af.me Open in urlscan Pro
205.186.152.29 Public Scan

URL:
http://af.me/
Submission: On July 08 via manual (July 8th 2019, 2:54:35 am UTC) from US

Summary HTTP 35 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 35 HTTP transactions. The main IP is 205.186.152.29, located in Culver City, United States and belongs to MEDIATEMPLE - Media Temple, Inc., US. The main domain is af.me.

This is the only time af.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	205.186.152.29 205.186.152.29	31815 (MEDIATEMPLE) (MEDIATEMPLE - Media Temple)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
7 14	192.124.249.64 192.124.249.64	30148 (SUCURI-SEC) (SUCURI-SEC - Sucuri)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.170.157 52.216.170.157	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.16.186.48 2.16.186.48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 8	54.246.91.175 54.246.91.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	18.196.12.17 18.196.12.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
35	19

1 205.186.152.29 (Culver City, United States)

ASN31815 (MEDIATEMPLE - Media Temple, Inc., US)

af.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.124.249.64 (United States) 7 redirects

ASN30148 (SUCURI-SEC - Sucuri, US)
PTR: cloudproxy10064.sucuri.net

domain.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.domain.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.170.157 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.48 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-48.deploy.static.akamaitechnologies.com

a.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.246.91.175 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-91-175.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.12.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-12-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.210 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.98 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	domain.me 7 redirects domain.me www.domain.me	102 KB
10	adroll.com 6 redirects a.adroll.com d.adroll.com s.adroll.com	17 KB
4	gstatic.com fonts.gstatic.com	37 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	68 KB
3	facebook.net connect.facebook.net	78 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	36 KB
2	openx.net 1 redirects us-u.openx.net	599 B
2	bidswitch.net 1 redirects x.bidswitch.net	907 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	facebook.com www.facebook.com	324 B
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	590 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	crazyegg.com script.crazyegg.com	725 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	af.me af.me	6 KB
35	18

	Domain	Requested by
12	www.domain.me	6 redirects af.me
8	d.adroll.com	6 redirects a.adroll.com
4	fonts.gstatic.com	af.me
4	maxcdn.bootstrapcdn.com	af.me domain.me
3	connect.facebook.net	connect.facebook.net
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	www.google-analytics.com	1 redirects af.me
2	fonts.googleapis.com	af.me domain.me
2	domain.me	1 redirects af.me
1	www.facebook.com
1	idsync.rlcdn.com
1	ib.adnxs.com
1	s.adroll.com
1	a.adroll.com	af.me
1	www.google.de	af.me
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	script.crazyegg.com	af.me
1	s3.amazonaws.com	af.me
1	ajax.googleapis.com	af.me
1	af.me
35	23

This site contains links to these domains. Also see Links.

Domain
domain.me
fb.me
www.twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
domain.me Let's Encrypt Authority X3	`2019-04-30` - `2019-07-29`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh
*.adroll.com Amazon	`2018-12-27` - `2020-01-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://af.me/
Frame ID: 32628E39C3FD5056D325543F5468C565
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

35
Requests

57 %
HTTPS

45 %
IPv6

18
Domains

23
Subdomains

19
IPs

6
Countries

500 kB
Transfer

1074 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://domain.me/policies/
Title: Policies

Search URL Search Domain Scan URL

URL: http://domain.me/contact-me/
Title: Contact

Search URL Search Domain Scan URL

URL: http://fb.me/domainme

Search URL Search Domain Scan URL

URL: http://www.twitter.com/domainMe

Search URL Search Domain Scan URL

URL: http://www.youtube.com/dotMechannel

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://domain.me/premium-assets/prefixfree.min.js HTTP 301
https://domain.me/premium-assets/prefixfree.min.js

Request Chain 5

http://www.domain.me/premium-assets/dotlogo.png HTTP 301
https://www.domain.me/premium-assets/dotlogo.png

Request Chain 6

http://www.domain.me/premium-assets/fbicon.png HTTP 301
https://www.domain.me/premium-assets/fbicon.png

