 Nov 2017 09:57:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
17172
expires
Fri, 17 Nov 2017 11:57:36 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
anemone-1.2.7.js
akz.imgfarm.com/images/anx
41 KB
11 KB
Script
General
Full URL
http://akz.imgfarm.com/images/anx/anemone-1.2.7.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
23.193.37.34 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-193-37-34.deploy.static.akamaitechnologies.com
Software
Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7k /
Resource Hash
b61f1dc82835d8bc3b6332443358eb5b9c41a5f4b0672497cdf06ac0a8bbfdfa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
akz.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2013 20:02:48 GMT
Server
Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7k
ETag
"774114-a236-874e8a00"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=177758883
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11189
Expires
Thu, 06 Jul 2023 20:01:24 GMT
bmw_0717.png
ak.imgfarm.com/images/download/myway
3 KB
3 KB
Image
General
Full URL
https://ak.imgfarm.com/images/download/myway/bmw_0717.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
1ce91e421e798c58e58a6ea5bb57d46fe76daae2e75968f5d5d068179c85d900

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Tue, 18 Jul 2017 18:28:48 GMT
Server
Apache
ETag
"5ff835-c47-5549bafb39800"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=37199
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3143
Expires
Fri, 17 Nov 2017 20:53:20 GMT
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v15
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
pragma
no-cache
origin
http://download.weatherblink.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,bold
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,bold
Origin
http://download.weatherblink.com

Response headers

date
Thu, 16 Nov 2017 12:10:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
80544
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Fri, 16 Nov 2018 12:10:57 GMT
k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v15/k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
pragma
no-cache
origin
http://download.weatherblink.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,bold
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:regular,bold
Origin
http://download.weatherblink.com

Response headers

date
Thu, 16 Nov 2017 18:45:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:40 GMT
server
sffe
age
56853
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
8800
x-xss-protection
1; mode=block
expires
Fri, 16 Nov 2018 18:45:48 GMT
1487188584836.png
ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/button1_1
5 KB
5 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/hao.lin/button1_1/1487188584836.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
e1b4cf673a5ad6afe6b06010067755dafcd2a0961251c7b798efec8911c46c92

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Wed, 15 Feb 2017 19:56:24 GMT
Server
Apache
ETag
"4be273-14aa-5489713436a00"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=59732
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5290
Expires
Sat, 18 Nov 2017 03:08:53 GMT
anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblin...
0
0
Image
General
Full URL
http://download.weatherblink.com/anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&anxl=en-US&anxlv=1510914801199&anxrd=none&anxrp=-&anxrk=-&anxrm=-&anxrb=-&anxrc=-&anxrs=-&anxsq=1&anxi=08F33888-EAF0-495C-B5B2-A915266647C8&anxe=backFill&anxr=673364155
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
74.113.235.138 Dublin, Ireland, ASN14829 (ASN-IWON - Mindspark Interactive Network, Inc., US),
Reverse DNS
74.113.235.138.dub.iaccap.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
download.weatherblink.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Cookie
sessionData="Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="; ltm-1d=rd119o00000000000000000000ffff0a904c72o80; anx="u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801204&nv=2&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install"; anxs="s=459738385&sv=1510914801200&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:20 GMT
Via
1.1 www.mapsgalaxy.com
Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
localStorage.jhtml
weatherblink.dl.myway.com
0
0

localStorage.jhtml
weatherblink.dl.tb.ask.com
0
0

1411062076691.png
ak.imgfarm.com/images/vicinio/dsp-images/knovotny/asset16
3 KB
3 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/knovotny/asset16/1411062076691.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
d3705301d10b2072476a930feaf2772f01ffe86a8b8e6d21895a67b64536503e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Thu, 18 Sep 2014 17:41:16 GMT
Server
Apache
ETag
"42ca89-ddc-5035a7dcbc700"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=71876
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3548
Expires
Sat, 18 Nov 2017 06:31:17 GMT
1411594318708.png
ak.imgfarm.com/images/vicinio/dsp-images/knovotny/asset18
3 KB
3 KB
Image
General
Full URL
https://ak.imgfarm.com/images/vicinio/dsp-images/knovotny/asset18/1411594318708.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
d3705301d10b2072476a930feaf2772f01ffe86a8b8e6d21895a67b64536503e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Wed, 24 Sep 2014 21:31:58 GMT
Server
Apache
ETag
"9cd354-ddc-503d669e42f80"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=71876
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
3548
Expires
Sat, 18 Nov 2017 06:31:17 GMT
anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblin...
0
0
Image
General
Full URL
http://download.weatherblink.com/anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&anxl=en-US&anxlv=1510914801204&anxsq=3&present=false&anxe=ToolbarDetect&anxr=1105573078
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
74.113.235.138 Dublin, Ireland, ASN14829 (ASN-IWON - Mindspark Interactive Network, Inc., US),
Reverse DNS
74.113.235.138.dub.iaccap.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
download.weatherblink.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Cookie
sessionData="Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="; ltm-1d=rd119o00000000000000000000ffff0a904c72o80; anx="u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801216&nv=3&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install"; anxs="s=459738385&sv=1510914801200&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:20 GMT
Via
1.1 www.mapsgalaxy.com
Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
nortonseal.gif
ak.imgfarm.com/images/download/symantec
3 KB
3 KB
Image
General
Full URL
http://ak.imgfarm.com/images/download/symantec/nortonseal.gif
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
1092e77793b870361aded2b6d78a8367da9f089a3f72d9947aa6ed4da7ab2311

