www.evilmilk.com Open in urlscan Pro
2606:4700:e0::ac40:6722 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.evilmilk.com/
Effective URL:
https://www.evilmilk.com/
Submission: On October 16 via manual (October 16th 2019, 4:35:27 pm UTC) from US

Summary HTTP 217 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 33 domains to perform 217 HTTP transactions. The main IP is 2606:4700:e0::ac40:6722, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.evilmilk.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 14th 2019. Valid for: 6 months.

This is the only time www.evilmilk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 71	2606:4700:e0:... 2606:4700:e0::ac40:6722	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2600:9000:20e... 2600:9000:20eb:a200:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.225.78.44 13.225.78.44	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.241.183.39 54.241.183.39	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
10	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
2	13.224.196.65 13.224.196.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	185.33.223.83 185.33.223.83	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	23.239.15.111 23.239.15.111	63949 (LINODE-AP...) (LINODE-AP Linode)
7	208.100.17.180 208.100.17.180	32748 (STEADFAST) (STEADFAST - Steadfast)
1	38.140.99.21 38.140.99.21	174 (COGENT-174) (COGENT-174 - Cogent Communications)
3 10	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
11	52.18.117.195 52.18.117.195	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
12	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	3.222.69.96 3.222.69.96	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:20e... 2600:9000:20eb:7e00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	2606:4700:20:... 2606:4700:20::6819:9307	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	91.228.74.167 91.228.74.167	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
3	104.16.129.5 104.16.129.5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
6	152.195.34.232 152.195.34.232	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
14	13.89.35.253 13.89.35.253	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	8.41.222.100 8.41.222.100	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	77.245.58.158 77.245.58.158	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc.)
2	152.195.34.229 152.195.34.229	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	172.104.6.46 172.104.6.46	63949 (LINODE-AP...) (LINODE-AP Linode)
1 2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
217	43

71 2606:4700:e0::ac40:6722 (United States) 10 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.evilmilk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.evilmilk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:a200:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.44 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-44.fra2.r.cloudfront.net

theeighth-net.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.241.183.39 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-241-183-39.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.196.65 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.83 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.239.15.111 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li723-111.members.linode.com

bidder.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.180 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip180.208-100-17.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.140.99.21 (Wellsville, United States)

ASN174 (COGENT-174 - Cogent Communications, US)

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.95.120.147 (United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.18.117.195 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.69.96 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-69-96.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::6819:9307 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.167 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.129.5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prebid.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.195.34.232 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.89.35.253 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

engine.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
report.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
served.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viewed.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.41.222.100 (United States)

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.58.158 (Netherlands)

ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US)
PTR: mypersonalfinancestoday.com

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.34.229 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ad.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.6.46 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1742-46.members.linode.com

sync.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	evilmilk.com 10 redirects www.evilmilk.com my.evilmilk.com	290 KB
22	bidfluence.com cdn.bidfluence.com engine.bidfluence.com server.bidfluence.com ad.bidfluence.com report.bidfluence.com served.bidfluence.com pb.bidfluence.com viewed.bidfluence.com	76 KB
21	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	323 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	262 KB
11	gumgum.com g2.gumgum.com	5 KB
10	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	17 KB
10	openx.net 3 redirects the-eighth-d.openx.net pixfuture2-d.openx.net eu-u.openx.net	2 KB
8	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	116 KB
8	adnxs.com ib.adnxs.com acdn.adnxs.com	6 KB
7	33across.com ssc.33across.com	3 KB
6	googletagservices.com www.googletagservices.com	129 KB
4	rubiconproject.com eus.rubiconproject.com fastlane.rubiconproject.com	3 KB
4	google.com adservice.google.com	1 KB
4	google.de adservice.google.de	1 KB
3	mgid.com prebid.mgid.com	693 B
3	quantserve.com pixel.quantserve.com	1 KB
3	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	106 KB
3	fontawesome.com use.fontawesome.com	136 KB
2	adkernel.com sync.adkernel.com	218 B
2	1rx.io tag.1rx.io	542 B
2	rtk.io bidder.rtk.io sync.rtk.io	1 KB
2	ad-delivery.net ad-delivery.net	1 KB
2	cloudflare.com cdnjs.cloudflare.com	14 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	37 KB
1	consensu.org vendorlist.consensu.org	16 KB
1	cdnjquery.com cluster-na.cdnjquery.com	356 B
1	lockerdome.com lockerdome.com	438 B
1	districtm.io dmx.districtm.io	419 B
1	ipfind.co ipfind.co	495 B
1	videoplayerhub.com theeighth-net.videoplayerhub.com	22 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	693 B
217	33

	Domain	Requested by
52	www.evilmilk.com	1 redirects www.evilmilk.com code.jquery.com thisiswaldo.com
19	my.evilmilk.com	9 redirects www.evilmilk.com
12	served-by.pixfuture.com	code.jquery.com www.evilmilk.com served-by.pixfuture.com cdn.pixfuture.com pagead2.googlesyndication.com
11	g2.gumgum.com	cdn.thisiswaldo.com cdn.pixfuture.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
9	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
7	ads.pubmatic.com	cdn.bidfluence.com ads.pubmatic.com cdn.pixfuture.com
7	ssc.33across.com	cdn.thisiswaldo.com
6	eu-u.openx.net	3 redirects cdn.pixfuture.com
6	cdn.bidfluence.com	www.evilmilk.com cdn.bidfluence.com
6	www.googletagservices.com	cdn.thisiswaldo.com cdn.bidfluence.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
5	ib.adnxs.com	cdn.thisiswaldo.com cdn.pixfuture.com
4	server.bidfluence.com	cdn.bidfluence.com
4	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
4	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
3	acdn.adnxs.com	cdn.pixfuture.com
3	hbopenbid.pubmatic.com	cdn.pixfuture.com
3	pixfuture2-d.openx.net	cdn.pixfuture.com
3	prebid.mgid.com	cdn.pixfuture.com
3	pixel.quantserve.com	www.evilmilk.com served-by.pixfuture.com
3	pagead2.googlesyndication.com	cdn.pixfuture.com pagead2.googlesyndication.com
3	use.fontawesome.com	www.evilmilk.com
2	viewed.bidfluence.com	cdn.bidfluence.com
2	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	pb.bidfluence.com	cdn.bidfluence.com
2	served.bidfluence.com	cdn.bidfluence.com
2	report.bidfluence.com	cdn.bidfluence.com
2	ad.bidfluence.com	cdn.bidfluence.com
2	sync.adkernel.com	cdn.bidfluence.com
2	tag.1rx.io	cdn.bidfluence.com
2	fastlane.rubiconproject.com	cdn.bidfluence.com
2	eus.rubiconproject.com	cdn.bidfluence.com
2	engine.bidfluence.com	cdn.bidfluence.com
2	ad-delivery.net	theeighth-net.videoplayerhub.com
2	cdn.thisiswaldo.com	www.evilmilk.com cdn.thisiswaldo.com
2	cdnjs.cloudflare.com	www.evilmilk.com
2	stackpath.bootstrapcdn.com	www.evilmilk.com
1	sync.rtk.io	cdn.thisiswaldo.com
1	vendorlist.consensu.org	thisiswaldo.com
1	cluster-na.cdnjquery.com	theeighth-net.videoplayerhub.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	lockerdome.com	cdn.thisiswaldo.com
1	bidder.rtk.io	cdn.thisiswaldo.com
1	dmx.districtm.io	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	ipfind.co	cdn.thisiswaldo.com
1	theeighth-net.videoplayerhub.com	cdn.thisiswaldo.com
1	fonts.gstatic.com	www.evilmilk.com
1	code.jquery.com	www.evilmilk.com
1	fonts.googleapis.com	www.evilmilk.com
217	51

This site contains links to these domains. Also see Links.

Domain
my.evilmilk.com
example.com
facebook.com
gifpit.com
www.dailyhaha.com
www.trumparea.com
www.allmotivated.com
www.lolpix.com
www.angryduck.com
www.facebook.com

Subject Issuer	Validity	Valid
sni146596.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-14` - `2020-04-21`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2019-06-16` - `2020-06-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
ipfind.co Amazon	`2019-03-31` - `2020-04-30`	a year	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2018-09-19` - `2020-11-18`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rtk.io COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2020-03-25`	3 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2018-09-27` - `2019-11-26`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
served-by.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-15` - `2021-04-24`	2 years	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
ssl377713.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-24` - `2020-04-01`	6 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ssl382979.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-21` - `2020-02-27`	6 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
sa216gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-04-19` - `2020-07-22`	2 years	crt.sh
*.bidfluence.com DigiCert SHA2 Secure Server CA	`2018-04-21` - `2020-06-23`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
sa300gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-06-01` - `2020-04-18`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.evilmilk.com/
Frame ID: DBADA596C24DDCA56D619DF08C520AE2
Requests: 109 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/pixfuture/728.aspx
Frame ID: 485549B7F8A208FFE216F42AB2C67CAD
Requests: 2 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/pixfuture/728.aspx
Frame ID: BDCBFE10BE6BE1F0E6E4C604BDD2E496
Requests: 2 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Frame ID: A6BDD392F7D6FA78126C541C58E39D45
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Frame ID: 3256A334069FB7A79A0ADFFDDEE42AA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 581ABCFB582E6BF7E3B0F848E3685A7A
Requests: 10 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 01BCA45EB960F1FA324B96F6CAAA8801
Requests: 10 HTTP requests in this frame

Frame: https://cdn.bidfluence.com/forge.js
Frame ID: 5AA9BE90DED6FA98A19378D7BB394CF8
Requests: 22 HTTP requests in this frame

Frame: https://cdn.bidfluence.com/forge.js
Frame ID: 1BC6B843AA9539A2F69E469F40EB2118
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2B2846FED835BD078F1A4E64B6B77B0C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3F11DD9D79AA738F3CC1981D5F8FEFCF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6D8EFC39D89C55440BF0FB90DCF45D70
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BC28FDC2410D5C809FC4E94618D2D71E
Requests: 1 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/300framed.aspx
Frame ID: 2C5DCED42E0F508BE25A93A51A8DC6B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Frame ID: 2E3003FC845322D67BD3930E800088FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Frame ID: 1EA13B94736D51D0677DBC26107DE042
Requests: 1 HTTP requests in this frame

Frame: https://ad.bidfluence.com/serving/serving.html
Frame ID: CBE97439BAF2B788B4A0889B0815E5CA
Requests: 1 HTTP requests in this frame

Frame: https://ad.bidfluence.com/serving/serving.html
Frame ID: 720A9C1BCB5DE8EC2705D05180733574
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Frame ID: 7CA19B2A18CF7845FA2F596A9406EE94
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 0B90C1CC388CE8D918B003A1575F7F1B
Requests: 10 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 158DFFB3C1C41359C8FBED2825C8FB84
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 82B83F92763D092D946CC83813E46CFC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html
Frame ID: 2A8BFF3901AF76485AB673907F234F88
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Frame ID: 799C8E0F5D0B62684E4C3E6510BF2F14
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2BE0833382472B416EB9E513F71E7FCF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 22D24CAED11BA65E2CDE581E09025A97
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9DD3C473CFC4866EFDDAABC54D4A48FE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 97D92C5A52C57C3E9644F0F0BB97E21F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D59C30D9098399157C41DB34D84F36F5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 04CEDC9F75094718248F6A3B5DB214DB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C2D49072DF8C86A6E9D8F9985D603823
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 84705892B38DF0087304E8C4E4EE2B90
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5D1F0B8BCE5418B06E01FADE1693308D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.evilmilk.com/ HTTP 301
https://www.evilmilk.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

217
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

51
Subdomains

43
IPs

6
Countries

1611 kB
Transfer

4247 kB
Size

2
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://my.evilmilk.com/
Title: My.Evilmilk

Search URL Search Domain Scan URL

URL: https://example.com/
Title: Misc

Search URL Search Domain Scan URL

URL: https://facebook.com/evilmilkdotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/login/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/meme
Title: Login/Register

