mydomainscan.com Open in urlscan Pro
2606:4700:3037::681f:402b Public Scan

URL:
https://mydomainscan.com/CeqVal
Submission: On June 16 via api (June 16th 2020, 4:20:38 pm UTC) from US

Summary HTTP 125 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 32 domains to perform 125 HTTP transactions. The main IP is 2606:4700:3037::681f:402b, located in United States and belongs to CLOUDFLARENET, US. The main domain is mydomainscan.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2020. Valid for: 6 months.

This is the only time mydomainscan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3037::681f:402b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3035::681c:1cbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.156.74 13.226.156.74	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
3	13.35.254.36 13.35.254.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
14	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
2	188.72.202.17 188.72.202.17	35415 (WEBZILLA) (WEBZILLA)
1	157.230.253.19 157.230.253.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	13.249.120.6 13.249.120.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:ce02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
2	104.19.136.80 104.19.136.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	23.42.18.223 23.42.18.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.19.135.80 104.19.135.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	206.54.165.186 206.54.165.186	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:f800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	188.165.4.142 188.165.4.142	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3036::681b:8850	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2 2	52.18.161.147 52.18.161.147	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	46.4.122.124 46.4.122.124	24940 (HETZNER-AS) (HETZNER-AS)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	5.39.67.10 5.39.67.10	16276 (OVH) (OVH)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
125	37

7 2606:4700:3037::681f:402b (United States)

ASN13335 (CLOUDFLARENET, US)

mydomainscan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::681c:1cbe (United States)

ASN13335 (CLOUDFLARENET, US)

gplinks.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-74.dus51.r.cloudfront.net

ds88pc0kw6cvc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.254.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-36.fra6.r.cloudfront.net

ritiesagently.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.72.202.17 (Netherlands)

ASN35415 (WEBZILLA, NL)

shorteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.230.253.19 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

client.trackpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.120.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-120-6.atl51.r.cloudfront.net

saturalolk.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:ce02 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.136.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.42.18.223 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-18-223.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.54.165.186 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

itpatratr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:f800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.4.142 (Ireland)

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681b:8850 (United States)

ASN13335 (CLOUDFLARENET, US)

x.bidfilter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.161.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-147.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.122.124 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.124.122.4.46.clients.your-server.de

img.cdn.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.67.10 (France)

ASN16276 (OVH, FR)
PTR: s06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	40 KB
14	mgid.com jsc.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	227 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	252 KB
10	ampproject.org cdn.ampproject.org	214 KB
9	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com logs.vlitag.com	199 KB
8	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	139 KB
7	mydomainscan.com mydomainscan.com	231 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	102 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
5	gplinks.in gplinks.in	103 KB
4	steepto.com cm.steepto.com cdn.steepto.com	7 KB
4	google-analytics.com www.google-analytics.com	36 KB
3	googletagmanager.com www.googletagmanager.com	98 KB
3	ritiesagently.fun ritiesagently.fun	2 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	cdn.house img.cdn.house	8 KB
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	bidfilter.com cdn.bidfilter.com x.bidfilter.com	11 KB
2	shorteh.com shorteh.com	26 KB
2	google.com 1 redirects adservice.google.com www.google.com	1 KB
1	id5-sync.com id5-sync.com	728 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	erne.co green.erne.co	46 KB
1	consensu.org vendorlist.consensu.org	18 KB
1	itpatratr.com itpatratr.com
1	googletagservices.com www.googletagservices.com	14 KB
1	saturalolk.club saturalolk.club	367 B
1	trackpush.com client.trackpush.com	1 KB
1	google.de adservice.google.de	952 B
1	recaptcha.net www.recaptcha.net	937 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	cloudfront.net ds88pc0kw6cvc.cloudfront.net	29 KB
125	32