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Thu, 16 Oct 2014 19:12:51 GMT
Server
Apache
ETag
"b7e8b3-b51-5058f08e152c0"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=59726
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
2897
Expires
Sat, 18 Nov 2017 03:08:47 GMT
overlay_bl_2.png
ak.imgfarm.com/images/download/chrome
19 KB
19 KB
Image
General
Full URL
http://ak.imgfarm.com/images/download/chrome/overlay_bl_2.png
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
92.123.92.215 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-92-215.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
86063301c647905d96c7b1d8ffe1f6d080635348acd6b7114c1bb34f84777957

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ak.imgfarm.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Last-Modified
Tue, 24 Jul 2012 13:33:22 GMT
Server
Apache
ETag
"26dc29-4b0c-4c59367f7cc80"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=25626
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
19212
Expires
Fri, 17 Nov 2017 17:40:27 GMT
mirrorCookies.jhtml
weatherblink.dl.myway.com
0
0

anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblin...
0
0
Image
General
Full URL
http://download.weatherblink.com/anemone.jhtml?anxuu=BEC77AF7-D486-4F82-8B91-E31FD132B352&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T04%3A00%3A00Z&anxsn=dubprdsndlbfe88.dub.jabodo.com&anxu=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&anxl=en-US&anxlv=1510914801216&anxsq=4&cookiesEnabled=1&pageLoad=222&anxe=SplashLanding&anxr=437633720
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
74.113.235.138 Dublin, Ireland, ASN14829 (ASN-IWON - Mindspark Interactive Network, Inc., US),
Reverse DNS
74.113.235.138.dub.iaccap.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
download.weatherblink.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Cookie
sessionData="Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="; ltm-1d=rd119o00000000000000000000ffff0a904c72o80; cookieEnabled=true; anx="u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801377&nv=4&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install"; anxs="s=459738385&sv=1510914801200&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:21 GMT
Via
1.1 www.mapsgalaxy.com
Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Cookie set splashPixels.jhtml
4 KB
1 KB
Document
General
Full URL
http://download.weatherblink.com/splashPixels.jhtml
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/index.jhtml
Protocol
HTTP/1.1
Server
74.113.235.138 Dublin, Ireland, ASN14829 (ASN-IWON - Mindspark Interactive Network, Inc., US),
Reverse DNS
74.113.235.138.dub.iaccap.com
Software
Apache-Coyote/1.1 /
Resource Hash
b5a96937235dd0ac22f2372c28a2eb7f57ee988b45a80b38a6b7f5e264d7d6ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
download.weatherblink.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://download.weatherblink.com/index.jhtml
Cookie
sessionData="Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="; ltm-1d=rd119o00000000000000000000ffff0a904c72o80; cookieEnabled=true; anx="u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801377&nv=4&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install"; anxs="s=459738385&sv=1510914801200&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://download.weatherblink.com/index.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:21 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
P3P
CP='CURa ADMa DEVa PSA PSD OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Vary
Accept-Encoding
Content-Language
en-US
Via
1.1 www.mapsgalaxy.com
Set-Cookie
sessionData="eM8hGio79AhShEic3iyflPLYj0ISecVcykfDXmzQKOeBKpxoLlTdezszHpIHDOvwofB1nan8r/BcpwN1w3QxgPeFAFfU+BGJkuYI/e82MT6MbAje7KxDuPbyZ4BJ4Me0jK2eIrgZsmuBw/wdAX8dU+k7cl70mNBF3MAfWstrW8ENkNRLjXgU00lP/i3xruev1vCOLv2pjw/AsjAMdcTpqIx5V+O9KqjPC3fN5dZierEwsSPCaLWi/gk+XZp6xdtK+TRlOTK1sXq/3RRuTFOax/ptf47LWAN38R2pqrOvurNrrwRj2XpVMxY6fI+IocIwpm96shyGS2IgXiPVe0ODv9hHLpjJXKlJkrhofbyjDrzrVL+3e6WyKkadfNnVCqPRdGwUXh/CdZho59JU3iUoYW0YGZZ+j7jscbdxRX8kxo5x1/sO+5MNqHCLYucsfXycoihpBYyT3Ogrv9X4SThQWyeqeaE1dnfXeooJX1igowTuv6KLUA/qWPUKkPiz+soKWAIb0Oh5ZYO+w838+P9rpUacHMnNRlESMYm01zZ9Otu4/8IS2xcqhxwUbBVW2wg17H67oRgBFd6YPC5cWlf511PqGLYCHMYkAJO32Y+9ypCk5XfvceRNwnOEYyUCF27F4n08jI1FkBdNjHhKhbGJ1w=="; Version=1; Domain=.weatherblink.com; Path=/ anx="u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801828&nv=5&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install&xracl=&xckoid=&xgds=&adfi=&xad=&xmvte=&add=&adc=&xit=&adn=&adm=&adp=&xmvtv=&xmvtt=&adt=&xckid=&xrm=&xrs=&adap=&xnt=&xriad=&xft=&xrkw=&surveyUrl=&xkw=&xct=&xiad=&xbkw=&xg=&adti=&xn=&xu="; Version=1; Domain=.weatherblink.com; Max-Age=7776000; Expires=Thu, 15-Feb-2018 10:33:21 GMT; Path=/
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Keep-Alive
timeout=5, max=100
Expires
-1
Adblocked conversion.js
www.googleadservices.com/pagead
19 KB
7 KB
Script
General
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/splashPixels.jhtml
Protocol
HTTP/1.1
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
01bf7755fb1e0155c31eb6fd6d049d4a8969d7ce6e20174250fd131875d30605
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googleadservices.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 17 Nov 2017 10:33:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4372046656936603100
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
7110
X-XSS-Protection
1; mode=block
Expires
Fri, 17 Nov 2017 10:33:21 GMT
Adblocked fbevents.js
connect.facebook.net/en_US
32 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/splashPixels.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10869
x-xss-protection
0
pragma
public
x-fb-debug
KK8CkfMQVA2ijxwA2k/1sBXvU4b/xbMQ6R9qJ7jsudWjsWMLrnacB6dWVcWauodtaNyN/78e3OjO8PgpIA8d1Q==
x-frame-options
DENY
date
Fri, 17 Nov 2017 10:33:21 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
1410717919190065?v=2.8.1
connect.facebook.net/signals/config
39 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1410717919190065?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b1953abcf8b7223e1ca7d2f9a8615717d0a434bcfe91e4c8616f49ee69bbad20
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1410717919190065?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10754
x-xss-protection
0
pragma
public
x-fb-debug
sfSaYGLL6mQFEKZq1YQEY9sNhuuTRkZNg28WT0eOoTIwcD3W1GrPHQLEnauDHd2vMSCX18rh5UlWg6LdNFlOGQ==
x-frame-options
DENY
date
Fri, 17 Nov 2017 10:33:21 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fdownloa...
www.google.de/ads/user-lists/1054533708
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054533708/?random=1510914801909&cv=8&fst=1510914801909&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_...
  • https://www.google.com/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u...
  • https://www.google.de/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_...
43 B
81 B
Script
General
Full URL
https://www.google.de/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&ref=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&fmt=4&cdct=2&is_vtc=1&random=2125716622&ipr=y&ulfeg=n
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/splashPixels.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&ref=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&fmt=4&cdct=2&is_vtc=1&random=2125716622&ipr=y&ulfeg=n
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google.de
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2017 10:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
adclick_server
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, no-store, must-revalidate
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
63
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2017 10:33:21 GMT
x-content-type-options
nosniff
server
adclick_server
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&ref=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&fmt=4&cdct=2&is_vtc=1&random=2125716622&ipr=y&ulfeg=n
cache-control
private, max-age=43200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
681
x-xss-protection
1; mode=block
expires
Fri, 17 Nov 2017 10:33:21 GMT
Adblocked ?id=1410717919190065&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914801919&v=2.8.1&ec=0&o=28&it...
www.facebook.com/tr
44 B
53 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1410717919190065&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914801919&v=2.8.1&ec=0&o=28&it=1510914801906
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/splashPixels.jhtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