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/2yi-19z8vk.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/arz-19z9va.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/arp-19z9uw.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/arz-19z9vd.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/arp-19z9ut.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/a1lt-19w5ta.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/2yi-19z3qm.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/tz-19z4vk.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/tz-19z4xq.htm

Search URL Search Domain Scan URL

URL: https://gifpit.com/
Title: ** GIF PIT **

Search URL Search Domain Scan URL

URL: http://www.dailyhaha.com/pictures/
Title: Funny Pictures

Search URL Search Domain Scan URL

URL: http://www.trumparea.com/
Title: Trump Area

Search URL Search Domain Scan URL

URL: http://www.allmotivated.com/
Title: DeMotivational Pics

Search URL Search Domain Scan URL

URL: http://www.lolpix.com/
Title: Funny Pictures

Search URL Search Domain Scan URL

URL: http://www.dailyhaha.com/soundboards.htm
Title: Soundboards

Search URL Search Domain Scan URL

URL: http://www.angryduck.com/
Title: Angry Duck

Search URL Search Domain Scan URL

URL: https://www.facebook.com/evilmilkdotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.evilmilk.com/ HTTP 301
https://www.evilmilk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://my.evilmilk.com/p/2yi-19z8vk_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/2yi-19z8vk_t1.jpg

Request Chain 95

https://my.evilmilk.com/p/arz-19z9va_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/arz-19z9va_t1.jpg

Request Chain 96

https://my.evilmilk.com/p/arp-19z9uw_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/arp-19z9uw_t1.jpg

Request Chain 97

https://my.evilmilk.com/p/arz-19z9vd_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/arz-19z9vd_t1.jpg

Request Chain 98

https://my.evilmilk.com/p/arp-19z9ut_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/arp-19z9ut_t1.jpg

Request Chain 99

https://my.evilmilk.com/p/a1lt-19w5ta_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/a1lt-19w5ta_t1.jpg

Request Chain 100

https://my.evilmilk.com/p/2yi-19z3qm_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/2yi-19z3qm_t1.jpg

Request Chain 101

https://my.evilmilk.com/p/tz-19z4vk_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/tz-19z4vk_t1.jpg

Request Chain 102

https://my.evilmilk.com/p/tz-19z4xq_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/tz-19z4xq_t1.jpg

Request Chain 204

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1594924173&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.evilmilk.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1571243715325&bpp=12&bdt=33&idt=61&shv=r20191014&cbv=r20190131&saldr=sa&correlator=6264862449108&frm=23&ife=1&pv=2&ga_vid=1331070002.1571243715&ga_sid=1571243715&ga_hid=2018655200&ga_fc=0&iag=255&icsg=170&nhd=4&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1073&ady=215&biw=1585&bih=1200&isw=300&ish=250&ifk=4117778280&scr_x=0&scr_y=0&eid=20040013&oid=3&pvsid=4001421104160576&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.1kjvvcnxzus9&fsb=1&dtd=122 HTTP 302
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

Request Chain 207

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

Request Chain 211

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

Request Chain 215

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

217 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.evilmilk.com/
Redirect Chain

http://www.evilmilk.com/
https://www.evilmilk.com/

17 KB
4 KB

394ms
314ms

Document
text/html

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0f9caa649cea75f0179fbc65ef81d2a6bf78ba76c2c23c3b94813cea5a556b9e

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 16 Oct 2019 16:35:10 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d27bf6b27efbd8e2e6b8f86b8950f291a1571243710; expires=Thu, 15-Oct-20 16:35:10 GMT; path=/; domain=.evilmilk.com; HttpOnly; Secure ASP.NET_SessionId=usoxwwnerpzwutyopoyluhi1; path=/; HttpOnly
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 526b71c61f1dc29f-FRA
content-encoding: br

Redirect headers

Date: Wed, 16 Oct 2019 16:35:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 16 Oct 2019 17:35:10 GMT
Location: https://www.evilmilk.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 526b71c559a6e013-FRA

GET
H2 200 css
fonts.googleapis.com/ 5 KB
693 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

85b8bc06b70053a31f23b3cea8a06a733c1c756ee85d42414abc81a0579c6ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 16 Oct 2019 16:35:10 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 16 Oct 2019 16:35:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:10 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 28ms
10ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
23 KB 26ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 19:19:47 GMT
status: 200
etag: "1545419987"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 22972

GET
H2 200 pagination.css
www.evilmilk.com/css/ 9 KB
2 KB 58ms
57ms Stylesheet
text/css 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/pagination.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1cdc548b67a8a47b7112338a80793672300ca8a246e2e624e22a3d9c6f417f8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Sep 2018 15:06:41 GMT
server: cloudflare
age: 6776
x-powered-by: ASP.NET
etag: W/"80d63789f350d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d45c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 reset.css
www.evilmilk.com/css/ 1 KB
658 B 59ms
57ms Stylesheet
text/css 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/reset.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fdf3b5ca512139b90ea3c4ae1d47a8e14a85de2f02112a351b65a1fc4cf422b5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Aug 2018 15:10:57 GMT
server: cloudflare
age: 3334
x-powered-by: ASP.NET
etag: W/"80d6cd82ce2cd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d48c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 animate.css
www.evilmilk.com/css/ 79 KB
4 KB 59ms
58ms Stylesheet
text/css 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/animate.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb9c1a8b154186d5e9c43aed0c01fc47535e49eb9c40364197b172162452465d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Aug 2018 00:35:15 GMT
server: cloudflare
age: 6776
x-powered-by: ASP.NET
etag: W/"80e3fbd6782fd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d49c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 main.css
www.evilmilk.com/css/ 11 KB
3 KB 59ms
58ms Stylesheet
text/css 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/main.css?id=1117b
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a11f9ed48fbbc5d3c929ddfcf03d09cc1c64042ea49613fca1adbf818468a98d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
last-modified: Sat, 17 Nov 2018 12:49:15 GMT
cf-bgj: minify
server: cloudflare
etag: W/"80972df2737ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-polished: origSize=14873
cf-ray: 526b71c83d4dc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 nav.css
www.evilmilk.com/css/ 5 KB
2 KB 80ms
79ms Stylesheet
text/css 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/nav.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4b1ceba8c9ba507eba857c76d626abf7edf231bd1fa8096187abaffd1cef02e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Oct 2018 00:14:16 GMT
server: cloudflare
age: 3334
x-powered-by: ASP.NET
etag: W/"0fce3ab4067d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d4fc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 24ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:10 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1571243710.dop003.fr8.shc,1571243710.dop003.fr8.t,1571243710.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 WTF-119_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 99ms
98ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/WTF-119_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1be90e00b660e7fe1638a06cbcd17f14813710985051c3972c7bc8755e50d423

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1899
x-powered-by: ASP.NET
status: 200
content-length: 7527
last-modified: Thu, 05 Sep 2019 19:22:35 GMT
server: cloudflare
etag: "f3fdb451f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d51c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Times_Sure_Have_Changed_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 60ms
59ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Times_Sure_Have_Changed_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 356f79f6dfa5bba7d74e01711e409d62756268d744b453b9219c87c64418a477

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1899
x-powered-by: ASP.NET
status: 200
content-length: 6737
last-modified: Wed, 16 Oct 2019 12:59:09 GMT
server: cloudflare
etag: "7c047802184d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d52c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Friendly_Reminder1423_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 63ms
58ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Friendly_Reminder1423_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18caca1f0ad8bbd47cb7bf538b8eac4e4ebe71fa1e9f8773e8599128ff5d884b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1899
x-powered-by: ASP.NET
status: 200
content-length: 6979
last-modified: Fri, 04 Oct 2019 15:47:20 GMT
server: cloudflare
etag: "bf75ad1cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d5ac29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Might_Hurt_You_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 63ms
58ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Might_Hurt_You_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f570d9c308d60541fc74ec7274a969d6890fa16f6c6f9b8612aad3f1ff7e3d47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1788
x-powered-by: ASP.NET
status: 200
content-length: 4900
last-modified: Fri, 04 Oct 2019 15:46:32 GMT
server: cloudflare
etag: "2d74f2e4ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d5bc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 3d_Tinder_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 64ms
59ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/3d_Tinder_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6537906d99c79f2fc93594d396c311e98f7327bce1b35e51c698c11bfa12bfa2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1788
x-powered-by: ASP.NET
status: 200
content-length: 5785
last-modified: Fri, 09 Aug 2019 19:01:02 GMT
server: cloudflare
etag: "38392bcae44ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d5cc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Wheels_On_A_Shopping_Cart_s.jpg
www.evilmilk.com/thumbs/ 6 KB
7 KB 64ms
60ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Wheels_On_A_Shopping_Cart_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 77c0f12ca986aaa1a73d240f662d286d8e30f9804f0e475e7916ad085ce8aeef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1636
x-powered-by: ASP.NET
status: 200
content-length: 6618
last-modified: Fri, 04 Oct 2019 15:46:38 GMT
server: cloudflare
etag: "4dd5e9e8ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d5ec29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Presentation_Time_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 64ms
60ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Presentation_Time_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7f25b60f534f1b0e1a29462489d367cca03d61bc3008420540c064c09c8c8a6f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1636
x-powered-by: ASP.NET
status: 200
content-length: 6025
last-modified: Fri, 04 Oct 2019 15:47:22 GMT
server: cloudflare
etag: "fdca183cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d5fc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Alabama_In_One_Picture_s.jpg
www.evilmilk.com/thumbs/ 8 KB
8 KB 65ms
60ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Alabama_In_One_Picture_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b721fdafa934c01607783d679274acfab966b70b1171413b0c7facb82c4fe86e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 7853
last-modified: Fri, 04 Oct 2019 15:46:27 GMT
server: cloudflare
etag: "35b952e2ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d64c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Morgan_Rose_s.jpg
www.evilmilk.com/thumbs/ 4 KB
4 KB 65ms
60ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Morgan_Rose_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05eafcf8c6f8b3b7e20d22142609f20a373091a1df5e46f111c0ffd3d216108b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 4240
last-modified: Thu, 05 Sep 2019 19:42:03 GMT
server: cloudflare
etag: "829412fe2164d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d68c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 A_Nicer_Body_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 68ms
64ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_Nicer_Body_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf74b96f1def0d6fd6514daf7bcecee2f11f372ade2f88846a5e92f02199b9f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 7096
last-modified: Thu, 05 Sep 2019 18:51:34 GMT
server: cloudflare
etag: "c8427ff01a64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d6ac29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 A_Spanking_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 65ms
60ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_Spanking_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4267006e5c5881eb2fc112f17bc193cb65228ea496009b36d6f71ddb6bc01e36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 7295
last-modified: Fri, 04 Oct 2019 15:46:27 GMT
server: cloudflare
etag: "73fe1ee2ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d6bc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Full_of_Win-105_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 65ms
61ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Full_of_Win-105_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 170e7f7ce74a0e14b8e9516b23a5c0e5707bb7d08e717b1f5b9aedd9e4733ffe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 4811
last-modified: Thu, 05 Sep 2019 19:22:32 GMT
server: cloudflare
etag: "7085d6431f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d6fc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 You_Think_This_Is_Funny_s.jpg
www.evilmilk.com/thumbs/ 5 KB
6 KB 65ms
61ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/You_Think_This_Is_Funny_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28809f57ff6e879b17c6458f91ce9a633c8a93d348cbd5957fdafffacc96f84e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 5616
last-modified: Tue, 15 Oct 2019 13:26:59 GMT
server: cloudflare
etag: "c9291f395c83d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d71c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 WTF___GIFDUMP__-8_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 65ms
61ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/WTF___GIFDUMP__-8_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e16fddca66258a8010273b847054e8a7b70902fdd4f704c2a27026c1cdef84d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 5942
last-modified: Thu, 03 Oct 2019 15:08:56 GMT
server: cloudflare
etag: "9b426a7afc79d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d74c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Cute_Family_Photo_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 68ms
64ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Cute_Family_Photo_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b77838b23adaf4613b13705e6fbfe05e9b6d8c693833ea63e58795359cc06ae7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 6345
last-modified: Fri, 04 Oct 2019 15:46:28 GMT
server: cloudflare
etag: "1fc31ce3ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d75c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Cool_stuff-190_s.jpg
www.evilmilk.com/thumbs/ 4 KB
5 KB 65ms
62ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Cool_stuff-190_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dcefbc4c701d3f5a584168672a421ea90765ab2d596d04478c19ac3bfd8e0e5c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 4543
last-modified: Thu, 05 Sep 2019 19:22:15 GMT
server: cloudflare
etag: "154c1c3a1f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d78c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Weird_Way_s.jpg
www.evilmilk.com/thumbs/ 5 KB
6 KB 67ms
64ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Weird_Way_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2705a705d0d9fbdf74330d49ccc71158039a69d4dae4514b00ecc20ba255cffa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 5595
last-modified: Fri, 04 Oct 2019 15:46:37 GMT
server: cloudflare
etag: "57945fe8ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d7ac29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 A_Romantic_s.jpg
www.evilmilk.com/thumbs/ 8 KB
9 KB 65ms
62ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_Romantic_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f3a42f2ffb391c199b8ee9953a5524c8ee69a861e6f7d2d8963fa2ab1da4ab40