Request Chain 7

http://www.domain.me/premium-assets/twicon.png HTTP 301
https://www.domain.me/premium-assets/twicon.png

Request Chain 8

http://www.domain.me/premium-assets/yticon.png HTTP 301
https://www.domain.me/premium-assets/yticon.png

Request Chain 9

http://www.domain.me/premium-assets/sherlock.png HTTP 301
https://www.domain.me/premium-assets/sherlock.png

Request Chain 10

http://www.domain.me/premium-assets/balon1.png HTTP 301
https://www.domain.me/premium-assets/balon1.png

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 21

http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1465955187&t=pageview&_s=1&dl=http%3A%2F%2Faf.me%2F&ul=en-us&de=UTF-8&dt=af.me%20is%20a%20premium%20name%20-%20but%20it%20could%20be%20yours!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=593884637&gjid=1447044932&cid=2062933298.1562554460&tid=UA-3950962-5&_gid=338809291.1562554460&_r=1&z=1772452425 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1465955187&t=pageview&_s=1&dl=http%3A%2F%2Faf.me%2F&ul=en-us&de=UTF-8&dt=af.me%20is%20a%20premium%20name%20-%20but%20it%20could%20be%20yours!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=593884637&gjid=1447044932&cid=2062933298.1562554460&tid=UA-3950962-5&_gid=338809291.1562554460&_r=1&z=1772452425 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_gid=338809291.1562554460&gjid=1447044932&_v=j77&z=1772452425 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425&slf_rd=1&random=137018979

Request Chain 24

https://d.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ?adroll_fpc=b91f613c39482951cbf1a14b65c6aeb8-1562554460581&pv=98053599210.05568&cookie=&adroll_s_ref=&keyw=&arrfrr=http%3A%2F%2Faf.me%2F HTTP 302
https://s.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ/RDDKD7S2VZAEVLPTQEK44N.js

Request Chain 25

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 26

https://d.adroll.com/cm/b/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI

Request Chain 27

https://d.adroll.com/cm/x/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI

Request Chain 28

https://d.adroll.com/cm/l/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=6d7520343de779647fa8cfca2228d742

Request Chain 29

https://d.adroll.com/cm/o/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6d7520343de779647fa8cfca2228d742 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6d7520343de779647fa8cfca2228d742

Request Chain 30

https://d.adroll.com/cm/g/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=bXUgND3neWR_qM_KIijXQg&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=bXUgND3neWR_qM_KIijXQg&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
af.me/ 21 KB
6 KB 507ms
379ms Document
text/html 205.186.152.29
Media Temple

General

Check archive.org

Show headers Download Go to

Full URL: http://af.me/
Protocol: HTTP/1.1
Server: 205.186.152.29 Culver City, United States, ASN31815 (MEDIATEMPLE - Media Temple, Inc., US),
Reverse DNS
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2s mod_bwlimited/1.4 /
Resource Hash: 86417a585c14cb9be16c75209f1d680822924a2620fb11652cc415541de6dafb

Request headers

Host: af.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:18 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2s mod_bwlimited/1.4
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ilg0RHI4aWF6cnY3cmdiN2V4WmhVVmc9PSIsInZhbHVlIjoiK3FJM2J4VWJKbm1IdXl6bFdoQ1RsVjRVdUxiVlNFXC9cL3R4ZXdFT3Q1dlFCaVFBeWdtVlptYktZaVJaWmxwTjE4bCtZMVRGUDUwVmM3emd5RE9oTXNMdz09IiwibWFjIjoiYTg5YWQ4YjU0NjAxNmM5NDdjNDA4MDYzM2EyZTYxYjNhNzFhODg0YmY4NmZiM2IwZGM4Nzk3MjA1MmFiNGZjOCJ9; expires=Mon, 08-Jul-2019 04:54:19 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IllkSE40eHpFVU9JeE9najhNSlp1dlE9PSIsInZhbHVlIjoibDc5ckZUNVlMbmcwRGhOWmVnWExmdlNtUVNPYUd6cTUxSHZZQ3A4bGdoc1ZVYTZCSUQwamRwN0lIVVpiQ2kreTlYOFlEZVZzaExmNlpSSmlvOU1LVEE9PSIsIm1hYyI6IjY0MDg2OTQwY2I3NzYxMTI0NzYzYzA3OTM5Y2ZmOTc5MjViM2FiMzI3YzZmNWZjMTVjZmMwNmZkOTM5MDAwZTkifQ%3D%3D; expires=Mon, 08-Jul-2019 04:54:19 GMT; Max-Age=7200; path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5550
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 18 Jun 2019 13:11:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1690979
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33434
X-XSS-Protection: 0
Expires: Wed, 17 Jun 2020 13:11:20 GMT