	Domain	Requested by
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net mydomainscan.com tpc.googlesyndication.com cdn.ampproject.org
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	fonts.gstatic.com	mydomainscan.com ds88pc0kw6cvc.cloudfront.net shorteh.com cdn.ampproject.org
9	s-img.mgid.com	jsc.mgid.com
7	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net mydomainscan.com
7	mydomainscan.com	mydomainscan.com ajax.cloudflare.com
6	assets.vlitag.com	tag.vlitag.com
5	sb.scorecardresearch.com	2 redirects jsc.mgid.com
5	gplinks.in	mydomainscan.com
5	fonts.googleapis.com	mydomainscan.com jsc.mgid.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	ajax.cloudflare.com tag.vlitag.com
3	ritiesagently.fun	ds88pc0kw6cvc.cloudfront.net
2	img.cdn.house
2	match.adsrvr.org	2 redirects
2	cdn.steepto.com	jsc.mgid.com
2	cm.steepto.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	shorteh.com	mydomainscan.com
2	jsc.mgid.com	ajax.cloudflare.com
1	acdn.adnxs.com	assets.vlitag.com
1	id5-sync.com	assets.vlitag.com
1	ib.adnxs.com	assets.vlitag.com
1	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	cm.mgid.com
1	logs.vlitag.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	x.bidfilter.com	cdn.bidfilter.com
1	green.erne.co
1	vendorlist.consensu.org	assets.vlitag.com
1	b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	itpatratr.com	shorteh.com
1	imasdk.googleapis.com	tag.vlitag.com
1	www.googletagservices.com	tag.vlitag.com
1	cdn.bidfilter.com	tag.vlitag.com
1	www.gstatic.com	www.recaptcha.net
1	saturalolk.club
1	client.trackpush.com	mydomainscan.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	tag.vlitag.com	services.vlitag.com
1	services.vlitag.com	ajax.cloudflare.com
1	www.recaptcha.net	ajax.cloudflare.com
1	ajax.cloudflare.com	mydomainscan.com
1	ds88pc0kw6cvc.cloudfront.net	mydomainscan.com
125	47

This site contains links to these domains. Also see Links.

Domain
gplinks.in
www.youtube.com
bestcond1tions.com
steepto.com
www.steepto.com
mob1ledev1ces.com
facebook.com
valueimpression.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
ritiesagently.fun Amazon	`2020-06-10` - `2021-07-10`	a year	crt.sh
misc.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
shorteh.com Let's Encrypt Authority X3	`2020-04-14` - `2020-07-13`	3 months	crt.sh
*.trackpush.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-18` - `2020-07-17`	a year	crt.sh
saturalolk.club Amazon	`2020-05-28` - `2021-06-28`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
itpatratr.com Let's Encrypt Authority X3	`2020-04-28` - `2020-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.erne.co RapidSSL RSA CA 2018	`2019-10-15` - `2020-11-13`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-08` - `2021-04-17`	10 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
img.cdn.house Let's Encrypt Authority X3	`2020-03-26` - `2020-06-24`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://mydomainscan.com/CeqVal
Frame ID: CB02B690B9A43C28FB85192F40708CE7
Requests: 85 HTTP requests in this frame

Frame: https://ritiesagently.fun/VXpITGk0GCshVjRHKmocJxZ1aVsTX3oKDSZCcDwKZRE/egojGWYvBToPLCobOhQ8YgcwDm1+LwcoHTQhB0sBISAsESAuPRAWAX8ZJBkQJFg2PSwmIz8rJxwtAwINDlEvN3t0IhcoDQknPy8/Ax4EIAELLDgqMSRfMSIZPCUGES8uWxgKAx87Ix4PIwQcAAp4DBI/MgUAOhQtJiBtMxsnARkQPysiEj8xAVoyEgMIWWIxGw0EDBcJCAwCFnsoWjFCKjUGLzAhGRkYAHh+IxIweAkuF196Dg0sTnABOj4IESErZDMbFQIxSSx0IhEoeyhaIl96CjA4OHkqMXgZERVaEC4rIVxmHns7BBsDATwiATshASphFgV+IzI7eyBZNjIwfgw4MHkVBGUUBDYkcEgOBz45SwoEDWYcCz8cGikKPA0NGXkFKm0JAwQdMhwmLwIaECsmIjwweygeJV96Cg0dAnkVBxtIESIzPBkQFloxST98Iz8rIxwAYBMRDSdgHgAOUTEUOCQkOEJuJho6FDhxPg0bPn8kFzkJNhsiEwkZDg
Frame ID: 6D390A4A5FBC310DB96A196CAAD8A71E
Requests: 1 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1592324423085942803676
Frame ID: D48D088AB61637D08A7135C4DFD6D981
Requests: 1 HTTP requests in this frame

Frame: https://itpatratr.com/fac.php
Frame ID: 3562F51715971F706A2060E5987118BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 015F0D39B4054E5437B3F065EF9B42C7
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C8052F75469EFA89BA42F9B1C0F56C5F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 9549DBDE307A8A08B383359F07D9A7F0
Requests: 18 HTTP requests in this frame