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 8626
last-modified: Fri, 04 Oct 2019 15:47:18 GMT
server: cloudflare
etag: "51f6aa0cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d7bc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Any_Rice_Cakes_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 66ms
62ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Any_Rice_Cakes_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c88a7c5331062ac9777089d5edea5f73ae7c38673c056948f3d9c8deb74fc491

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 6174
last-modified: Fri, 09 Aug 2019 19:01:35 GMT
server: cloudflare
etag: "a5eaa8dde44ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d7cc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Nice_Shot7658_s.jpg
www.evilmilk.com/thumbs/ 8 KB
8 KB 66ms
62ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Nice_Shot7658_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1b42997707b26beaea5079a83f749de0714742a1fbaa664545310b4efa584fd3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3331
x-powered-by: ASP.NET
status: 200
content-length: 7731
last-modified: Thu, 05 Sep 2019 18:51:42 GMT
server: cloudflare
etag: "01b7df51a64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d7dc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 You_Animal___GIFDUMP__-13_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 66ms
63ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/You_Animal___GIFDUMP__-13_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a8402bd8f7da80f588bd901f9f1ce5c06e5ff2e4c1a3f89ee68cbae0c7c37ccf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 6887
last-modified: Thu, 03 Oct 2019 15:08:58 GMT
server: cloudflare
etag: "7f244f7bfc79d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d80c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Never9619_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 66ms
63ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Never9619_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8c5ff43c1ea77b72f6af481771b684a32201c8b988a3a42d74589d74b9f18d2d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 6927
last-modified: Fri, 09 Aug 2019 19:01:09 GMT
server: cloudflare
etag: "341110cee44ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d81c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 If_You_Ever_Feel_Bad1700_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 66ms
63ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/If_You_Ever_Feel_Bad1700_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 575b9215c6dfc0bd574f3d98dd9f6c174beb3a0b07a3b3122a2b8ce7ac270f6c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 6479
last-modified: Wed, 22 May 2019 13:12:02 GMT
server: cloudflare
etag: "3c5ef9f19f10d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d82c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Trying_To_Reach_You_s.jpg
www.evilmilk.com/thumbs/ 5 KB
6 KB 66ms
63ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Trying_To_Reach_You_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d5bad9057fd288a667aa687cd1e94e2e8e2d1969fb7cefdb7add5aae13ad2e53

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 5629
last-modified: Fri, 04 Oct 2019 15:47:24 GMT
server: cloudflare
etag: "821f33cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d83c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Overflow-514_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 67ms
64ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Overflow-514_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 95163212d95cfa0656f72ff3ce2b6807c6e26c60aed63fbb532acfe667a309c8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7119
x-powered-by: ASP.NET
status: 200
content-length: 6489
last-modified: Fri, 09 Aug 2019 18:16:58 GMT
server: cloudflare
etag: "551eb7a1de4ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d84c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 Weird_stuff-181_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 71ms
68ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Weird_stuff-181_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 078298ba46ace3992b2c9f3222ada7b456e7966261eb4ddbd9e6ec87d7dc50f6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 4747
last-modified: Thu, 05 Sep 2019 19:22:22 GMT
server: cloudflare
etag: "52a5203e1f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d85c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 You_Animal-96_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 68ms
65ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/You_Animal-96_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d9d2de84fc63455bc6b8b5c52a9a09d37589a46519ea1d7a8caedca950a377ee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3900
x-powered-by: ASP.NET
status: 200
content-length: 5363
last-modified: Thu, 23 May 2019 13:55:33 GMT
server: cloudflare
etag: "d91bb0306f11d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d86c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 He_Enjoys_It_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 67ms
65ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/He_Enjoys_It_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f390820a747c293b115e29193057ffb134ed57aa99ab40895a62fc264cd37d7c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3900
x-powered-by: ASP.NET
status: 200
content-length: 4964
last-modified: Fri, 04 Oct 2019 15:47:20 GMT
server: cloudflare
etag: "ec16132cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d87c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 You_Need_Help_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 67ms
65ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/You_Need_Help_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 23ece5a510d38feef737b522c91ed5dd5e6a81b5616a4e772e447634652740bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3900
x-powered-by: ASP.NET
status: 200
content-length: 4951
last-modified: Fri, 04 Oct 2019 15:47:24 GMT
server: cloudflare
etag: "8cf7134cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d88c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 So_What_Are_You_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 66ms
64ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/So_What_Are_You_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cebbc6ea70ba87149db984a2f0367dc81da68874893515299a5f605061dee00d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
content-length: 6861
last-modified: Fri, 04 Oct 2019 15:47:23 GMT
server: cloudflare
etag: "d4377b3cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d89c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 mymilk-logo.png
my.evilmilk.com/img/ 12 KB
12 KB 68ms
52ms Image
image/png 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/img/mymilk-logo.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf22d33ad9ba33a825e26a0b39e24740016bb403eb2aeb136688e768bbd0bf2f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
content-length: 12152
last-modified: Sun, 08 Oct 2017 19:27:16 GMT
server: cloudflare
etag: "04210736b40d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c83d8bc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 59ms
20ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15877634
status: 200
served-in-seconds: 0.009
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 526b71c8483c59b2-VIE
expires: Mon, 05 Oct 2020 16:35:10 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 29ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:54 GMT
status: 200
etag: "1544639634"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14090

GET
H2 200 modernizr.js Show response
www.evilmilk.com/js/ 11 KB
4 KB 61ms
55ms Script
application/javascript 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/modernizr.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6a32741d5cad4e3a0eeb9c115073bef55cd3639108e9d90f7cc9626d1112b3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 3334
x-powered-by: ASP.NET
status: 200
last-modified: Thu, 18 Oct 2018 00:50:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"014f0887c66d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 526b71c83d53c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 spon.js Show response
www.evilmilk.com/js/ 8 KB
2 KB 62ms
56ms Script
application/javascript 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/spon.js?d=050819
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9beb150113a5ef1e705d45036fd62c4aebb2f526248b02ea4307e923927a89b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2019 14:52:38 GMT
server: cloudflare
age: 3334
x-powered-by: ASP.NET
etag: W/"2bb4aead5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d55c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 notify.min.js Show response
cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/ 13 KB
7 KB 23ms
18ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15877063
status: 200
served-in-seconds: 0.009
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:10 GMT
server: cloudflare
etag: W/"5afd49fe-3562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 526b71c80ff65970-VIE
expires: Mon, 05 Oct 2020 16:35:10 GMT

GET
H2 200 global.js Show response
www.evilmilk.com/js/ 359 B
336 B 62ms
57ms Script
application/javascript 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/global.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2e3cf2d3e4de45c0871be9c764efeb70bec3136f02da6c0c7f271f5fede18f36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 7118
x-powered-by: ASP.NET
status: 200
last-modified: Wed, 24 Oct 2018 00:23:23 GMT
cf-bgj: minify
server: cloudflare
etag: W/"804ffec52f6bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-polished: origSize=545
cf-ray: 526b71c83d57c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 1828.js Show response
cdn.thisiswaldo.com/static/js/ 34 KB
7 KB 82ms
7ms Script
application/javascript 2600:9000:20eb:a200:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/static/js/1828.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a200:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 4560abefc480c70d209a5639db85b145b4873b81e6223cf9c8772b95841bec77

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 15:45:49 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 15:03:08 GMT
server: Apache/2.4.7 (Ubuntu)
age: 2961
etag: "870f-594a3d0e42203-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6529
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id: wbn6I0RhtJ4G_k38vUnVevxSXqaCdRcqMI07kGdoiqbz90BE33hpug==

GET
H2 200 jquery.mobile-events.js Show response
www.evilmilk.com/js/ 18 KB
3 KB 62ms
57ms Script
application/javascript 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/jquery.mobile-events.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28018757e9aad7b9f199922ca7f6e778bb5e90bea4c28d9a03cead8bb0869a4f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2019 13:19:12 GMT
server: cloudflare
age: 3334
x-powered-by: ASP.NET
etag: W/"d3ece6c2121d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 526b71c83d58c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7efe592b5a50327d58dfa18f6567de2201967b41d8d15c3360e571bf20b410e5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 background.png
www.evilmilk.com/images/ 1 KB
1 KB 18ms
18ms Image
image/png 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/background.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c2375c96b7f803c91a4419355c70fc649e3bab774118e7ba2f0cdbe27f8eaa1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/css/main.css?id=1117b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 1898
x-powered-by: ASP.NET
status: 200
content-length: 1266
last-modified: Sun, 05 Aug 2018 15:02:18 GMT
server: cloudflare
etag: "0b9744dcd2cd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c89e8cc29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 evilmilk-logo.png
www.evilmilk.com/images/ 21 KB
21 KB 22ms
22ms Image
image/png 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/evilmilk-logo.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/css/main.css?id=1117b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
cf-cache-status: HIT
age: 3160
x-powered-by: ASP.NET
status: 200
content-length: 21200
last-modified: Tue, 11 Sep 2018 23:52:14 GMT
server: cloudflare
etag: "0ba2762a4ad41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71c89ea0c29f-FRA
expires: Wed, 16 Oct 2019 20:35:10 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 7ms
7ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 07:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 465498
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10968
x-xss-protection: 0
expires: Sat, 10 Oct 2020 07:16:52 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 7ms
7ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
status: 200
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 45 KB
15 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "308 / 492 of 1000 / last-modified: 1571176937"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14544
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:10 GMT

GET
H2 200 prebid.js Show response
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ 184 KB
58 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:a200:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a200:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 335c28706d6fec7112516fd9e02dcacaf1bf77928e6b916b30132f034e29461b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 14:38:39 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:34:59 GMT
server: Apache/2.4.7 (Ubuntu)
age: 6991
etag: "2dee7-592e8dbad4a4b-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 58999
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id: d1ZG2Dcyy58vXUHN6Z3ZmZ_ePXBGMTIn4fXcocxpiRtnHcYw6zXI5g==

GET
H/1.1 200
OK videoplayer.js Show response
theeighth-net.videoplayerhub.com/ 93 KB
22 KB 39ms
6ms Script
application/javascript 13.225.78.44
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://theeighth-net.videoplayerhub.com/videoplayer.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-44.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3009133fca80d9f314853b1ae500485985e1bc422d2ce6eb20e36305fd5c544c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: d6sIf.QZUDpeivygM1.hhNkcEIcuOLmb
Content-Encoding: gzip
Last-Modified: Fri, 04 Oct 2019 23:01:28 GMT
Server: AmazonS3
Age: 42
Date: Wed, 16 Oct 2019 16:34:58 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: _dxdA_u30HlGY6Rq4qTj96b_KUNHh5djCBq26DbyBLcBAZY6RhNSCw==

GET
H2 200 me Show response
ipfind.co/ 286 B
495 B 524ms
200ms XHR
application/json 54.241.183.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.183.39 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-241-183-39.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d87236b3e062611e7e461bd896c7bcf184d4cb5683b28c0de0147b7aed9f8c2b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
server: Apache/2.4.18 (Ubuntu)
status: 200
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 286

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/ 227 B
354 B 217ms
217ms XHR
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 526b71c968dfc29f-FRA