:path
/tr/?id=1410717919190065&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914801919&v=2.8.1&ec=0&o=28&it=1510914801906
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 17 Nov 2017 10:33:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0H89f2J7QmFAhtrRk..BaDrrx...1.0.BaDrrx.; expires=Thursday, 15-Feb-2018 10:33:21 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Fri, 17 Nov 2017 10:33:21 GMT
Adblocked roundtrip.js
a.adroll.com/j
28 KB
9 KB
Script
General
Full URL
http://a.adroll.com/j/roundtrip.js
Requested by
Host: download.weatherblink.com
URL: http://download.weatherblink.com/splashPixels.jhtml
Protocol
HTTP/1.1
Server
95.100.248.123 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-123.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8ed88bd70c8b7d1fa74b1289ff8d6ec7de7949f9a6555487be080317b07fff49
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
a.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
5hgQnKmlorpLe6L_ghXWclhJAt3DRaG_
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 16:19:45 GMT
Server
AmazonS3
x-amz-request-id
3ED8377BC99C8C1D
ETag
"48c928b5ee8f9c11b5f3ebc187e2299a"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=300, must-revalidate
Date
Fri, 17 Nov 2017 10:33:22 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9210
x-amz-id-2
UEyD28giETdCLDLbB05+Sjj7Xsfd2QV5m8iBpKZfLVfSBZe67wwoTqRzbOTPNjr+KhPF1/hYJOM=
Adblocked DBHXLL745JDFNOTTGF45Z5.js
s.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR
Redirect Chain
  • https://d.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR?pv=11631119365.512865&cookie=&adroll_s_ref=http%3A//download.weatherblink.com/index.jhtml&keyw=&arrfrr=http%3A%2F%2Fdownload...
  • https://s.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR/DBHXLL745JDFNOTTGF45Z5.js
4 KB
1 KB
Script
General
Full URL
https://s.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR/DBHXLL745JDFNOTTGF45Z5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.2 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-2.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2a88ebb89abb5f555fb032c54d53fd6d88d0bbcfa04aee1022628d6e0b8ea5c0
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-amz-version-id
KcDEas9R5hIO.9McmsZhFY5mKRmybkrI
Content-Encoding
gzip
ETag
"1f3c731be8ee43ef54f25c407e9948a5"
x-amz-request-id
6FCE83569CF4C2D9
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1324
x-amz-id-2
cqez+miJh/2HxYz3O/gUwUMFrk4bSSQ6ms6MZwr8Ms4IMtgzrKfKldnn3WrLa364YbGdDQLXG/E=
Last-Modified
Thu, 09 Nov 2017 21:52:51 GMT
Server
AmazonS3
Date
Fri, 17 Nov 2017 10:33:22 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Fri, 17 Nov 2017 10:33:22 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.10.2
X-Rule
*
X-Segment-Eid
DBHXLL745JDFNOTTGF45Z5
Location
https://s.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR/DBHXLL745JDFNOTTGF45Z5.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
7ZXMJTTVQNFN3HS5XHKAVR
Set-Cookie
__adroll=556666a79b2630a11128bc20f21502bc; Version=1; Expires=Mon, 17-Dec-2018 10:33:21 GMT; Max-Age=34128000; Path=/
X-Segment-Name
*
X-Advertisable-Eid
67JCKQUFAZHSLAIJ2IPDQR
X-Conversion-Currency
1152631904805199?v=2.8.1
connect.facebook.net/signals/config
39 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1152631904805199?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f4ec8b471fc28dfe2876791f04310626d8300533041e1c293244421f723f85bf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1152631904805199?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10753
x-xss-protection
0
pragma
public
x-fb-debug
shec3fyTmkhTbE/QdmSm+eQrOgSNmAkBTzEZCKFIi0Wge6paEXR3k8kebeezfFKgzsszcLqy6s3egjA+euSReg==
x-frame-options
DENY
date
Fri, 17 Nov 2017 10:33:22 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
pixel.advertising.com/ups/55980
Redirect Chain
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1510914801;userid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0
  • https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
0
0
Image
General
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.27.58 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-27-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