Frame: https://img.cdn.house/img.php?id=NWVlOGQ2ODEzNzYzNC5wbmc6NjEyNTo3ODE2ODoxNDoxODo1Njo1MzIzODQ4Nzo5OTk5
Frame ID: 8E4C59A3EB79D32B0A3F0C8C7A4AEF12
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20
Frame ID: F12E21604EB9263C04D74F2B9E106CF5
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: 3E5AB151EE92F2B24D968C928CC86493
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 71CF1DB23DF11D8E5709688066EE1F7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

125
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

47
Subdomains

37
IPs

7
Countries

1816 kB
Transfer

4716 kB
Size

1
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://gplinks.in/

Search URL Search Domain Scan URL

URL: https://gplinks.in/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC6sbLB-voyY-t2_6ixEYAAw
Title: Payment Proof

Search URL Search Domain Scan URL

URL: https://gplinks.in/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://gplinks.in/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://bestcond1tions.com/r/?token=d17c8c28dafc38716b2c7be00627197059dd7195&q=Download%20File%20from%20DropGalaxy

Search URL Search Domain Scan URL

URL: http://steepto.com/

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/d/1021891/i/131549/pp/1/1?h=8bjYTMLPbitfmSjUhWh-yhJLzXKEZGRX0qqkjyzRriDh2dKYjoDsnVjWDwBhVibA&rid=4773d156-afed-11ea-9ab5-d094662f8ab5&u=CGU9L-ZmAOgqT3lUrCVj47f7HQGQCGxmCnZxkE-fN0oPxkHU0QN58nyj9bMe3rofNLhZoB5rZn6wPXzOTO5CTI7D5Sm79pM6dWB32T7Los_hnf-uZKDbml0wv0FxaizamLON5I5UPbD0RwvQorKbrRWUl6tS3V0At79hQlNE0vad3zzkzLfH7e16JFo3jULfM3qtR4p4S4tSgjaTA2JW6TCgIzZR0mO57D-DfAR1QMLsZ7jLJZjnjahdjyoFvtCjSIbZTNJUQDPZIGUx5yE7fGONn-WKA4-f9P0IiJxLnMf4eDYFqKovxBnohIiLZlXmoCoZuo4x7jJ6OT3rT6GH86lkxEgheRRX6rJmsdbDwFY*&tt=Direct&cpm=1&gbpp=1&muid=k5gmfufVgdk9

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4146527/i/131549/0/pp/2/1?h=GPpZei238dZm_9Jf6iGkebvYwd7k91f3YmfEjuZ8-xiLhXgRo0No9il3T_HxED6S&rid=4773d156-afed-11ea-9ab5-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&muid=k5gmfufVgdk9

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/5610670/i/131549/0/pp/3/1?h=XyFjN5MMkjDDwVVBt4gfTgpB_LzF6jNXAEtjs0ZmghHNFITB3YeLlxF8_1cV6W6y&rid=4773d156-afed-11ea-9ab5-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&muid=k5gmfufVgdk9

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4079399/i/131549/0/pp/4/1?h=GPpZei238dZm_9Jf6iGkeViYxLDCMJiGEvZeIKCpw59LZzsD9C8RWVTgoOas69R8&rid=4773d156-afed-11ea-9ab5-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&muid=k5gmfufVgdk9

Search URL Search Domain Scan URL

URL: https://mob1ledev1ces.com/r/?token=ffc63c36fe5d30092b621a26e8cddf2ddbcc19db&q=Download%20File%20from%20DropGalaxy

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/5806637/i/131554/0/pp/1/1?h=GbDm4pM8QIad4qOwY40bqJ8NPAP6biQ0QYBYbzl1CyK3WyhwCumQu4LyCNUyddKD&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/5610670/i/131554/0/pp/2/1?h=-iTEklsOpVOfV7H0qBNsAgpB_LzF6jNXAEtjs0ZmghEUychNTSYtDRkTbPMLCtrM&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4231241/i/131554/0/pp/3/1?h=KqpTUSMBLJdNSxFxGCdQMM8-jtI92q1CPa1kJSA_nKiDhmAwzsoQNeLQ7Lfasrrn&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4079367/i/131554/0/pp/4/1?h=9JKX5JezYXo1HZ8u_uwXcnJE13FlpELmurNAB8ZNuyT9MT4-h1Bv_dz0Tc-f0X2N&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4146527/i/131554/0/pp/5/1?h=9JKX5JezYXo1HZ8u_uwXcrvYwd7k91f3YmfEjuZ8-xgKWm2iX2yjAw7LVfbO6zcu&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://www.steepto.com/ghits/4079399/i/131554/0/pp/6/1?h=9JKX5JezYXo1HZ8u_uwXcliYxLDCMJiGEvZeIKCpw583S6ak4PyJXulX6Vu71fpA&rid=4775d254-afed-11ea-9051-d094662c24f7&tt=Direct&cpm=1&gbpp=1