GET
H2 200 300.aspx Show response
www.evilmilk.com/spon/ 251 B
207 B 556ms
556ms XHR
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/300.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 44a9637c16efc6c22898f85eceec42ad61fdb770d3dd11696f9f8ca797e1c94c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 526b71c968e1c29f-FRA

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/ 227 B
180 B 554ms
554ms XHR
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 526b71c968e3c29f-FRA

GET
H2 200 / Show response
www.evilmilk.com/functions/myevilmilk-sidebar/ 2 KB
340 B 779ms
779ms XHR
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/functions/myevilmilk-sidebar/
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0b4b9df6d786bd3a44e0c620c0813eb2a3bda1a27fba0dd0e1ee27dd235460de

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 526b71c968e4c29f-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
656 B 33ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
656 B 41ms
18ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 54ms
41ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:10 GMT

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/pixfuture/ Frame 4855 327 B
243 B 979ms
977ms Document
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/pixfuture/728.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d27bf6b27efbd8e2e6b8f86b8950f291a1571243710; ASP.NET_SessionId=usoxwwnerpzwutyopoyluhi1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Wed, 16 Oct 2019 16:35:12 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 526b71ca9c75c29f-FRA
content-encoding: br

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
993 B 39ms
6ms Script
application/x-javascript 13.224.196.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: theeighth-net.videoplayerhub.com
URL: https://theeighth-net.videoplayerhub.com/videoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 248
date: Wed, 16 Oct 2019 16:31:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 9fYPFUowk8xtvW63TjggdLdNJLWTNF2Ua4Fq8l7FXqFnLDnYDN3ePw==
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)

GET
H/1.1 200
OK cmp.complete.bundle.js Show response
thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/ 195 KB
41 KB 568ms
114ms Script
application/javascript 52.15.219.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: d293633e94d92cd639cf8f8dcc6755e77160483c5659c947bf6507bb74c0237f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 23:35:43 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "30ac4-588f59ba34056-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41485

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
419 B 298ms
283ms XHR
text/plain 104.16.68.69
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 526b71cd5e96d6b5-FRA
access-control-allow-headers: origin, content-type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 846 B
1 KB 57ms
30ms XHR
application/json 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

21f92cf2c2af94d939a1a158009dab33684e2e95a4ef0c4fba9fe5b7f2fe7bde

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.140:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f2ca6265-798b-41fc-a3d2-aeef6a3a9291
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK aardvark Show response
bidder.rtk.io/IS9K/eu2l_UzG9_qT2e_47W7_7t7C_b8DR_5GHY/ 959 B
1 KB 784ms
512ms XHR
text/html 23.239.15.111
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.rtk.io/IS9K/eu2l_UzG9_qT2e_47W7_7t7C_b8DR_5GHY/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.evilmilk.com%2F&gdpr=false&eu2l=18aa4b7f2629d7a&UzG9=19365a464fdc217&qT2e=20618d1ffb38d12&47W7=21792fb85df1943&7t7C=2215ea441a91dfe&b8DR=23d62eaf75d6caa&5GHY=242ad6bbd22462d&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.239.15.111 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li723-111.members.linode.com
Software: RTK AdStorm/1.0 /
Resource Hash: ea05f616819dbe597fc9eb1bfccb508b874f4e08b5152380e1a06db2e469325f

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Content-Encoding: gzip
Server: RTK AdStorm/1.0
Etag: "e57081226cae63d33a438113beecacf2d82a14c6"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Rtk-Nid: li365-211.members.linode.com:107
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length: 261
Expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 117 B
391 B 347ms
117ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: e65939ea0a956bef7cc4dd3cb8929497d08b32180deb4ce6c55e71ad9da5272f

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
392 B 518ms
287ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: fd310613a3da92a74dec9f918be34fba4003a78e4ec7c4e055c9599084a3439b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
402 B 516ms
286ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: d792b2169009779108a0c81ee9772f3f0619a3d06f93f427ca3105266523f0ad

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
393 B 352ms
122ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: d777e93a5056b75aad98879304ea0fa23f57a31812e3557d2bfdb2b8a876bfec

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
401 B 361ms
131ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: e5c70bfd20798626a614401690396e41c900e85a603962e9dcd60380049d1bd5

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
392 B 361ms
131ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: acd043313a0b2a8d492296f3252622cec1256756637bf2ca1944b276f195d928

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
392 B 516ms
286ms XHR
application/json 208.100.17.180
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: b38e90f7490f4bf75d2b9ff395741895b51a43ec0ddb73e037deed1ec60bbb6b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
438 B 512ms
123ms XHR
application/json 38.140.99.21
Cogent Communicat...

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 38.140.99.21 Wellsville, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 16 Oct 2019 16:35:11 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 31

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 174 B
546 B 239ms
208ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=be637de4-5098-406c-b2b3-8a223c30c99f%2C5484f61c-a901-4cc9-ab60-7923b4a2c3b5%2C2fd07a66-bc5b-46de-baab-2fe7bbd2fe92%2C66bce324-448d-4704-9f58-72489be5a3b7%2C4668f487-feac-41bb-94b0-ef5667e2f769%2C143cfdf0-72d4-4586-8686-3dfc3df7f916&nocache=1571243711428&x_gdpr_f=1&aus=300x250%7C160x600%7C300x250%7C728x90%7C728x90%7C300x250%2C300x600&divIds=waldo-tag-1845%2Cwaldo-tag-1846%2Cwaldo-tag-1847%2Cwaldo-tag-1848%2Cwaldo-tag-1849%2Cwaldo-tag-1997&auid=540066620%2C540066623%2C540066626%2C540066627%2C540066628%2C540144789&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: 0d285bd8e98c7923be6e01636514ff36aa3070730f0a8860f4a94b08051d97b7

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 96ms
37ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 95ms
35ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7723&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 96ms
37ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 95ms
36ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7726&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 111ms
52ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7726&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 95ms
36ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 95ms
37ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7724&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
379 B 95ms
36ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=10240&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:11 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 599 B
1 KB 56ms
31ms XHR
application/json 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

94487ac2c8206296d5872b6014b0a8251ae110db2bc96a4b16dc8e23ad9f9560

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: db1a8d2e-b1ab-45df-8e75-1900fadf0db6
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/pixfuture/ Frame BDCB 327 B
323 B 641ms
640ms Document
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/pixfuture/728.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d27bf6b27efbd8e2e6b8f86b8950f291a1571243710; ASP.NET_SessionId=usoxwwnerpzwutyopoyluhi1; __beaconTrackerID=qary5x0ua; waldo_country=DE; waldo_continent=EU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Wed, 16 Oct 2019 16:35:12 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 526b71cc9a60c29f-FRA
content-encoding: br

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 1 KB
2 KB 259ms
82ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:11 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 92 B
356 B 382ms
91ms Script
text/javascript 3.222.69.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1571243711623&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.evilmilk.com%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22ec0a77b0-f032-11e9-b795-d279c1d488dc%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.evilmilk.com%2F&csVersion=1.18.7

Requested by

Host: theeighth-net.videoplayerhub.com
URL: https://theeighth-net.videoplayerhub.com/videoplayer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.69.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-222-69-96.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

b8edbd60c49396a68ff7fb263971413248ed7d753fa5736632c534b39a2bf696

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:11 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5c-x1Vo+i9afjk6aLkANBYDxw9SZ48"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 84

GET
H2 200 px.gif
ad-delivery.net/ 43 B
386 B 7ms
6ms Image
image/gif 13.224.196.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7449754830406026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 70941
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Tue, 15 Oct 2019 22:01:58 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 6HDPXpEY_uXPKioutGUHcAfqdBsxV_HB83v34wB8RSTxDLQebJm0rw==

GET
H2 200 myevilmilk.jpg
www.evilmilk.com/images/ 8 KB
8 KB 16ms
14ms Image
image/jpeg 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/myevilmilk.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc516e2380c0c511c04a564d5d4a1195c7e4008ec62ae97095030fdf086cb048

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 2459
x-powered-by: ASP.NET
status: 200
content-length: 8337
last-modified: Thu, 27 Jul 2017 00:02:11 GMT
server: cloudflare
etag: "80348986b6d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce0e44c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

2yi-19z8vk_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/2yi-19z8vk_t1.jpg
https://my.evilmilk.com/p/1/9/2yi-19z8vk_t1.jpg

4 KB
5 KB

20ms
19ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/2yi-19z8vk_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d2d29cc2c110b7e584a064759795ab15124d73e68398c75e495291c960545f53

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 1241
x-powered-by: ASP.NET
status: 200
content-length: 4547
last-modified: Wed, 16 Oct 2019 15:26:20 GMT
server: cloudflare
etag: "1c10a1f3684d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce2e86c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 1241
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/2yi-19z8vk_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e45c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

arz-19z9va_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/arz-19z9va_t1.jpg
https://my.evilmilk.com/p/1/9/arz-19z9va_t1.jpg

3 KB
3 KB

12ms
12ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/arz-19z9va_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 15b50e181f22a9f513afc872da974528bab3cdd5b439dc132ea58685eb9ed420

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 1540
x-powered-by: ASP.NET
status: 200
content-length: 3085
last-modified: Wed, 16 Oct 2019 15:48:45 GMT
server: cloudflare
etag: "5ebe69313984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce4ed2c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 1541
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/arz-19z9va_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e46c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

arp-19z9uw_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/arp-19z9uw_t1.jpg
https://my.evilmilk.com/p/1/9/arp-19z9uw_t1.jpg

2 KB
3 KB

19ms
18ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/arp-19z9uw_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a300ea378e82800be236d2c0d92ca1e45740b5759dad4af09484c46fa7b19e30

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 1892
x-powered-by: ASP.NET
status: 200
content-length: 2519
last-modified: Wed, 16 Oct 2019 15:48:43 GMT
server: cloudflare
etag: "4f9138303984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce2ea7c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 1892
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/arp-19z9uw_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e47c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

arz-19z9vd_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/arz-19z9vd_t1.jpg
https://my.evilmilk.com/p/1/9/arz-19z9vd_t1.jpg

4 KB
4 KB

20ms
20ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/arz-19z9vd_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6ae0c721ce7c5018a4cf8f772ccb86499c0f2518ba084b6621637f7e82eb4bba

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 2179
x-powered-by: ASP.NET
status: 200
content-length: 3850
last-modified: Wed, 16 Oct 2019 15:48:45 GMT
server: cloudflare
etag: "534692313984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce2ea9c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 2180
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/arz-19z9vd_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e49c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

arp-19z9ut_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/arp-19z9ut_t1.jpg
https://my.evilmilk.com/p/1/9/arp-19z9ut_t1.jpg

3 KB
3 KB

18ms
18ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/arp-19z9ut_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7176268545a19573c231c2bc04788eb186ef7d109d38976e5cbf4a47998a8669

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 2458
x-powered-by: ASP.NET
status: 200
content-length: 3122
last-modified: Wed, 16 Oct 2019 15:48:43 GMT
server: cloudflare
etag: "4f9138303984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce3eacc29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 2459
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/arp-19z9ut_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e4cc29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

a1lt-19w5ta_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/a1lt-19w5ta_t1.jpg
https://my.evilmilk.com/p/1/9/a1lt-19w5ta_t1.jpg

2 KB
3 KB

21ms
20ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/a1lt-19w5ta_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f1476a3eeb3ddfc9195d62b0de5310163091bdb3fd24f3fe52cb6155dadacf7

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 4608
x-powered-by: ASP.NET
status: 200
content-length: 2555
last-modified: Mon, 14 Oct 2019 20:03:42 GMT
server: cloudflare
etag: "f04f947aca82d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce2eaac29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 4609
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/a1lt-19w5ta_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce0e4fc29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

2yi-19z3qm_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/2yi-19z3qm_t1.jpg
https://my.evilmilk.com/p/1/9/2yi-19z3qm_t1.jpg

4 KB
5 KB

17ms
17ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/2yi-19z3qm_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aafeb1d22f995ade9b8827c02e1e405fa665a9e0d62e919a667f969563d55daa