:path
/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
pragma
no-cache
cookie
APID=UPbc47851a-cb82-11e7-a40b-025e715bf558
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pixel.advertising.com
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status
204
date
Fri, 17 Nov 2017 10:33:22 GMT
set-cookie
IDSYNC=1770~1aiy;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Sun, 18-Nov-2018 10:33:22 GMT APID=UPbc47851a-cb82-11e7-a40b-025e715bf558;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Sun, 18-Nov-2018 10:33:22 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 17 Nov 2017 10:33:22 GMT
set-cookie
APID=UPbc47851a-cb82-11e7-a40b-025e715bf558;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Sun, 18-Nov-2018 10:33:22 GMT
content-length
0
location
https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Verified Adblocked Cookie set rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802&C=1
dsum-sec.casalemedia.com
Redirect Chain
  • https://d.adroll.com/cm/index/out
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802&C=1
43 B
43 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-251.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Verified resource
fancybox/2.1.5/blank.gif at cdnjs.com, project fancybox
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dsum-sec.casalemedia.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
CMID=Wg668rlQJrkAAA-89xMAAAAY; CMPS=3216
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=Wg668rlQJrkAAA-89xMAAAAY;domain=casalemedia.com;path=/;expires=Sat, 17 Nov 2018 10:33:22 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Thu, 15 Feb 2018 10:33:22 GMT CMPRO=1133;domain=casalemedia.com;path=/;expires=Thu, 15 Feb 2018 10:33:22 GMT CMST=Wg668loOuvIA;domain=casalemedia.com;path=/;expires=Sat, 18 Nov 2017 10:33:22 GMT CMDD=;domain=casalemedia.com;path=/;expires=Sat, 18 Nov 2017 10:33:22 GMT CMRUM3=695a0ebaf22760NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM;domain=casalemedia.com;path=/;expires=Sat, 17 Nov 2018 10:33:22 GMT CMSC=Wg668g**;domain=casalemedia.com;path=/;
Content-Type
image/gif
Content-Length
43
Expires
Fri, 17 Nov 2017 10:33:22 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802&C=1
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=Wg668rlQJrkAAA-89xMAAAAY;domain=casalemedia.com;path=/;expires=Sat, 17 Nov 2018 10:33:22 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Thu, 15 Feb 2018 10:33:22 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Fri, 17 Nov 2017 10:33:22 GMT
Adblocked Cookie set tap.php?cookie_redirect=1&v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
pixel.rubiconproject.com
Redirect Chain
  • https://d.adroll.com/cm/n/out
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
42 B
42 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
62.67.193.75 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pixel.rubiconproject.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
c=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Sun, 17-Dec-2017 10:33:22 GMT; Path=/ put_3644=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM; Domain=.rubiconproject.com; Expires=Sat, 17-Nov-2018 09:59:59 GMT; Path=/ rpx=194538%3D69050%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Sun, 17-Dec-2017 10:33:22 GMT; Path=/ khaos=JA3RNUT2-B-KXSZ; Domain=.rubiconproject.com; Expires=Fri, 18-May-2018 22:33:22 GMT; Path=/
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
RqTKRGbHohY2SD_q4PXrCQ
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
c=1; Path=/
Content-Length
0
Expires
0
Adblocked Cookie set Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
simage2.pubmatic.com/AdServer
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
1 B
1 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.236 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
simage2.pubmatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
X-lat
Pug22033:0:357
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie
KRTBCOOKIE_10=22808-NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&KRTB&22883-NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM; domain=pubmatic.com; expires=Sun, 17-Dec-2017 10:33:22 GMT; path=/ PugT=1510914802; domain=pubmatic.com; expires=Sun, 17-Dec-2017 10:33:22 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Fri, 17-Nov-2017 10:33:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Thu, 15-Feb-2018 10:33:22 GMT; path=/
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
Set-Cookie
__adroll=556666a79b2630a11128bc20f21502bc; Version=1; Expires=Mon, 17-Dec-2018 10:33:21 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
161
Adblocked pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
ads.yahoo.com
Redirect Chain
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
0
0
Image
General
Full URL
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.yahoo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
ATS
Connection
keep-alive
Age
0
Content-Length
0
Strict-Transport-Security
max-age=3600