Search URL Search Domain Scan URL

URL: https://gplinks.in/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://gplinks.in/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://gplinks.in/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://facebook.com/gpmojo

Search URL Search Domain Scan URL

URL: https://valueimpression.com/privacy.html#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=mydomainscan.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=79de45ee-847a-4209-8914-7c499b020b55&ttl=1594916423

Request Chain 91

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1

Request Chain 92

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

125 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request CeqVal Show response
mydomainscan.com/ 69 KB
21 KB 555ms
490ms Document
text/html 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fb1606c5aa8be9bacbaeeb4519105fa33bd3e3695e31b6d5633f21f8d1e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mydomainscan.com
:scheme: https
:path: /CeqVal
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 16 Jun 2020 16:20:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcec3b2b3b42bdf760307d7838ab7f2dc1592324421; expires=Thu, 16-Jul-20 16:20:21 GMT; path=/; domain=.mydomainscan.com; HttpOnly; SameSite=Lax; Secure AppSession=3437e877779ab112351afdb980fab2c0; path=/; HttpOnly; secure csrfToken=281e051417a5eeeaecde04116e8d4e1f798ffc8a64526d787ed629fed00cc356d8e984abe3fbef35324f4b31a9b2b94abe1d8311e74fe54db5fc30e0883e25aa; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 035f878e8600000bf59595c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a45db90d9450bf5-AMS
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 7 KB
876 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95f365b3ee62f2ca2655a64df8afa9c859c90876c4572a640b341f9d10c497d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 16:20:21 GMT
server: ESF
date: Tue, 16 Jun 2020 16:20:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 16:20:21 GMT

GET
H2 200 styles.min.css
mydomainscan.com/modern_theme/build/css/ 187 KB
31 KB 21ms
21ms Stylesheet
text/css 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/modern_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116078
status: 200
cf-request-id: 035f8790dd00000bf5959e9200000001
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5a45db949a1c0bf5-AMS
expires: Wed, 15 Jul 2020 08:05:42 GMT

GET
H2 200 newlogo.png
gplinks.in/img/ 32 KB
33 KB 58ms
19ms Image
image/png 2606:4700:3035::681c:1cbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/img/newlogo.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1cbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd284f4a9a9b5ee3da885fde0bb792b668b39511090588da98003377156b4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3410803
cf-polished: origSize=37009, status=vary_header_present
status: 200
vary: User-Agent,User-Agent, Accept-Encoding
content-length: 32809
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Sep 2019 14:17:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: image/png
expires: Sat, 08 May 2021 04:53:38 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 035f8791060000fa44e9b9d200000001
accept-ranges: bytes
cf-ray: 5a45db94dd42fa44-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 a-r-download.png
gplinks.in/advertising/banners/ 6 KB
6 KB 72ms
33ms Image
image/png 2606:4700:3035::681c:1cbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/advertising/banners/a-r-download.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1cbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928b7cfe5733bf048d7973dba60c24cd7b76f0553f328c3c117f5a8bf10edf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4267937
cf-polished: status=not_needed
status: 200
vary: User-Agent,User-Agent, Accept-Encoding
content-length: 5743
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Apr 2020 05:59:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: image/png
expires: Wed, 28 Apr 2021 06:48:04 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 035f8791060000fa44e9b9e200000001
accept-ranges: bytes
cf-ray: 5a45db94dd44fa44-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 do-skip-ads.png
gplinks.in/advertising/banners/ 5 KB
5 KB 60ms
22ms Image
image/png 2606:4700:3035::681c:1cbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/advertising/banners/do-skip-ads.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1cbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e7e4b6ef1d39c3c85bba1cfc528b7a832353d1574165f35da1604a3fc0491d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3409210
cf-polished: status=not_needed
status: 200
vary: User-Agent,User-Agent, Accept-Encoding
content-length: 4770
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Apr 2020 05:59:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: image/png
expires: Sat, 08 May 2021 05:20:10 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 035f8791060000fa44e9b9f200000001
accept-ranges: bytes
cf-ray: 5a45db94dd46fa44-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 verify.png
gplinks.in/advertising/banners/ 1 KB
1 KB 69ms
31ms Image
image/png 2606:4700:3035::681c:1cbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/advertising/banners/verify.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1cbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e1f5fd7abde59874d4205c0c7c829146c753dc43b28baea982d69b77a6e9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6071718
cf-polished: origSize=1306, status=vary_header_present
status: 200
vary: User-Agent,User-Agent, Accept-Encoding
content-length: 1301
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Apr 2020 09:42:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: image/png
expires: Wed, 07 Apr 2021 09:45:03 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 035f8791060000fa44e9ba0200000001
accept-ranges: bytes
cf-ray: 5a45db94dd4bfa44-AMS
cf-bgj: imgq:85