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 737
x-powered-by: ASP.NET
status: 200
content-length: 4597
last-modified: Wed, 16 Oct 2019 13:29:11 GMT
server: cloudflare
etag: "a9763b22584d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce3eb7c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 737
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/2yi-19z3qm_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce1e69c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

tz-19z4vk_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/tz-19z4vk_t1.jpg
https://my.evilmilk.com/p/1/9/tz-19z4vk_t1.jpg

4 KB
4 KB

19ms
18ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/tz-19z4vk_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5fd9c9fe4fd353fec8bc77619a1c615ebbb32d12ac16ddfbfbe4ec76f25666f1

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 737
x-powered-by: ASP.NET
status: 200
content-length: 4035
last-modified: Wed, 16 Oct 2019 13:55:04 GMT
server: cloudflare
etag: "db8a24f2984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce3eafc29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 737
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/tz-19z4vk_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce1e6ac29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2

200

tz-19z4xq_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/tz-19z4xq_t1.jpg
https://my.evilmilk.com/p/1/9/tz-19z4xq_t1.jpg

5 KB
5 KB

18ms
17ms

Image
image/jpeg

2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/tz-19z4xq_t1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ff52e6f95db83cb879c5e9dbb28274a626f669f124fb4a086f7879d8934e212b

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
age: 737
x-powered-by: ASP.NET
status: 200
content-length: 5235
last-modified: Wed, 16 Oct 2019 13:56:24 GMT
server: cloudflare
etag: "bdf3927f2984d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 526b71ce3eb4c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

Redirect headers

date: Wed, 16 Oct 2019 16:35:11 GMT
cf-cache-status: HIT
server: cloudflare
age: 737
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/tz-19z4xq_t1.jpg
cache-control: public, max-age=14400
cf-ray: 526b71ce1e66c29f-FRA
expires: Wed, 16 Oct 2019 20:35:11 GMT

GET
H2 200 pubvendors.json Show response
www.evilmilk.com/.well-known/ 0
193 B 139ms
139ms Fetch
application/json 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/.well-known/pubvendors.json
Requested by: Host: thisiswaldo.com
URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 14 Nov 2018 01:01:52 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "080f0a0b57bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
accept-ranges: bytes
cf-ray: 526b71d09d24c29f-FRA
content-length: 0

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ Frame BDCB 1 KB
2 KB 82ms
82ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:12 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ Frame 4855 1 KB
2 KB 158ms
81ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:12 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame A6BD 6 KB
6 KB 257ms
178ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8f61b4bd965fa59d238255d5932c0c3336595a4f1bf2218a9d12c181be1346c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
12 KB 148ms
148ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1369893880176527&correlator=1308491360548722&output=ldjh&impl=fifs&adsid=NT&eid=21062415%2C21064550%2C21064688&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu_parts=8491498%2Cevilmilk_passback_300x250_2%2Cevilmilk_passback_160x600%2Cevilmilk_passback_728x90%2Cevilmilk_passback_728x90_2%2Cevilmilk_passback_300x250_3%2Cevilmilk300x250FX_5_Universal_Passback_5bcdd73534fce&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%2C160x600%2C320x50%2C320x50%2C300x250%2C300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1571243712&dt=1571243712218&dlt=1571243710712&idt=336&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=792040253%2C4221903830%2C1649824028%2C3165818374%2C181391100%2C1000438725&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=51&icsg=178261811&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=965700367.1571243712&ga_sid=1571243712&ga_hid=1090404930&fws=2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

2bb617276f559f286280838cecd544c44cbcdabb01f496bdf713223e8b2cdfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11845
x-xss-protection: 0
google-lineitem-id: 4830422530,4766449672,4831168526,4831168526,4830422530,4831859902
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247296539,138241317665,138247491601,138247265745,138247296668,138287317070
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 20ms
6ms Other
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
827 B 89ms
89ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1369893880176527&correlator=1308491360548722&output=ldjh&impl=fifs&adsid=NT&eid=21062415%2C21064550%2C21064688&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu_parts=124067137%2Cevilmilk300x250FX%2Cevilmilk160x600%2Cevilmilk300x250FX_2%2Cevilmilk_728x90FS_1%2Cevilmilk_728x90FS_2%2Cevilmilk300x250FL_1%2Cevilmilk300x250FX_5&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%2C160x600%2C300x250%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%7C160x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1571243712&dt=1571243712238&dlt=1571243710712&idt=336&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=624181800%2C3026648230%2C1879113025%2C1442736500%2C3137769098%2C922745469%2C3349891921&ucis=d%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=52&icsg=137617215283&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=965700367.1571243712&ga_sid=1571243712&ga_hid=1090404930&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ddb6527f87b380e969fc09a826e8c7e29b71ab93046e23a1d9f81526e48622f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
545 B 54ms
41ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_negative_stack_trace&vrg=2019100301&nw_id=124067137%2C8491498&nslots=13&eid=21062415%2C21064550%2C21064688&pub_url=https%3A%2F%2Fwww.evilmilk.com%2F&stackTrace=Error%0A%20%20%20%20at%20Gr%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A132034)%0A%20%20%20%20at%20ir%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A126759)%0A%20%20%20%20at%20kr%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A122855)%0A%20%20%20%20at%20_.Xs._.ls.L%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A142780)%0A%20%20%20%20at%20_.Xs.L%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A54389)%0A%20%20%20%20at%20os%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A142476)%0A%20%20%20%20at%20vs%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A150090)%0A%20%20%20%20at%20us%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A143665)%0A%20%20%20%20at%20rs%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A143545)%0A%20%20%20%20at%20ss%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2019100301.js%3A1%3A143106)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 88 KB
16 KB 42ms
26ms Fetch
application/json 2600:9000:20eb:7e00:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: thisiswaldo.com
URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea10733ffb72cf46260738527ae359e08653da22f630df320ce477a003acb7c8

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 10 Oct 2019 16:00:18 GMT
server: AmazonS3
access-control-max-age: 86400
access-control-allow-methods: GET
x-amz-version-id: q7OrXM5caPg6muiNdwBRV1ZPCEDP3Dak
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: max-age=259200
content-type: application/json; charset=utf-8
x-amz-cf-id: N7vx6RIYDRR1gxaaKhzi_cl8mKuNKeBCnVJbsul-3asVJEXyg_UGhA==

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame 3256 6 KB
6 KB 217ms
217ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0a1aa33692447edc1fe106ced988cf684dc679efe849e00886371ed7a6f5ccf6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 581A 17 KB
4 KB 181ms
132ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d32a03cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 581A 206 KB
63 KB 172ms
123ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d32a09cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 581A 35 B
494 B 32ms
9ms Image
image/gif 91.228.74.167
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.167 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 01BC 17 KB
5 KB 133ms
131ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d32a0dcba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 01BC 206 KB
63 KB 142ms
140ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d32a11cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 01BC 35 B
292 B 8ms
8ms Image
image/gif 91.228.74.167
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.167 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Server: QS
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 01BC 94 KB
28 KB 123ms
122ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d3fcb2cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 581A 94 KB
28 KB 134ms
134ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71d40cc1cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 581A 0
513 B 91ms
61ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 526b71d49bf6d719-FRA

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 581A 172 B
359 B 19ms
17ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=577dfc05-3c68-4224-a348-4d783b5fe585&nocache=1571243712703&aus=728x90&divIds=4055x728x90x790x_ADSLOT1111&auid=540580842&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: a8ee23c1fb1d0c466360c19c3decdb1855c1cd10364b9c144209231e263ed66c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 581A 123 B
559 B 38ms
38ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28491&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 65911e58cc0a700486babfbc54130ea51be42793246b417c957d26418cdf99cd

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 581A 0
117 B 105ms
79ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 16 Oct 2019 16:35:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.evilmilk.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 581A 145 B
1 KB 64ms
64ms XHR
application/json 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

dc4d607e09682f50681bdca318d3ee9d664d6338c570a4752987ab582c3f4dd4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid: 0c1176c0-761b-41cd-ac04-90fcac9da030
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 01BC 0
119 B 78ms
64ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 526b71d49bf7d719-FRA

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 01BC 0
61 B 106ms
92ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 16 Oct 2019 16:35:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.evilmilk.com

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 01BC 172 B
356 B 19ms
19ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=35c5bf89-c55c-4f0c-b754-061e0e882f5a&nocache=1571243712719&aus=728x90&divIds=4055x728x90x790x_ADSLOT1111&auid=540580842&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: 44002650ec866ca544e0896b72da1ac528c6a61043976d5aef0eeab0d5134c3e

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 01BC 123 B
558 B 37ms
37ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28491&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd7372fef9d2eeb5c160b5ccdd32824f7deb2895073470cee54fad3fb2476307

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 01BC 145 B
1 KB 34ms
34ms XHR
application/json 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6697107cd03236e0d2416b08ae51e3ec846a23603cf4dbe444aaed08b250f7c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: a6debf93-5d16-4dbb-92fc-f1060aeb744e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 forge.js Show response
cdn.bidfluence.com/ Frame 5AA9 123 KB
29 KB 140ms
10ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/forge.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6715) / ASP.NET
Resource Hash: 6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
etag: "802ea0e44668d51:0"
last-modified: Wed, 11 Sep 2019 02:16:17 GMT
server: ECAcc (frb/6715)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 29965
expires: Wed, 16 Oct 2019 16:50:15 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 581A 3 KB
3 KB 83ms
83ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 55da1df0485a63116156e8109fadef53a7509f52e24ea441088f6736c044d581

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:12 GMT
Last-Modified: Tue, 24 Sep 2019 20:15:05 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d8a7949-a00"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2560

GET
H2 200 forge.js Show response
cdn.bidfluence.com/ Frame 1BC6 123 KB
29 KB 128ms
11ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/forge.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6715) / ASP.NET
Resource Hash: 6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
etag: "802ea0e44668d51:0"
last-modified: Wed, 11 Sep 2019 02:16:17 GMT
server: ECAcc (frb/6715)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 29965
expires: Wed, 16 Oct 2019 16:50:15 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 01BC 3 KB
3 KB 82ms
82ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 55da1df0485a63116156e8109fadef53a7509f52e24ea441088f6736c044d581

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:12 GMT
Last-Modified: Tue, 24 Sep 2019 20:15:05 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d8a7949-a00"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2560

GET
H2 200 ads.js Show response
cdn.bidfluence.com/ Frame 5AA9 131 B
360 B 7ms
7ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/ads.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6743) / ASP.NET
Resource Hash: f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: gzip
etag: "44f1b06b45c6d41:0"
last-modified: Sat, 16 Feb 2019 22:17:36 GMT
server: ECAcc (frb/6743)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 224
expires: Wed, 16 Oct 2019 16:50:12 GMT

GET
H2 200 ads.js Show response
cdn.bidfluence.com/ Frame 1BC6 131 B
277 B 7ms
6ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/ads.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6743) / ASP.NET
Resource Hash: f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:12 GMT
content-encoding: gzip
etag: "44f1b06b45c6d41:0"
last-modified: Sat, 16 Feb 2019 22:17:36 GMT
server: ECAcc (frb/6743)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 224
expires: Wed, 16 Oct 2019 16:50:12 GMT

POST
H/1.1 200
OK Check Show response
engine.bidfluence.com/ Frame 5AA9 4 KB
4 KB 442ms
123ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bidfluence.com/Check
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 18b6114f1fdc36bba1f5fc404cda8047aed4cba5fd15cbc4a8d2f4ace197c814

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK Check Show response
engine.bidfluence.com/ Frame 1BC6 4 KB
4 KB 439ms
124ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bidfluence.com/Check
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 78fd51a7d857efb9a68fd0de010e56a93c66fbecdcc6fe48e4bff9485ad5f70a

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:12 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5AA9 45 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "308 / 199 of 1000 / last-modified: 1571176937"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14544
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:13 GMT

GET
H2 200 mp.png
cdn.bidfluence.com/ Frame 5AA9 2 KB
2 KB 11ms
10ms Image
image/png 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bidfluence.com/mp.png
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6704) / ASP.NET
Resource Hash: b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:21 GMT
etag: "fd2ae463cb14d41:0"
last-modified: Fri, 06 Jul 2018 01:48:08 GMT
server: ECAcc (frb/6704)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 1713
expires: Wed, 16 Oct 2019 16:50:21 GMT