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
18 KB 47ms
23ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:34:06 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639646"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 18137

GET
H2

200

prefixfree.min.js Show response
domain.me/premium-assets/
Redirect Chain

http://domain.me/premium-assets/prefixfree.min.js
https://domain.me/premium-assets/prefixfree.min.js

6 KB
3 KB

93ms
16ms

Script
application/x-javascript

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to

Full URL

https://domain.me/premium-assets/prefixfree.min.js

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

0d3e234b0d165ed8b7cb9ee8d3363340ede8aa5bc1f6221eae7508dc0f797566

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 2660
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://domain.me/premium-assets/prefixfree.min.js
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 52ms
25ms Script
text/javascript 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:33:51 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639631"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 8536

GET
H/1.1 200
OK css
fonts.googleapis.com/ 24 KB
2 KB 22ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b5b305651a1f46dfe1ddd5520d195c8a2ed95f5cf01141a7cb30778d02342fde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 02:54:19 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 08 Jul 2019 02:54:19 GMT

GET
H2

200

dotlogo.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/dotlogo.png
https://www.domain.me/premium-assets/dotlogo.png

7 KB
7 KB

74ms
16ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/dotlogo.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

757fa296323890927d1e9ca612647c53fcf25aa65ad1a4f7fe79e76bb0882b54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 7018
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/dotlogo.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

fbicon.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/fbicon.png
https://www.domain.me/premium-assets/fbicon.png

5 KB
5 KB

88ms
31ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/fbicon.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

e66635e42831535b859615ccffa9dcfce8a3a1fba95cf1659de345469050ec00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 5186
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/fbicon.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

twicon.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/twicon.png
https://www.domain.me/premium-assets/twicon.png

6 KB
6 KB

16ms
15ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/twicon.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

bfc05f50831cf5b1b33c2d3daa68c3cc41c0ff2357f5a5f3dac410d06286924f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 5978
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/twicon.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

yticon.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/yticon.png
https://www.domain.me/premium-assets/yticon.png

5 KB
6 KB

16ms
15ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/yticon.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

83e3ce2f02cb853fc56853f53eb11d6c6af9b85d39321ecdc5a28574fb2a9efe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 5320
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/yticon.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

sherlock.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/sherlock.png
https://www.domain.me/premium-assets/sherlock.png

58 KB
57 KB

16ms
15ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/sherlock.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

af4eb3418065d2dc3ac707ab0457385b47ae923b520f4992a056473594473a0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 57869
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/sherlock.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

balon1.png
www.domain.me/premium-assets/
Redirect Chain

http://www.domain.me/premium-assets/balon1.png
https://www.domain.me/premium-assets/balon1.png

17 KB
16 KB

26ms
26ms

Image
image/png

192.124.249.64
Sucuri

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.domain.me/premium-assets/balon1.png

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.64 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),