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie
__adroll=556666a79b2630a11128bc20f21502bc; Version=1; Expires=Mon, 17-Dec-2018 10:33:21 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
181
Adblocked xuid?ld=1&mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
eb2.3lift.com
Redirect Chain
  • https://d.adroll.com/cm/b/out
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
37 B
37 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.241.152 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-241-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
eb2.3lift.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
tluid=12213301868411357029
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 17 Nov 2017 10:33:22 GMT
cache-control
no-cache, no-store, must-revalidate
set-cookie
tluid=12213301868411357029; Max-Age=7776000; Expires=Thu, 15 Feb 2018 10:33:22 GMT; Path=/; Domain=.3lift.com
P3P
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Content-Length
37
Connection
keep-alive
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
date
Fri, 17 Nov 2017 10:33:22 GMT
cache-control
no-cache, no-store, must-revalidate
set-cookie
tluid=12213301868411357029; Max-Age=7776000; Expires=Thu, 15 Feb 2018 10:33:22 GMT; Path=/; Domain=.3lift.com
Content-Length
0
Connection
keep-alive
P3P
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Adblocked pxj?bidder=172&seg=802787&action=setuid(%27NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM%27)
ib.adnxs.com
Redirect Chain
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM%27)
0
0
Image
General
Full URL
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM%27)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
185.33.223.215 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ib.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:24 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.212:80
AN-X-Request-Uuid
6a79a097-9f9e-4414-9b8b-f89055737ec9
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM')
Set-Cookie
__adroll=556666a79b2630a11128bc20f21502bc; Version=1; Expires=Mon, 17-Dec-2018 10:33:21 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
113
Verified Adblocked Cookie set 377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc&redirect=1
idsync.rlcdn.com
Redirect Chain
  • https://d.adroll.com/cm/l/out
  • https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc
  • https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc&redirect=1
43 B
43 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc&redirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.181.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-181-234.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Verified resource
dojo/1.3.3/resources/blank.gif at cdnjs.com, project dojo
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
idsync.rlcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
ck1=ck1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Set-Cookie
rlas3=NbrXQ0KVm4u9dHm3LuwzW4oPiZI3cTfixfUq21lKZaSMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Wed, 16-May-2018 10:33:22 GMT rtn1-z=IaPVs8VHz+TV9kgF3acTEYAg6RoQY9b0ncTu2s2OcS8=;Domain=.rlcdn.com;Expires=Wed, 16-May-2018 10:33:21 GMT
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc&redirect=1
Set-Cookie
ck1=ck1;Domain=.rlcdn.com;Expires=Wed, 16-May-2018 10:33:19 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Verified Adblocked sd?cc=1&id=537103138&val=556666a79b2630a11128bc20f21502bc
us-u.openx.net/w/1.0
Redirect Chain
  • https://d.adroll.com/cm/o/out
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=556666a79b2630a11128bc20f21502bc
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=556666a79b2630a11128bc20f21502bc
43 B
43 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=556666a79b2630a11128bc20f21502bc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/11.174.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Verified resource
diva.js/3.1.0/img/blank.gif at cdnjs.com, project diva.js
extjs/4.2.1/resources/ext-theme-gray/images/grid/grid3-rowheader.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
us-u.openx.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
i=570cc887-c0cf-4d76-8ffb-90da363cd6e2|1510914802
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
OXGW/11.174.1
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=556666a79b2630a11128bc20f21502bc
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
OXGW/11.174.1
Set-Cookie
i=570cc887-c0cf-4d76-8ffb-90da363cd6e2|1510914802; Version=1; Expires=Sat, 17-Nov-2018 10:33:22 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length
0
P3P
CP="CUR ADM OUR NOR STA NID"
Adblocked Cookie set in?google_ula=1535926,0
d.adroll.com/cm/g
Redirect Chain
  • https://d.adroll.com/cm/g/out?google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VWZmp5smMKERKLwg8hUCvA&google_ula=1535926
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0
35 B
35 B
Image
General
Full URL
https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.233.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-233-74.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d.adroll.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://download.weatherblink.com/splashPixels.jhtml
Cookie
__adroll=556666a79b2630a11128bc20f21502bc
Connection
keep-alive
Cache-Control
no-cache
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2017 10:33:22 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie
__adroll=556666a79b2630a11128bc20f21502bc-g_1510914802; Version=1; Expires=Mon, 17-Dec-2018 10:33:22 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-Result
g.-1.-1.1535926.0.-1

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2017 10:33:22 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUn-8m7hhufUBj7dxnPAdFjyM5ivVP8lor6Xuowh-Q9atgWPcpBU_w; expires=Wed, 12-Dec-2018 10:33:22 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type
text/html; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
246
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?id=1152631904805199&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914802226&cd[segment_eid]=DBHX...
www.facebook.com/tr
44 B
53 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1152631904805199&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914802226&cd[segment_eid]=DBHXLL745JDFNOTTGF45Z5&v=2.8.1&ec=0&o=29&it=1510914801906
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

:path
/tr/?id=1152631904805199&ev=PageView&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914802226&cd[segment_eid]=DBHXLL745JDFNOTTGF45Z5&v=2.8.1&ec=0&o=29&it=1510914801906
pragma
no-cache
cookie
fr=0H89f2J7QmFAhtrRk..BaDrrx...1.0.BaDrrx.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 17 Nov 2017 10:33:22 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Fri, 17 Nov 2017 10:33:22 GMT
Adblocked ?id=1410717919190065&ev=Microdata&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914803422&cd[Schema.org]=%5B%...
www.facebook.com/tr
44 B
53 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1410717919190065&ev=Microdata&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914803422&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