POST
H/1.1 200
OK Demand Show response
server.bidfluence.com/ Frame 5AA9 280 B
612 B 566ms
170ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 2B28 0
0 28ms
6ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 14 Oct 2019 17:50:03 GMT
Content-Encoding: gzip
Content-Length: 7685
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=69849
Expires: Thu, 17 Oct 2019 11:59:22 GMT
Date: Wed, 16 Oct 2019 16:35:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5AA9 240 B
2 KB 212ms
179ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20052&site_id=238572&zone_id=1176734&size_id=2&p_pos=unknown&rp_floor=0.12&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=bbc4e4f86d7c49aa8b7b4205a3bcdfce&p_screen_res=1600x1200x24&rf=https%3A%2F%2Fwww.evilmilk.com%2F&slots=1&rand=0.7559157719983316
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 37563627f5aa05d3177e1585ea3fb7db01677bee59e75d1ccb65523001a13346

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=382
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/79353/0/ Frame 5AA9 0
271 B 502ms
119ms XHR
text/plain 8.41.222.100
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79353/0/mvo?z=1r&hbv=2.8,1.0.2.1
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.41.222.100 , United States, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5AA9 9 KB
4 KB 23ms
6ms Script
text/javascript 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2019 09:39:55 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-2492-58e9253364338"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=140904
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 3640
Expires: Fri, 18 Oct 2019 07:43:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1BC6 45 KB
14 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "308 / 661 of 1000 / last-modified: 1571176937"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14544
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:13 GMT

GET
H2 200 mp.png
cdn.bidfluence.com/ Frame 1BC6 2 KB
2 KB 7ms
6ms Image
image/png 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bidfluence.com/mp.png
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/6704) / ASP.NET
Resource Hash: b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:21 GMT
etag: "fd2ae463cb14d41:0"
last-modified: Fri, 06 Jul 2018 01:48:08 GMT
server: ECAcc (frb/6704)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 1713
expires: Wed, 16 Oct 2019 16:50:21 GMT

POST
H/1.1 200
OK Demand Show response
server.bidfluence.com/ Frame 1BC6 280 B
612 B 545ms
167ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 3F11 0
0 21ms
6ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 14 Oct 2019 17:50:03 GMT
Content-Encoding: gzip
Content-Length: 7685
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=69849
Expires: Thu, 17 Oct 2019 11:59:22 GMT
Date: Wed, 16 Oct 2019 16:35:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1BC6 236 B
2 KB 129ms
94ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20052&site_id=238572&zone_id=1176734&size_id=2&p_pos=unknown&rp_floor=0.12&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=b9aa32b171ab457fa38733ff6bfc5daf&p_screen_res=1600x1200x24&rf=https%3A%2F%2Fwww.evilmilk.com%2F&slots=1&rand=0.7235333168325886
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: be852a93e26dd3cf91b64934e119b1dd842bf278ee8fca2de209a9dba3b735b4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=458
Content-Length: 236
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/79353/0/ Frame 1BC6 0
271 B 474ms
101ms XHR
text/plain 8.41.222.100
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79353/0/mvo?z=1r&hbv=2.8,1.0.2.1
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.41.222.100 , United States, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1BC6 9 KB
4 KB 22ms
6ms Script
text/javascript 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2019 09:39:55 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-2492-58e9253364338"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=140904
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 3640
Expires: Fri, 18 Oct 2019 07:43:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5AA9 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5AA9 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5AA9 157 KB
58 KB 50ms
49ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1BC6 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1BC6 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1BC6 157 KB
58 KB 40ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:13 GMT

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 6D8E 0
0 6ms
6ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81416
Expires: Thu, 17 Oct 2019 15:12:09 GMT
Date: Wed, 16 Oct 2019 16:35:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame BC28 0
0 6ms
6ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81416
Expires: Thu, 17 Oct 2019 15:12:09 GMT
Date: Wed, 16 Oct 2019 16:35:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 300framed.aspx Show response
www.evilmilk.com/spon/ Frame 2C5D 513 B
389 B 515ms
514ms Document
text/html 2606:4700:e0::ac40:6722
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/300framed.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6722 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d10bd0615dc062df63043b66fe5e2e24faf7120fabd7612e7ac99a2ee8e1fc0d

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/300framed.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=da5816a0674848c46025e89b657f848101571243712; __gads=ID=bef6ad91549d3dbd:T=1571243712:S=ALNI_MaDL0CSlaUfI1NBKcFcrZhCDjVIFg; bf_an_qk=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Wed, 16 Oct 2019 16:35:14 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=takt5dyfid0oytp5zqxlsa3l; path=/; HttpOnly
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 526b71dbece4c29f-FRA
content-encoding: br

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1BC6 3 KB
2 KB 148ms
148ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3446042170341992&correlator=4210963158008034&output=ldjh&impl=fif&adsid=NT&eid=21063817&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu=%2F368406191%2FRON&sz=728x90&scp=bdf%3D0.12%26bfadvid%3D1262465e-2cce-41b1-810a-dd0436499f1b%26excl_cat%3DBF-Exclude&cookie=ID%3Dbef6ad91549d3dbd%3AT%3D1571243712%3AS%3DALNI_MaDL0CSlaUfI1NBKcFcrZhCDjVIFg&cdm=www.evilmilk.com&bc=31&abxe=1&lmt=1571243714&dt=1571243714031&dlt=1571243712827&idt=749&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=821&ady=65&adk=1372482669&uci=7ea59i5qn99m&ifi=1&ifk=3547773615&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&iag=255&url=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2Fpixfuture%2F728.aspx&top=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=8&icsg=6816&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1370516207.1571243714&ga_sid=1571243714&ga_hid=1402951103&fws=260&ohw=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c5a1e095444256a3df807910044ef3a5911eed5bd2cb04c3e563cae230ed3695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1781
x-xss-protection: 0
google-lineitem-id: 4501971261
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 88992308191
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1BC6 63 KB
24 KB 41ms
41ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:14 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 1BC6 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 204
No Content Demand Show response
server.bidfluence.com/ Frame 1BC6 0
228 B 164ms
164ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 1BC6 0
109 B 120ms
35ms Image
text/plain 77.245.58.158
Webair Internet D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=77225&t=image&r=%2F%2Fsync.bidfluence.com%2FCS%2FBDF%3Fd%3D152ORTB%26id%3D{UID}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.158 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: mypersonalfinancestoday.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:14 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 5AA9 0
109 B 165ms
41ms Image
text/plain 77.245.58.158
Webair Internet D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=77225&t=image&r=%2F%2Fsync.bidfluence.com%2FCS%2FBDF%3Fd%3D152ORTB%26id%3D{UID}
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.158 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: mypersonalfinancestoday.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:14 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5AA9 3 KB
2 KB 100ms
100ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4131160587555463&correlator=3465527977909511&output=ldjh&impl=fif&adsid=NT&eid=21062415%2C21062888%2C21063203%2C21064520&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191016&iu=%2F368406191%2FRON&sz=728x90&scp=bdf%3D0.12%26bfadvid%3D1262465e-2cce-41b1-810a-dd0436499f1b%26excl_cat%3DBF-Exclude&cookie=ID%3Dbef6ad91549d3dbd%3AT%3D1571243712%3AS%3DALNI_MaDL0CSlaUfI1NBKcFcrZhCDjVIFg&cdm=www.evilmilk.com&bc=31&abxe=1&lmt=1571243714&dt=1571243714042&dlt=1571243712814&idt=744&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=2&adx=607&ady=847&adk=3725489540&uci=sfmscopnwtsx&ifi=1&ifk=3547773615&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&iag=255&url=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2Fpixfuture%2F728.aspx&top=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=8&icsg=6816&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1687305050.1571243714&ga_sid=1571243714&ga_hid=1696477429&fws=260&ohw=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8ab1813c3b9b1d19775abc41bf4fecfa0e6a469c291557bbdda5333c67aef9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1727
x-xss-protection: 0
google-lineitem-id: 4501971261
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 88992307591
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5AA9 63 KB
24 KB 45ms
45ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:14 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 5AA9 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 204
No Content Demand Show response
server.bidfluence.com/ Frame 5AA9 0
228 B 163ms
163ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:13 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 2E30 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Wed, 16 Oct 2019 11:57:35 GMT
expires: Thu, 15 Oct 2020 11:57:35 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 16659
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AA9 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:14 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 1EA1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Wed, 16 Oct 2019 11:57:35 GMT
expires: Thu, 15 Oct 2020 11:57:35 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 16659
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BC6 77 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:14 GMT

GET
H2 200 serving.html
ad.bidfluence.com/serving/ Frame CBE9 0
0 134ms
10ms Document
text/html 152.195.34.229
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bidfluence.com/serving/serving.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.229 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/67FD) / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: ad.bidfluence.com
:scheme: https
:path: /serving/serving.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: bdfSurf=yQAAAY9j0gAAAfXygpWvMDYwbWFjb3N4Y2hyb21l2SQxMjNlMmJkNy1mYzViLTRjMWEtODEzNi04ZTFjZjE5NWI3Mzif2Xltb3ppbGxhLzUuMCAobWFjaW50b3NoOyBpbnRlbCBtYWMgb3MgeCAxMF8xNF81KSBhcHBsZXdlYmtpdC81MzcuMzYgKGtodG1sLCBsaWtlIGdlY2tvKSCGAPMGLzc0LjAuMzcyOS4xNjkgc2FmYXJpNwDwE6CjMDYwrDE2MDB4MTIwMHgyNKDCwqhNYWMgT1MgWKcxMC4DACGmQ0kA8Rig2UlNaWNyb3NvZnQuQXNwTmV0Q29yZS5TZXJ2ZXIuS2VzdHJlbC4UANFJbnRlcm5hbC5IdHRwBQDwDVJlcXVlc3RIZWFkZXJzwsPCn9f%2FVhBWIF2nRsEKACBZQAoAQcs%2F8AABABHLBgD1GwAAAIHZJDk1Mzg3NDgxLTcwOGQtNDFhOS1hY2E4LWIyOTVmNDRlMzJkMTkAL4CRMQATDycAFCXDw4oADAkAUAAAgICA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=300
content-type: text/html
date: Wed, 16 Oct 2019 16:35:14 GMT
etag: "06d3651d0cdd41:0"
last-modified: Tue, 26 Feb 2019 12:39:30 GMT
server: ECAcc (frb/67FD)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
content-length: 2259

POST
H/1.1 204
No Content Rep Show response
report.bidfluence.com/ Frame 1BC6 0
228 B 395ms
120ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bidfluence.com/Rep?cid=a400cc40-d6b6-45b3-ac9c-85cba6ab5900&crid=e1dfaa34-10dd-424f-9ddc-5c418d222d0c
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 serving.html
ad.bidfluence.com/serving/ Frame 720A 0
0 131ms
11ms Document
text/html 152.195.34.229
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bidfluence.com/serving/serving.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.229 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frb/67FD) / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: ad.bidfluence.com
:scheme: https
:path: /serving/serving.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: bdfSurf=yQAAAY9j0gAAAfXygpWvMDYwbWFjb3N4Y2hyb21l2SQxMjNlMmJkNy1mYzViLTRjMWEtODEzNi04ZTFjZjE5NWI3Mzif2Xltb3ppbGxhLzUuMCAobWFjaW50b3NoOyBpbnRlbCBtYWMgb3MgeCAxMF8xNF81KSBhcHBsZXdlYmtpdC81MzcuMzYgKGtodG1sLCBsaWtlIGdlY2tvKSCGAPMGLzc0LjAuMzcyOS4xNjkgc2FmYXJpNwDwE6CjMDYwrDE2MDB4MTIwMHgyNKDCwqhNYWMgT1MgWKcxMC4DACGmQ0kA8Rig2UlNaWNyb3NvZnQuQXNwTmV0Q29yZS5TZXJ2ZXIuS2VzdHJlbC4UANFJbnRlcm5hbC5IdHRwBQDwDVJlcXVlc3RIZWFkZXJzwsPCn9f%2FVhBWIF2nRsEKACBZQAoAQcs%2F8AABABHLBgD1GwAAAIHZJDk1Mzg3NDgxLTcwOGQtNDFhOS1hY2E4LWIyOTVmNDRlMzJkMTkAL4CRMQATDycAFCXDw4oADAkAUAAAgICA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=300
content-type: text/html
date: Wed, 16 Oct 2019 16:35:14 GMT
etag: "06d3651d0cdd41:0"
last-modified: Tue, 26 Feb 2019 12:39:30 GMT
server: ECAcc (frb/67FD)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
content-length: 2259