Reverse DNS

cloudproxy10064.sucuri.net

Software

nginx /

Resource Hash

0a064a319f9c56ca87b70c3956c56c3ed79d468ecf58acba0350dd670d04e7e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 15968
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Jan 2018 18:56:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 19014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://www.domain.me/premium-assets/balon1.png
Date: Mon, 08 Jul 2019 02:54:19 GMT
X-Sucuri-ID: 19014
Server: Sucuri/Cloudproxy
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 209ms
106ms Script
application/javascript 52.216.170.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 52.216.170.157 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:20 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: 37AA1D38EB35A729
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: NcbTLQvq0X8/Vl2LwEpRiQLd/8UoRBpDq0Uyp9fJOwmb7kvxyusSxCBP/Od5ylZ1Y0JDbLA9d1Q=

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic
Origin: http://af.me

Response headers

Date: Thu, 13 Jun 2019 23:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:10:29 GMT
Server: sffe
Age: 2087333
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Fri, 12 Jun 2020 23:05:26 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic
Origin: http://af.me

Response headers

Date: Fri, 31 May 2019 19:56:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:12:28 GMT
Server: sffe
Age: 3221850
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9080
X-XSS-Protection: 0
Expires: Sat, 30 May 2020 19:56:49 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic
Origin: http://af.me

Response headers

Date: Sat, 01 Jun 2019 08:43:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:11:28 GMT
Server: sffe
Age: 3175861
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9016
X-XSS-Protection: 0
Expires: Sun, 31 May 2020 08:43:18 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/ 23 KB
23 KB 300ms
23ms Font
font/woff 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Origin: http://af.me

Response headers

Date: Mon, 08 Jul 2019 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:35:43 GMT
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
ETag: "1544639743"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 23186

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: af.me
URL: http://af.me/

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic
Origin: http://af.me

Response headers

Date: Thu, 13 Jun 2019 22:07:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Mar 2019 20:11:39 GMT
Server: sffe
Age: 2090823
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9180
X-XSS-Protection: 0
Expires: Fri, 12 Jun 2020 22:07:16 GMT

GET
H/1.1 200
OK bootstrap.min.css Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
18 KB 310ms
22ms XHR
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by: Host: domain.me
URL: https://domain.me/premium-assets/prefixfree.min.js
Protocol: HTTP/1.1
Security: , ,
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://af.me/
Origin: http://af.me

Response headers

Date: Mon, 08 Jul 2019 02:54:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Dec 2018 18:34:06 GMT
Connection: Keep-Alive
ETag: "1544639646"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
X-Hello-Human: Say hello back! @getBootstrapCDN on Twitter
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 18137

GET
H/1.1 200
OK css Show response
fonts.googleapis.com/ 24 KB
2 KB 22ms
16ms XHR
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext,cyrillic

Requested by

Host: domain.me
URL: https://domain.me/premium-assets/prefixfree.min.js

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b5b305651a1f46dfe1ddd5520d195c8a2ed95f5cf01141a7cb30778d02342fde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://af.me/
Origin: http://af.me

Response headers

Date: Mon, 08 Jul 2019 02:54:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 02:54:19 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 08 Jul 2019 02:54:19 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 1602
date: Mon, 08 Jul 2019 02:27:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Mon, 08 Jul 2019 04:27:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 8077.js Show response
script.crazyegg.com/pages/scripts/0035/ 0
725 B 31ms
24ms Script
application/x-javascript 2606:4700::6813:9308
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://script.crazyegg.com/pages/scripts/0035/8077.js?434042
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 08 Jul 2019 02:54:20 GMT
Via: 1.1 225f9ccd664f426842c72b002466ce3c.cloudfront.net (CloudFront)
CF-Cache-Status: HIT
Age: 2041
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Thu, 24 Nov 2016 04:45:19 GMT
Server: cloudflare
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, max-age=28800
Accept-Ranges: bytes
CF-RAY: 4f2ec5e0abb59aaa-FRA
X-Amz-Cf-Id: DyC_jCMgeyA7pLW4cx6rMfYGQD9yC7rpOlK8wdL1Z4DAM_mEkxextg==
Cf-Bgj: minify