:path
/tr/?id=1410717919190065&ev=Microdata&dl=http%3A%2F%2Fdownload.weatherblink.com%2FsplashPixels.jhtml&rl=http%3A%2F%2Fdownload.weatherblink.com%2Findex.jhtml&if=true&ts=1510914803422&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0H89f2J7QmFAhtrRk..BaDrrx...1.0.BaDrrx.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://download.weatherblink.com/splashPixels.jhtml
:scheme
https
:method
GET
Referer
http://download.weatherblink.com/splashPixels.jhtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 17 Nov 2017 10:33:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Fri, 17 Nov 2017 10:33:23 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 7
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
Request 27
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054533708/?random=1510914801909&cv=8&fst=1510914801909&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_...
  • https://www.google.com/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u...
  • https://www.google.de/ads/user-lists/1054533708/?random=1510914801909&cv=8&fst=1510912800000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_...
Request 30
  • https://d.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR?pv=11631119365.512865&cookie=&adroll_s_ref=http%3A//download.weatherblink.com/index.jhtml&keyw=&arrfrr=http%3A%2F%2Fdownload...
  • https://s.adroll.com/pixel/67JCKQUFAZHSLAIJ2IPDQR/7ZXMJTTVQNFN3HS5XHKAVR/DBHXLL745JDFNOTTGF45Z5.js
Request 32
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://ums.adtech.de/mapuser?providerid=1076;cfp=1;rndc=1510914801;userid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0
  • https://pixel.advertising.com/ups/55980/sync?uid=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&_origin=0&verify=true
Request 33
  • https://d.adroll.com/cm/index/out
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expiration=1542450802&C=1
Request 34
  • https://d.adroll.com/cm/n/out
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM&expires=365
Request 35
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
Request 36
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Request 37
  • https://d.adroll.com/cm/b/out
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=7ffca5f6-42bf-4ae9-9d48-02e30d81c102&dongle=d3d3
Request 38
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NTU2NjY2YTc5YjI2MzBhMTExMjhiYzIwZjIxNTAyYmM%27)
Request 39
  • https://d.adroll.com/cm/l/out
  • https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc
  • https://idsync.rlcdn.com/377928.gif?partner_uid=556666a79b2630a11128bc20f21502bc&redirect=1
Request 40
  • https://d.adroll.com/cm/o/out
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=556666a79b2630a11128bc20f21502bc
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=556666a79b2630a11128bc20f21502bc
Request 41
  • https://d.adroll.com/cm/g/out?google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VWZmp5smMKERKLwg8hUCvA&google_ula=1535926
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
weatherblink.dl.myway.com
URL
http://weatherblink.dl.myway.com/localStorage.jhtml
Domain
weatherblink.dl.tb.ask.com
URL
http://weatherblink.dl.tb.ask.com/localStorage.jhtml
Domain
weatherblink.dl.myway.com
URL
http://weatherblink.dl.myway.com/mirrorCookies.jhtml

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ExtensionToolbar object| extension_toolbar boolean| isIE boolean| isWin boolean| isOpera number| currentFlashVersion function| ControlVersion function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_SW_RunContent function| AC_GetArgs function| splashBtnClick function| swap function| dateFormat function| debug object| unifiedLogging function| _anxGetAppCookieChips function| SymantecBadge string| __toolbarToolbandClsid string| __filenamePrefix string| __progId string| __installerMimeType string| bucket string| partnerIdString string| successPixelsUrl string| dmpDomain number| timerStart undefined| ftwin function| sendMessage function| openFeatures function| abandonPopup function| checkCookies function| getHomeMWSUrl function| getScheme function| getPluginData function| getSearchPluginData function| setPluginCookies function| trackFooterLinks function| setDownloadButtonClickEvents function| mirrorCookiesToGlobalDomain function| setIELocalStorageOnGlobalDomain function| setPassThroughDataOnGlobalDomain function| setLocalStorageOnGlobalDomain function| setLocalStorageOnGlobalDomainViaPM function| setLocalStorageOnGlobalDomainViaGet function| getInternetExplorerVersion function| IsWindowsUIBrowserExperience function| IsWindowsUIBrowserExperience8_1 function| convertToDynamicExe function| convertToDynamicChromeExe function| convertToDynamicMSNIExe function| biToggle function| validateAbsolutePathUrl function| onSplashPixel function| isFirefoxInstalled function| onSuccessGCLID function| injectHeaderCSS function| forensiqScript object| dlpEventDispatcher undefined| wttCacheInitiated function| wttCacheResources function| completeToolbarInstall function| EULADisplay function| InstallDisplay function| RebuttalDisplay function| ExtensionRebuttalDisplay function| RunRunDisplay function| UnsetRebuttalDisplay function| DryTestDisplay function| PartnerIdFactory object| oEULADiv object| oInstallDiv object| oRebuttalDiv object| oRunRunDiv object| oExtensionRebuttalDiv object| oUnsetRebuttalDiv string| crxUrl boolean| bEULAEnabled boolean| bRebuttalEnabled boolean| bChromeUnsetRebuttalEnabled boolean| bValidCrxVersion boolean| bAssistEnabled boolean| bExtensionRebuttalEnabled number| optOutCnt number| maxRebuttalDisplayCnt function| _doInstall function| funcOnInstallerFinished function| popNewTab function| init function| toolbarExists function| installToolbar function| drawChromeModals undefined| no_conflict_$_m object| mindspark object| $_m object| DLP string| INVALID_SUB_ID object| _AnemoneParams object| ttDetectUtil object| _gat object| _gaq object| pageTracker object| _AnemoneParams2 object| JSUtil object| WebUtil object| CookieUtil object| _Anemone function| anxDummy function| anxDebug function| trim string| p_name function| resizeCookieDisclosureDiv function| dlpDebug string| o object| arr object| l number| i