POST
H/1.1 204
No Content Rep Show response
report.bidfluence.com/ Frame 5AA9 0
228 B 392ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bidfluence.com/Rep?cid=a400cc40-d6b6-45b3-ac9c-85cba6ab5900&crid=e1dfaa34-10dd-424f-9ddc-5c418d222d0c
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK ads.js Show response
served-by.pixfuture.com/www/delivery/ Frame 2C5D 1 KB
2 KB 81ms
81ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/ads.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/300framed.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5a47b6155fb230382526bf56de99461dc50b11463b0012a24afebd68a7427ccd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:14 GMT
Last-Modified: Thu, 25 Jul 2019 13:22:47 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d39ad27-40b"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1035

GET
H/1.1 200
OK headerbid.php Show response
served-by.pixfuture.com/www/delivery/ Frame 7CA1 7 KB
8 KB 220ms
219ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 241d3548324a964ae613d5f5ee89d26f73e8b90a7b81a7de96f418f807f60034

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

POST
H/1.1 204
No Content Served Show response
served.bidfluence.com/ Frame 1BC6 0
919 B 423ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://served.bidfluence.com/Served
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Pb Show response
pb.bidfluence.com/ Frame 1BC6 0
228 B 425ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.bidfluence.com/Pb
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Served Show response
served.bidfluence.com/ Frame 5AA9 0
919 B 423ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://served.bidfluence.com/Served
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Pb Show response
pb.bidfluence.com/ Frame 5AA9 0
228 B 424ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.bidfluence.com/Pb
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 0B90 17 KB
4 KB 168ms
168ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71e11a09cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 0B90 206 KB
61 KB 126ms
126ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71e11a0bcba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 0B90 35 B
292 B 8ms
7ms Image
image/gif 91.228.74.167
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.167 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:14 GMT
Server: QS
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 0B90 94 KB
28 KB 126ms
125ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 526b71e22e12cba0-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 0B90 123 B
492 B 36ms
36ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28489&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10240&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 28600b7cb5d07e068f4efcf48713b2648aea2fa223044bb6b9d10942eeb5bef1

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0B90 144 B
1 KB 39ms
39ms XHR
application/json 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

356408d35dbb2677dcba6c4faf6c4e64e06e277bbbd9311cb09e0b3ee6191e45

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:17 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: 8c3a4624-b4f9-41ff-ae0d-ab3fa1779c50
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame 0B90 17 KB
8 KB 110ms
109ms XHR
application/json 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: 56139bb61a5da262c3fc824fb305589c0d6e09891fa2889bf5f520685244e158

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-openrtb-version: 2.3
status: 200
content-type: application/json
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 0B90 172 B
356 B 26ms
25ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=d3bf5337-8180-4f50-8908-9c3f2b909f88&nocache=1571243715175&aus=300x250&divIds=4052x300x250x790x_ADSLOT1&auid=540580840&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: abcef52f2217334dc0b8c31879c9acbedcea4b0fbd6bfb25d3c5a5cc3f899bfa

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:15 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 0B90 0
61 B 51ms
50ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Oct 2019 16:35:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 526b71e3d9a7d719-FRA

GET
H/1.1 200
OK cs
sync.rtk.io/ Frame 158D 0
0 362ms
91ms Document
text/html 172.104.6.46
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.6.46 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1742-46.members.linode.com
Software: RTK CookiePixel/v1.0.8 /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/
Accept-Encoding: gzip, deflate, br
Cookie: rtkdmp=; rtkuuid=beecf8c0-34c2-4b5d-b1bc-cc706ec9968a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

Date: Wed, 16 Oct 2019 16:35:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.0.8
X-Rtk-Nid: li1270-108.members.linode.com:8002
Content-Encoding: gzip

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 82B8 77 KB
28 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ba172469f43f4565ea115e1a6393a6bdb5574cf866b3a5b96ec091af4b64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28325
x-xss-protection: 0
server: cafe
etag: 3465267823836090366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Oct 2019 16:35:15 GMT

GET
H/1.1 200
OK lg.php
served-by.pixfuture.com/www/delivery/ Frame 82B8 43 B
879 B 126ms
125ms Image
image/gif 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://served-by.pixfuture.com/www/delivery/lg.php?bannerid=563&campaignid=276&zoneid=4052&OACBLOCK=86400&OASCCAP=2&loc=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2F300framed.aspx&cb=d09b6e371a
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:15 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 0B90 3 KB
3 KB 85ms
84ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/300framed.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3fcb9d3400da554ddfbaafbbf77904196140aaf9ccee9ae0cea03ef05752a430

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 16:35:15 GMT
Last-Modified: Fri, 06 Sep 2019 19:01:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d72acf8-a01"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2561

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 82B8 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 82B8 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/ Frame 82B8 238 KB
88 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89450
x-xss-protection: 0
server: cafe
etag: 1429027213900407418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Oct 2019 16:35:15 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/ Frame 2A8B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191014/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191014/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/300framed.aspx
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmvKnywe_7eZB8KlnvV40yo6X0T-tFLd7kKL4y942H3L0DDelL24s0QwdmD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 14 Oct 2019 14:21:56 GMT
expires: Mon, 28 Oct 2019 14:21:56 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 180799
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

Cookie set afr.php
served-by.pixfuture.com/www/delivery/ Frame 799C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1594924173&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.ev...
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

0
0

116ms
116ms

Document
text/html

68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host: served-by.pixfuture.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Cookie: OAGEO=DE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=1a439584125ad50bb32ffd9f644cb6f2; __cfduid=dfd319d8f2151bf4ddbf7378b9b2864201571243712; _OASCCAP[276]=1; _OACBLOCK[276]=1571243715
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 16 Oct 2019 16:35:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _OACBLOCK[276]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ %5FOACBLOCK%5B276%5D=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ _OASCCAP[276]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ %5FOASCCAP%5B276%5D=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ OAID=1a439584125ad50bb32ffd9f644cb6f2; expires=Thu, 15-Oct-2020 16:35:15 GMT; Max-Age=31536000; path=/ OACBLOCK=276.1571243715; expires=Fri, 15-Nov-2019 16:35:15 GMT; Max-Age=2592000; path=/ OASCCAP=276.1; path=/
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: * *
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Encoding: gzip

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Oct 2019 16:35:15 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82B8 77 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191014/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 16:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Wed, 16 Oct 2019 16:35:15 GMT

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 2BE0 0
0 15ms
12ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81414
Expires: Thu, 17 Oct 2019 15:12:09 GMT
Date: Wed, 16 Oct 2019 16:35:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 22D2
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

0
0

71ms
71ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: i=aa1e198e-a65d-06a1-3a7b-070e47fc6535|1571243715
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=aa1e198e-a65d-06a1-3a7b-070e47fc6535|1571243715; Version=1; Expires=Thu, 15-Oct-2020 16:35:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571243715|mOgikimWiygu; Version=1; Expires=Thu, 31-Oct-2019 16:35:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2019 16:35:15 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=aa1e198e-a65d-06a1-3a7b-070e47fc6535|1571243715; Version=1; Expires=Thu, 15-Oct-2020 16:35:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
date: Wed, 16 Oct 2019 16:35:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9DD3 0
0 22ms
6ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 15 Oct 2020 16:35:15 GMT
Date: Wed, 16 Oct 2019 16:35:15 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 97D9 0
0 21ms
6ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 15 Oct 2020 16:35:15 GMT
Date: Wed, 16 Oct 2019 16:35:15 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame D59C 0
0 8ms
7ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81414
Expires: Thu, 17 Oct 2019 15:12:09 GMT
Date: Wed, 16 Oct 2019 16:35:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 04CE
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

0
0

65ms
64ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: i=4ed9bce6-1cfc-050b-3a29-3d9fa79044e0|1571243715
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=4ed9bce6-1cfc-050b-3a29-3d9fa79044e0|1571243715; Version=1; Expires=Thu, 15-Oct-2020 16:35:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571243715|mOgikimWiygu; Version=1; Expires=Thu, 31-Oct-2019 16:35:15 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2019 16:35:15 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=4ed9bce6-1cfc-050b-3a29-3d9fa79044e0|1571243715; Version=1; Expires=Thu, 15-Oct-2020 16:35:15 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
date: Wed, 16 Oct 2019 16:35:15 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H/1.1 204
No Content Viewed Show response
viewed.bidfluence.com/ Frame 5AA9 0
228 B 451ms
120ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://viewed.bidfluence.com/Viewed
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:15 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Viewed Show response
viewed.bidfluence.com/ Frame 1BC6 0
228 B 451ms
121ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://viewed.bidfluence.com/Viewed
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Wed, 16 Oct 2019 16:35:15 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame C2D4 0
0 10ms
9ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81411
Expires: Thu, 17 Oct 2019 15:12:09 GMT
Date: Wed, 16 Oct 2019 16:35:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 8470
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

0
0

20ms
20ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/300framed.aspx
accept-encoding: gzip, deflate, br
cookie: i=031c6704-7d14-0b31-1f48-ce55fad62f85|1571243718
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=031c6704-7d14-0b31-1f48-ce55fad62f85|1571243718; Version=1; Expires=Thu, 15-Oct-2020 16:35:18 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571243718|mOgikimWiygu; Version=1; Expires=Thu, 31-Oct-2019 16:35:18 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2019 16:35:18 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=031c6704-7d14-0b31-1f48-ce55fad62f85|1571243718; Version=1; Expires=Thu, 15-Oct-2020 16:35:18 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
date: Wed, 16 Oct 2019 16:35:18 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5D1F 0
0 6ms
6ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 15 Oct 2020 16:35:18 GMT
Date: Wed, 16 Oct 2019 16:35:18 GMT
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.evilmilk.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: usoxwwnerpzwutyopoyluhi1
			.evilmilk.com/	1970-01-19 13:12:59	Name: __cfduid Value: d27bf6b27efbd8e2e6b8f86b8950f291a1571243710