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j77&a=1465955187&t=pageview&_s=1&dl=http%3A%2F%2Faf.me%2F&ul=en-us&de=UTF-8&dt=af.me%20is%20a%20premium%20name%20-%20but%20it%20could%20be%20yours!&...
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1465955187&t=pageview&_s=1&dl=http%3A%2F%2Faf.me%2F&ul=en-us&de=UTF-8&dt=af.me%20is%20a%20premium%20name%20-%20but%20it%20could%20be%20yours!...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_gid=338809291.1562554460&gjid=1447044932&_v=j77&z=1772452425
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425&slf_rd=1&random=137018979

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425&slf_rd=1&random=137018979

Requested by

Host: af.me
URL: http://af.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2019 02:54:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jul 2019 02:54:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3950962-5&cid=2062933298.1562554460&jid=593884637&_v=j77&z=1772452425&slf_rd=1&random=137018979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
a.adroll.com/j/ 33 KB
11 KB 61ms
27ms Script
text/javascript 2.16.186.48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://a.adroll.com/j/roundtrip.js
Requested by: Host: af.me
URL: http://af.me/
Protocol: HTTP/1.1
Security: , ,
Server: 2.16.186.48 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-48.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f0d9de8d70758790fcb06cfbf66cd6ef0ed7bd202e3e9757165e01143aeacbea

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: tLM5r0H8aLO6KCDnhb.an3Iwk17Ra_bh
Content-Encoding: gzip
ETag: "ef07e68ec215d56d03827a588f404daa"
Last-Modified: Tue, 02 Jul 2019 18:48:49 GMT
Server: AmazonS3
x-amz-request-id: 9B4D182088557D0A
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600, must-revalidate
Date: Mon, 08 Jul 2019 02:54:20 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10547
x-amz-id-2: fhoiRdI0KOcgfagbYzA+v1Qo12ociPvzJMZAKjPTh6h8bgdjppdI/DlStco/rSGXfaNmxV0mPzY=

GET
H/1.1 200
OK MIPKHDKO6ZFC3JPXUQX36B Show response
d.adroll.com/consent/check/ 40 B
499 B 143ms
34ms Script
application/javascript 54.246.91.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/MIPKHDKO6ZFC3JPXUQX36B?_s=afb01e3a141561e151fba1b9688428b6
Requested by: Host: a.adroll.com
URL: http://a.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.91.175 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-91-175.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jul 2019 02:54:20 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 40

GET
H/1.1

200
OK

RDDKD7S2VZAEVLPTQEK44N.js Show response
s.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ/
Redirect Chain

https://d.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ?adroll_fpc=b91f613c39482951cbf1a14b65c6aeb8-1562554460581&pv=98053599210.05568&cookie=&adroll_s_ref=&keyw=&arrfrr=http%3A%2F...
https://s.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ/RDDKD7S2VZAEVLPTQEK44N.js

4 KB
2 KB

87ms
32ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ/RDDKD7S2VZAEVLPTQEK44N.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2af373f73d515a42fe173b05e05f4efc7e404c317fbd75fa1b666633dbae782c

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: rAQ_9cJOEyfzfTascQPAV3jibOZYpi0t
Content-Encoding: gzip
x-amz-request-id: FF4344CF1A41499F
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Mon, 08 Jul 2019 02:54:20 GMT
Connection: keep-alive
Content-Length: 1290
x-amz-id-2: GJUg0eVWaAZ3tKrnPZkudbD2PYy8BLCZDcdcN/j4Z5Oi/rZiqwcNojv74n92wk+zIsZ3E6bUcQI=
Last-Modified: Wed, 22 May 2019 00:05:17 GMT
Server: AmazonS3
ETag: "4f100ef832d27ddbeca76f131c4a064b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 08 Jul 2019 02:54:20 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: *
X-Segment-Eid: RDDKD7S2VZAEVLPTQEK44N
Location: https://s.adroll.com/pixel/MIPKHDKO6ZFC3JPXUQX36B/WNJJ7ODREVA4FKGP3LLNTJ/RDDKD7S2VZAEVLPTQEK44N.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: WNJJ7ODREVA4FKGP3LLNTJ
X-Segment-Name: *
X-Advertisable-Eid: MIPKHDKO6ZFC3JPXUQX36B
X-Conversion-Currency: EUR