41 Cookies

Domain/Path Name / Value
.tb.ask.com/ Name: anx
Value: "xracl=&xckoid=&xgds=&lv=1510914801776&adfi=&xad=&xmvte=&add=&adc=&xit=&adn=&adm=&xlang=&adp=&xmvtv=&xmvtt=&adt=&xose=&xckid=&xrm=&xrp=&xrs=&xrt=&adap=&xnt=&xriad=&xft=&nv=1&fv=1510914801776&xuer=&ob=-&oc=-&od=download.weatherblink.com&xgc=&sn=dubprdsndlbfe10.dub.jabodo.com&ok=-&om=referral&xrco=&xrkw=&xrca=&op=index.jhtml&xrcc=&xsee=&os=-&surveyUrl=&xkw=&g=-&xct=&xiad=&xbkw=&tbGuid=&xg=&xh=&xi=&xtp=&adti=&xn=&xp=&xtt=&xpp=&xs=&xt=&xu=&xcid="
.myway.com/ Name: chromeSearchExtensionEnabled
Value: true
.myway.com/ Name: chromeSearchExtensionURL
Value: "http://ext.ask.com/index.jhtml?productName=WeatherBlink&installDate=2017111710&partnerId=^XN^mchyyy^TTAB02^de&si=&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&coId=bb6c76acaf314cf68b9421c6cf4a61ea"
.myway.com/ Name: cobrand
Value: XN
.myway.com/ Name: campaign
Value: mchyyy
.myway.com/ Name: homePage
Value: false
weatherblink.dl.tb.ask.com/ Name: ltm-1d
Value: rd119o00000000000000000000ffff0a904c12o80
weatherblink.dl.tb.ask.com/ Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE
Value: en_US
.myway.com/ Name: homePageOption
Value: false
.myway.com/ Name: defaultSearch
Value: false
.myway.com/ Name: defaultSearchOption
Value: false
.myway.com/ Name: pixelUrl
Value: "http://download.weatherblink.com/install_pixels.jhtml?partner=^XN^mchyyy^TTAB02^de&coId=bb6c76acaf314cf68b9421c6cf4a61ea&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A"
.myway.com/ Name: dynamicKeyword
Value: "Free Local Weather"
.myway.com/ Name: newTabInstructURL
Value: "http://download.weatherblink.com/chromeInstruct.jhtml?tabView=instruct"
.weatherblink.com/ Name: anxs
Value: "s=459738385&sv=1510914801200&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
.myway.com/ Name: installType
Value: CRX_WEBSTORE
.myway.com/ Name: dlput
Value: TTAB02
.myway.com/ Name: npsSurveyUrl
Value: "http://www.research.net/r/V6GHNWV?CBID="
.myway.com/ Name: coId
Value: bb6c76acaf314cf68b9421c6cf4a61ea
.myway.com/ Name: newTabURL
Value: "https://hp.myway.com/weatherblink/ttab02chr/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&si=${partnerSubID}"
.myway.com/ Name: chromeShowToolbar
Value: nowhere
.myway.com/ Name: partnerSubId
Value: ""
.weatherblink.dl.myway.com/ Name: installDate
Value: 2017111710
.weatherblink.dl.myway.com/ Name: partnerId
Value: ^XN^mchyyy^TTAB02^de
.weatherblink.dl.myway.com/ Name: sessionData
Value: "Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="
.weatherblink.dl.myway.com/ Name: language
Value: "??"
weatherblink.dl.myway.com/ Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE
Value: en_US
.myway.com/ Name: ChromeExtensionCopies
Value: stubby
.myway.com/ Name: anx
Value: "xracl=&xckoid=&xgds=&lv=1510914801710&adfi=&xad=&xmvte=&add=&adc=&xit=&adn=&adm=&xlang=&adp=&xmvtv=&xmvtt=&adt=&xose=&xckid=&xrm=&xrp=&xrs=&xrt=&adap=&xnt=&xriad=&xft=&nv=1&fv=1510914801710&xuer=&ob=-&oc=-&od=download.weatherblink.com&xgc=&sn=dubprdsndlbfe29.dub.jabodo.com&ok=-&om=referral&xrco=&xrkw=&xrca=&op=index.jhtml&xrcc=&xsee=&os=-&surveyUrl=&xkw=&g=-&xct=&xiad=&xbkw=&tbGuid=&xg=&xh=&xi=&xtp=&adti=&xn=&xp=&xtt=&xpp=&xs=&xt=&xu=&xcid="
.myway.com/ Name: toolbarId
Value: E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A
.myway.com/ Name: newTabSuccessURL
Value: "http://download.weatherblink.com/chromeInstruct.jhtml?tabView=success"
.weatherblink.com/ Name: anx
Value: "u=BEC77AF7-D486-4F82-8B91-E31FD132B352&fv=1510914801199&lv=1510914801377&nv=4&t=-&v=-&p=-&si=-&sn=dubprdsndlbfe88.dub.jabodo.com&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&xlang=%3F%3F&xose=true&xrp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xrt=TTAB02&xuer=1&xgc=false&xrco=XN&xrca=mchyyy&xrcc=de&xsee=true&tbGuid=E0C8B5A4-BC6C-46CE-9665-68CF0AEE120A&xh=9712&xi=CRX_WEBSTORE&xtp=vhigh&xp=vicinio&xtt=template_responsive&xpp=%5EXN%5Emchyyy%5ETTAB02%5Ede&xs=29870&xt=ttab2&xcid=bb6c76acaf314cf68b9421c6cf4a61ea&xx=install"
.myway.com/ Name: successUrl
Value: ""
.download.weatherblink.com/ Name: cookieEnabled
Value: true
.myway.com/ Name: ttabFirstInstall
Value: true
.myway.com/ Name: newTabCache
Value: false
.myway.com/ Name: countryCode
Value: DE
download.weatherblink.com/ Name: ltm-1d
Value: rd119o00000000000000000000ffff0a904c72o80
.myway.com/ Name: newTabBubbleURL
Value: "http://download.weatherblink.com/chromeInstruct.jhtml?tabView=bubble"
weatherblink.dl.myway.com/ Name: ltm-1d
Value: rd119o00000000000000000000ffff0a904c25o80
.weatherblink.com/ Name: sessionData
Value: "Is0vKvPcpinoj1dwkmYugD/pKLtzmCKkDWuzr19mlOgjTI4fXRrqRkcVM8ZGk99BxuQWljAedxSdh+SiFsGi4I5sVsR8lWpA/pqZR95VcuD5J8v4vQNQAIBJnfgkI3VAZcqaTqA23TnuJJDWh34+fwJtS89NcJ4dkHQW2yUokfoS5sSUDVupjcLu0fmBSNV7wTkVYREC9dxMh2JJy7R8kUpkvjkpFtTzx+RZ3yRmlYGCTBeJrxAUCX2C0CGFLKrmFaV8d+TBoNmiz2w05K3dR5tNgo1ls1zRBmi0cvVW2tYIqkUdHlMotoEDIfehGXhSD5ZpTkOxtkEnCfpCf53orig7LF3GrANI3Su1EfuicwRMLpPinPFV9jUo8sWbXf9LG7QyovbirbF1R5lfpBbIGYK2DQ0hjK63SWsKGXu7exMxbbB3MNch4yj5YVsiSJWDauuSYzn1LfrisZhnUINY6CTcdbVFCdjpSeFa0gCQkWYHTN3k2aHJjJe/d0/REEgMmup65NS45nZEQMB6nUkZX9YxKlrNVk0WDP+g3DgrW0Ifm1r9PfJWfOlRRe3t6C0UXIh1OK2A/RCIE0xbqKOLe8KH+bgWRO6VWRIvg/oA25c="