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.evilmilk.com/(Line 32) Message: loggedinx: False
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 62) Message: screen width detected: 1585
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 63) Message: screen height detected: 1200
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 70) Message: in 728 wide
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 76) Message: loading 728, would be wide if turned on.
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 93) Message: right column detected
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 97) Message: In Tall
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 103) Message: Would be tall if not turned off.
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 117) Message: loaded 728x90 into sponmain
console-api	log	URL: https://theeighth-net.videoplayerhub.com/videoplayer.js(Line 13) Message: Video gallery initializing
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 47) Message: try#2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad-delivery.net
ad.bidfluence.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
bidder.rtk.io
cdn.bidfluence.com
cdn.pixfuture.com
cdn.thisiswaldo.com
cdnjs.cloudflare.com
cluster-na.cdnjquery.com
code.jquery.com
dmx.districtm.io
engine.bidfluence.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ipfind.co
lockerdome.com
my.evilmilk.com
pagead2.googlesyndication.com
pb.bidfluence.com
pixel.quantserve.com
pixfuture2-d.openx.net
prebid.mgid.com
report.bidfluence.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
served.bidfluence.com
server.bidfluence.com
ssc.33across.com
stackpath.bootstrapcdn.com
sync.adkernel.com
sync.rtk.io
tag.1rx.io
the-eighth-d.openx.net
theeighth-net.videoplayerhub.com
thisiswaldo.com
tpc.googlesyndication.com
use.fontawesome.com
vendorlist.consensu.org
viewed.bidfluence.com
www.evilmilk.com
www.googletagservices.com
104.16.129.5
104.16.68.69
13.224.196.65
13.225.78.44
13.89.35.253
152.195.34.229
152.195.34.232
172.104.6.46
172.217.16.162
185.33.223.83
185.64.189.112
2.18.232.130
2.18.233.180
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
208.100.17.180
23.111.9.35
23.239.15.111
23.37.55.184
2600:9000:20eb:7e00:1:af78:4c0:93a1
2600:9000:20eb:a200:4:164e:ca00:93a1
2606:4700:20::6819:9307
2606:4700::6813:c597
2606:4700:e0::ac40:6722
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:821::200a
2a00:1450:4001:824::2002
3.222.69.96
34.95.120.147
38.140.99.21
52.15.219.226
52.18.117.195
54.241.183.39
68.183.31.14
69.173.144.142
77.245.58.158
8.41.222.100
91.228.74.167
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05eafcf8c6f8b3b7e20d22142609f20a373091a1df5e46f111c0ffd3d216108b
078298ba46ace3992b2c9f3222ada7b456e7966261eb4ddbd9e6ec87d7dc50f6
0a1aa33692447edc1fe106ced988cf684dc679efe849e00886371ed7a6f5ccf6
0b4b9df6d786bd3a44e0c620c0813eb2a3bda1a27fba0dd0e1ee27dd235460de
0c2375c96b7f803c91a4419355c70fc649e3bab774118e7ba2f0cdbe27f8eaa1
0d285bd8e98c7923be6e01636514ff36aa3070730f0a8860f4a94b08051d97b7
0e16fddca66258a8010273b847054e8a7b70902fdd4f704c2a27026c1cdef84d
0f9caa649cea75f0179fbc65ef81d2a6bf78ba76c2c23c3b94813cea5a556b9e
147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3
15b50e181f22a9f513afc872da974528bab3cdd5b439dc132ea58685eb9ed420
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
170e7f7ce74a0e14b8e9516b23a5c0e5707bb7d08e717b1f5b9aedd9e4733ffe
18b6114f1fdc36bba1f5fc404cda8047aed4cba5fd15cbc4a8d2f4ace197c814
18caca1f0ad8bbd47cb7bf538b8eac4e4ebe71fa1e9f8773e8599128ff5d884b
1b42997707b26beaea5079a83f749de0714742a1fbaa664545310b4efa584fd3
1be90e00b660e7fe1638a06cbcd17f14813710985051c3972c7bc8755e50d423
1cdc548b67a8a47b7112338a80793672300ca8a246e2e624e22a3d9c6f417f8a
1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c
21f92cf2c2af94d939a1a158009dab33684e2e95a4ef0c4fba9fe5b7f2fe7bde
23ece5a510d38feef737b522c91ed5dd5e6a81b5616a4e772e447634652740bc
241d3548324a964ae613d5f5ee89d26f73e8b90a7b81a7de96f418f807f60034
2705a705d0d9fbdf74330d49ccc71158039a69d4dae4514b00ecc20ba255cffa
28018757e9aad7b9f199922ca7f6e778bb5e90bea4c28d9a03cead8bb0869a4f
28600b7cb5d07e068f4efcf48713b2648aea2fa223044bb6b9d10942eeb5bef1
28809f57ff6e879b17c6458f91ce9a633c8a93d348cbd5957fdafffacc96f84e
2bb617276f559f286280838cecd544c44cbcdabb01f496bdf713223e8b2cdfe0
2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19
2e3cf2d3e4de45c0871be9c764efeb70bec3136f02da6c0c7f271f5fede18f36
2f1476a3eeb3ddfc9195d62b0de5310163091bdb3fd24f3fe52cb6155dadacf7
3009133fca80d9f314853b1ae500485985e1bc422d2ce6eb20e36305fd5c544c
335c28706d6fec7112516fd9e02dcacaf1bf77928e6b916b30132f034e29461b
33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa
356408d35dbb2677dcba6c4faf6c4e64e06e277bbbd9311cb09e0b3ee6191e45
356f79f6dfa5bba7d74e01711e409d62756268d744b453b9219c87c64418a477
37563627f5aa05d3177e1585ea3fb7db01677bee59e75d1ccb65523001a13346
3fcb9d3400da554ddfbaafbbf77904196140aaf9ccee9ae0cea03ef05752a430
4267006e5c5881eb2fc112f17bc193cb65228ea496009b36d6f71ddb6bc01e36
44002650ec866ca544e0896b72da1ac528c6a61043976d5aef0eeab0d5134c3e
44a9637c16efc6c22898f85eceec42ad61fdb770d3dd11696f9f8ca797e1c94c
44ac654a5d74e0f55d383818e9fb4782ea064fdc7cac8e5a4bcb71a011cad952
4560abefc480c70d209a5639db85b145b4873b81e6223cf9c8772b95841bec77
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4b1ceba8c9ba507eba857c76d626abf7edf231bd1fa8096187abaffd1cef02e0
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55da1df0485a63116156e8109fadef53a7509f52e24ea441088f6736c044d581
56139bb61a5da262c3fc824fb305589c0d6e09891fa2889bf5f520685244e158
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
575b9215c6dfc0bd574f3d98dd9f6c174beb3a0b07a3b3122a2b8ce7ac270f6c
5a47b6155fb230382526bf56de99461dc50b11463b0012a24afebd68a7427ccd
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5fd9c9fe4fd353fec8bc77619a1c615ebbb32d12ac16ddfbfbe4ec76f25666f1
6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49
6537906d99c79f2fc93594d396c311e98f7327bce1b35e51c698c11bfa12bfa2
65911e58cc0a700486babfbc54130ea51be42793246b417c957d26418cdf99cd
6697107cd03236e0d2416b08ae51e3ec846a23603cf4dbe444aaed08b250f7c3
68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed
6ae0c721ce7c5018a4cf8f772ccb86499c0f2518ba084b6621637f7e82eb4bba
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
7176268545a19573c231c2bc04788eb186ef7d109d38976e5cbf4a47998a8669
77c0f12ca986aaa1a73d240f662d286d8e30f9804f0e475e7916ad085ce8aeef
78fd51a7d857efb9a68fd0de010e56a93c66fbecdcc6fe48e4bff9485ad5f70a
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7efe592b5a50327d58dfa18f6567de2201967b41d8d15c3360e571bf20b410e5
7f25b60f534f1b0e1a29462489d367cca03d61bc3008420540c064c09c8c8a6f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85b8bc06b70053a31f23b3cea8a06a733c1c756ee85d42414abc81a0579c6ef3
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8ab1813c3b9b1d19775abc41bf4fecfa0e6a469c291557bbdda5333c67aef9f8
8c5ff43c1ea77b72f6af481771b684a32201c8b988a3a42d74589d74b9f18d2d
8f61b4bd965fa59d238255d5932c0c3336595a4f1bf2218a9d12c181be1346c9
92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8
94487ac2c8206296d5872b6014b0a8251ae110db2bc96a4b16dc8e23ad9f9560
95163212d95cfa0656f72ff3ce2b6807c6e26c60aed63fbb532acfe667a309c8
9beb150113a5ef1e705d45036fd62c4aebb2f526248b02ea4307e923927a89b1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f9ed48fbbc5d3c929ddfcf03d09cc1c64042ea49613fca1adbf818468a98d
a300ea378e82800be236d2c0d92ca1e45740b5759dad4af09484c46fa7b19e30
a8402bd8f7da80f588bd901f9f1ce5c06e5ff2e4c1a3f89ee68cbae0c7c37ccf
a8ee23c1fb1d0c466360c19c3decdb1855c1cd10364b9c144209231e263ed66c
aafeb1d22f995ade9b8827c02e1e405fa665a9e0d62e919a667f969563d55daa
abcef52f2217334dc0b8c31879c9acbedcea4b0fbd6bfb25d3c5a5cc3f899bfa
acd043313a0b2a8d492296f3252622cec1256756637bf2ca1944b276f195d928
b38e90f7490f4bf75d2b9ff395741895b51a43ec0ddb73e037deed1ec60bbb6b
b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
b721fdafa934c01607783d679274acfab966b70b1171413b0c7facb82c4fe86e
b77838b23adaf4613b13705e6fbfe05e9b6d8c693833ea63e58795359cc06ae7
b8edbd60c49396a68ff7fb263971413248ed7d753fa5736632c534b39a2bf696
bb9c1a8b154186d5e9c43aed0c01fc47535e49eb9c40364197b172162452465d
bd7372fef9d2eeb5c160b5ccdd32824f7deb2895073470cee54fad3fb2476307
be852a93e26dd3cf91b64934e119b1dd842bf278ee8fca2de209a9dba3b735b4
bf22d33ad9ba33a825e26a0b39e24740016bb403eb2aeb136688e768bbd0bf2f
bf74b96f1def0d6fd6514daf7bcecee2f11f372ade2f88846a5e92f02199b9f3
c2ba172469f43f4565ea115e1a6393a6bdb5574cf866b3a5b96ec091af4b64b6
c5a1e095444256a3df807910044ef3a5911eed5bd2cb04c3e563cae230ed3695
c88a7c5331062ac9777089d5edea5f73ae7c38673c056948f3d9c8deb74fc491
cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0
cc516e2380c0c511c04a564d5d4a1195c7e4008ec62ae97095030fdf086cb048
cebbc6ea70ba87149db984a2f0367dc81da68874893515299a5f605061dee00d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10bd0615dc062df63043b66fe5e2e24faf7120fabd7612e7ac99a2ee8e1fc0d
d293633e94d92cd639cf8f8dcc6755e77160483c5659c947bf6507bb74c0237f
d2d29cc2c110b7e584a064759795ab15124d73e68398c75e495291c960545f53
d5bad9057fd288a667aa687cd1e94e2e8e2d1969fb7cefdb7add5aae13ad2e53
d777e93a5056b75aad98879304ea0fa23f57a31812e3557d2bfdb2b8a876bfec
d792b2169009779108a0c81ee9772f3f0619a3d06f93f427ca3105266523f0ad
d87236b3e062611e7e461bd896c7bcf184d4cb5683b28c0de0147b7aed9f8c2b
d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061
d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab
d9d2de84fc63455bc6b8b5c52a9a09d37589a46519ea1d7a8caedca950a377ee
dc4d607e09682f50681bdca318d3ee9d664d6338c570a4752987ab582c3f4dd4
dcefbc4c701d3f5a584168672a421ea90765ab2d596d04478c19ac3bfd8e0e5c
ddb6527f87b380e969fc09a826e8c7e29b71ab93046e23a1d9f81526e48622f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c70bfd20798626a614401690396e41c900e85a603962e9dcd60380049d1bd5
e65939ea0a956bef7cc4dd3cb8929497d08b32180deb4ce6c55e71ad9da5272f
ea05f616819dbe597fc9eb1bfccb508b874f4e08b5152380e1a06db2e469325f
ea10733ffb72cf46260738527ae359e08653da22f630df320ce477a003acb7c8
f390820a747c293b115e29193057ffb134ed57aa99ab40895a62fc264cd37d7c
f3a42f2ffb391c199b8ee9953a5524c8ee69a861e6f7d2d8963fa2ab1da4ab40
f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
f570d9c308d60541fc74ec7274a969d6890fa16f6c6f9b8612aad3f1ff7e3d47
f6a32741d5cad4e3a0eeb9c115073bef55cd3639108e9d90f7cc9626d1112b3b
f7b71df270660f7958f60859209972586494aff37327672ef85951f29c151716
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc
f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231
fd310613a3da92a74dec9f918be34fba4003a78e4ec7c4e055c9599084a3439b
fdf3b5ca512139b90ea3c4ae1d47a8e14a85de2f02112a351b65a1fc4cf422b5
ff52e6f95db83cb879c5e9dbb28274a626f669f124fb4a086f7879d8934e212b

www.evilmilk.com Open in urlscan Pro 2606:4700:e0::ac40:6722 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

100 %HTTPS

33 %IPv6

33 Domains

51 Subdomains

43 IPs

6 Countries

1611 kBTransfer

4247 kBSize

2 Cookies

23 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.evilmilk.com Open in urlscan Pro
2606:4700:e0::ac40:6722 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

51
Subdomains

43
IPs

6
Countries

1611 kB
Transfer

4247 kB
Size

2
Cookies

217 HTTP transactions
1 data transactions