GET
H2

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

53 KB
17 KB

19ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: dZPy7wCRe/EupLY/iL0kQQaVM5GNTIjB5jURsY2d5yOGtdUkU2Bf6AHIxXz74nVeUKrQnDSaL/estFsVse64Ww==
x-fb-trip-id: 997090344
date: Mon, 08 Jul 2019 02:54:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B
https://x.bidswitch.net/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI

43 B
378 B

28ms
27ms

Image
image/gif

18.196.12.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.12.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-12-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 08 Jul 2019 02:54:21 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Mon, 08 Jul 2019 02:54:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B
https://ib.adnxs.com/setuid?entity=172&code=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI

0
590 B

3129ms
21ms

Image
text/html

185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jul 2019 02:54:25 GMT
AN-X-Request-Uuid: 611fdfcf-7f3e-4f28-8f13-4cd8fa4e401f
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 93.190.140.28; 93.190.140.28; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jul 2019 02:54:20 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=NmQ3NTIwMzQzZGU3Nzk2NDdmYThjZmNhMjIyOGQ3NDI
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B
https://idsync.rlcdn.com/377928.gif?partner_uid=6d7520343de779647fa8cfca2228d742

0
62 B

3205ms
130ms

Image
text/plain

34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=6d7520343de779647fa8cfca2228d742
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 08 Jul 2019 02:54:23 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jul 2019 02:54:20 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=6d7520343de779647fa8cfca2228d742
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6d7520343de779647fa8cfca2228d742
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6d7520343de779647fa8cfca2228d742

43 B
256 B

16ms
16ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6d7520343de779647fa8cfca2228d742
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.146.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2019 02:54:24 GMT
server: OXGW/16.146.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 08 Jul 2019 02:54:24 GMT
server: OXGW/16.146.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=6d7520343de779647fa8cfca2228d742
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=MIPKHDKO6ZFC3JPXUQX36B&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=bXUgND3neWR_qM_KIijXQg&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=bXUgND3neWR_qM_KIijXQg&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
533 B

35ms
34ms

Image
image/gif

54.246.91.175
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.91.175 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-91-175.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jul 2019 02:54:24 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Mon, 08 Jul 2019 02:54:24 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 897939386905673 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/897939386905673?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5b7e93d83e4f7419f956fd57cb6c6a4c94969a5ea842369019cc7014df10c8af