12 Console Messages

Source Level URL
Text
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::Enable page click tracking
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
Begin dynamic CSS injection
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
Compressed CSS
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
Convert CSS to String
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::setStyles
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::Use existing styles tag
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::Appending CSS to styles
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::invoke callback
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.crxws::Search extension is enabled
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
End dynamic CSS injection
console-api log URL: http://download.weatherblink.com/index.jhtml, Line 525, Column5809
Message:
mindspark.core::Enable page click tracking
console-api error URL: https://connect.facebook.net/en_US/fbevents.js, Line 25, Column5275
Message:
Facebook Pixel Error: Error: Duplicate Pixel ID: 1410717919190065

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

a.adroll.com
ads.yahoo.com
ak.imgfarm.com
ak.staticimgfarm.com
akz.imgfarm.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
download.weatherblink.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
ums.adtech.de
us-u.openx.net
weatherblink.dl.myway.com
weatherblink.dl.tb.ask.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
x.bidswitch.net

weatherblink.dl.myway.com
weatherblink.dl.tb.ask.com

172.217.22.98
173.241.240.143
176.34.233.74
185.33.223.215
185.64.189.236
195.93.42.12
23.193.37.34
2a00:1288:110:833::4000
2a00:1450:4001:819::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.187.187.185
52.21.181.234
52.29.241.152
52.59.27.58
62.67.193.75
74.113.235.138
92.123.92.215
92.123.93.2
92.123.93.251
95.100.248.123

01bf7755fb1e0155c31eb6fd6d049d4a8969d7ce6e20174250fd131875d30605
0943d4e1a78fe37e5ece72199e181235ca641f46bb9f95954e651fa8223cd128
1092e77793b870361aded2b6d78a8367da9f089a3f72d9947aa6ed4da7ab2311
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ce91e421e798c58e58a6ea5bb57d46fe76daae2e75968f5d5d068179c85d900
2a88ebb89abb5f555fb032c54d53fd6d88d0bbcfa04aee1022628d6e0b8ea5c0
2dba02582094b6f1f8db4c9e1b55c9755b8f208a5654ecc007a76d9afde77c66
46e3109719dd769ea8639f4bfc652d9966c65e11765d7dcb93fafe37adf42215
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
86063301c647905d96c7b1d8ffe1f6d080635348acd6b7114c1bb34f84777957
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8ed88bd70c8b7d1fa74b1289ff8d6ec7de7949f9a6555487be080317b07fff49
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1953abcf8b7223e1ca7d2f9a8615717d0a434bcfe91e4c8616f49ee69bbad20
b5a96937235dd0ac22f2372c28a2eb7f57ee988b45a80b38a6b7f5e264d7d6ef
b61f1dc82835d8bc3b6332443358eb5b9c41a5f4b0672497cdf06ac0a8bbfdfa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba7e618a05fb82e63fcf89fd1d0c5ba1a1aaba15c33eea5d860e92bb21fd7e2
c2a86065a3d4cb59fd29199c7ffc4762cd59d261e983af9a1d07e43847cb89b3
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
cee8a9d03dc3edde73200207e5956f3114bc51f1db06f171725c9dde8b6fc9ef
d3705301d10b2072476a930feaf2772f01ffe86a8b8e6d21895a67b64536503e
e1b4cf673a5ad6afe6b06010067755dafcd2a0961251c7b798efec8911c46c92
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eaebf230b3041eb95cf32844f0d049f7087e9e75a1e2f842a415be633181a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ec8b471fc28dfe2876791f04310626d8300533041e1c293244421f723f85bf
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be