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: whQ/3B7vfLqDPLMvit+kdMbHAfzqCUSDGPjc3jEg4onGCDSjAfQ1Z1rF5n+bo0Y99HpSPNeAQ7Pj9txqPlAi9A==
x-fb-trip-id: 997090344
date: Mon, 08 Jul 2019 02:54:20 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
1 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: T1dHLpT/b7EIzPT0aFG/zWLFuxlYMl0EQRphDRAQEkrWk+bXP8pY+GcbK0VQ5L2P7RJEc9pLwYiVKGywLkRcig==
x-fb-trip-id: 997090344
date: Mon, 08 Jul 2019 02:54:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
324 B 17ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=897939386905673&ev=PageView&dl=http%3A%2F%2Faf.me%2F&rl=&if=false&ts=1562554460917&cd[segment_eid]=RDDKD7S2VZAEVLPTQEK44N%2CH5YAR6J75NHDRJIT45MCNZ&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=29&fbp=fb.1.1562554460916.1926257088&it=1562554460775&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://af.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 08 Jul 2019 02:54:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 08 Jul 2019 02:54:20 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.af.me/	1970-01-19 02:02:34	Name: _gat Value: 1
.af.me/	1970-01-19 02:04:00	Name: _gid Value: GA1.2.338809291.1562554460
.af.me/	1970-01-19 19:33:46	Name: _ga Value: GA1.2.2062933298.1562554460
af.me/	1970-01-19 02:02:41	Name: laravel_session Value: eyJpdiI6IllkSE40eHpFVU9JeE9najhNSlp1dlE9PSIsInZhbHVlIjoibDc5ckZUNVlMbmcwRGhOWmVnWExmdlNtUVNPYUd6cTUxSHZZQ3A4bGdoc1ZVYTZCSUQwamRwN0lIVVpiQ2kreTlYOFlEZVZzaExmNlpSSmlvOU1LVEE9PSIsIm1hYyI6IjY0MDg2OTQwY2I3NzYxMTI0NzYzYzA3OTM5Y2ZmOTc5MjViM2FiMzI3YzZmNWZjMTVjZmMwNmZkOTM5MDAwZTkifQ%3D%3D
af.me/	1970-01-19 02:02:41	Name: XSRF-TOKEN Value: eyJpdiI6Ilg0RHI4aWF6cnY3cmdiN2V4WmhVVmc9PSIsInZhbHVlIjoiK3FJM2J4VWJKbm1IdXl6bFdoQ1RsVjRVdUxiVlNFXC9cL3R4ZXdFT3Q1dlFCaVFBeWdtVlptYktZaVJaWmxwTjE4bCtZMVRGUDUwVmM3emd5RE9oTXNMdz09IiwibWFjIjoiYTg5YWQ4YjU0NjAxNmM5NDdjNDA4MDYzM2EyZTYxYjNhNzFhODg0YmY4NmZiM2IwZGM4Nzk3MjA1MmFiNGZjOCJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adroll.com
af.me
ajax.googleapis.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
domain.me
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
maxcdn.bootstrapcdn.com
s.adroll.com
s3.amazonaws.com
script.crazyegg.com
stats.g.doubleclick.net
us-u.openx.net
www.domain.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
x.bidswitch.net
172.217.22.98
173.241.240.143
18.196.12.17
185.33.223.210
192.124.249.64
2.16.186.48
2.18.233.40
205.186.152.29
209.197.3.15
2606:4700::6813:9308
2a00:1450:4001:806::200a
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2004
2a00:1450:4001:821::2003
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.92.78
52.216.170.157
54.246.91.175
0a064a319f9c56ca87b70c3956c56c3ed79d468ecf58acba0350dd670d04e7e8
0d3e234b0d165ed8b7cb9ee8d3363340ede8aa5bc1f6221eae7508dc0f797566
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2af373f73d515a42fe173b05e05f4efc7e404c317fbd75fa1b666633dbae782c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b7e93d83e4f7419f956fd57cb6c6a4c94969a5ea842369019cc7014df10c8af
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
757fa296323890927d1e9ca612647c53fcf25aa65ad1a4f7fe79e76bb0882b54
83e3ce2f02cb853fc56853f53eb11d6c6af9b85d39321ecdc5a28574fb2a9efe
86417a585c14cb9be16c75209f1d680822924a2620fb11652cc415541de6dafb
867bd168728faba904fe15de941932d1d7537130b0edb918970901435cf39929
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
af4eb3418065d2dc3ac707ab0457385b47ae923b520f4992a056473594473a0d
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b5b305651a1f46dfe1ddd5520d195c8a2ed95f5cf01141a7cb30778d02342fde
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bfc05f50831cf5b1b33c2d3daa68c3cc41c0ff2357f5a5f3dac410d06286924f
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66635e42831535b859615ccffa9dcfce8a3a1fba95cf1659de345469050ec00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d9de8d70758790fcb06cfbf66cd6ef0ed7bd202e3e9757165e01143aeacbea
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

af.me Open in urlscan Pro 205.186.152.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

57 %HTTPS

45 %IPv6

18 Domains

23 Subdomains

19 IPs

6 Countries

500 kBTransfer

1074 kBSize

5 Cookies

5 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

af.me Open in urlscan Pro
205.186.152.29 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

57 %
HTTPS

45 %
IPv6

18
Domains

23
Subdomains

19
IPs

6
Countries

500 kB
Transfer

1074 kB
Size

5
Cookies

35 HTTP transactions
0 data transactions