GET
H2 200 ads.js Show response
mydomainscan.com/js/ 190 B
360 B 18ms
16ms Script
application/javascript 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/js/ads.js

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116115
cf-polished: origSize=191
status: 200
cf-bgj: minify
cf-request-id: 035f8790e100000bf5959ea200000001
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5a45db949a240bf5-AMS
expires: Wed, 15 Jul 2020 08:05:06 GMT

GET
H2 200 sw.js Show response
mydomainscan.com/ 90 KB
32 KB 22ms
20ms Script
application/javascript 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/sw.js

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf9584c9347aabc3c8f00cc6df11cc7a3c5d7e4774ce80a1db0fca4614e325b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116115
cf-polished: origSize=92313
status: 200
cf-bgj: minify
cf-request-id: 035f8790e100000bf5959eb200000001
last-modified: Fri, 06 Sep 2019 14:16:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5a45db949a250bf5-AMS
expires: Wed, 15 Jul 2020 08:05:06 GMT

GET
H2 200 / Show response
ds88pc0kw6cvc.cloudfront.net/ 78 KB
29 KB 223ms
180ms Script
text/plain 13.226.156.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275
Requested by: Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.74 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-74.dus51.r.cloudfront.net
Software: /
Resource Hash: 97e255ec3210b474db4e9215741eb8adebc215b7f244c607ecf38d1964d44b12

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 29246
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-id: f0MLArqGkb2KPi5VRawu9dTJI7E-T5RK7gRPTXIznmRWpT65vw0FmA==

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
7ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 10 Jun 2020 17:45:48 GMT
server: cloudflare
etag: W/"5ee11c4c-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5a45db949b32d6d9-FRA
cf-request-id: 035f8790de0000d6d9dd391200000001
expires: Thu, 18 Jun 2020 16:20:21 GMT

GET
H2 200 home.jpg
gplinks.in/img/ 58 KB
58 KB 35ms
31ms Image
image/jpeg 2606:4700:3035::681c:1cbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gplinks.in/img/home.jpg

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1cbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dae81166c709f946daf618f2c189f988979e7b096a7627dda37d5dd3763a4124

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7959845
cf-polished: degrade=85, origSize=62768, status=vary_header_present
status: 200
vary: User-Agent,User-Agent, Accept-Encoding
content-length: 59419
x-xss-protection: 1; mode=block
last-modified: Sun, 15 Sep 2019 04:28:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
content-type: image/jpeg
expires: Tue, 16 Mar 2021 13:16:16 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 035f8791060000fa44e9ba1200000001
accept-ranges: bytes
cf-ray: 5a45db94dd4ffa44-AMS
cf-bgj: imgq:85

GET
H2 200 footer.jpg
mydomainscan.com/modern_theme/build/img/ 13 KB
13 KB 18ms
18ms Image
image/jpeg 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mydomainscan.com/modern_theme/build/img/footer.jpg

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116114
status: 200
content-length: 13309
cf-request-id: 035f87910500000bf5959ed200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5a45db94da960bf5-AMS
expires: Tue, 15 Jun 2021 08:05:07 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://mydomainscan.com

Response headers

date: Tue, 09 Jun 2020 03:24:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 651343
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:24:38 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v20/ 24 KB
24 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v20/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://mydomainscan.com

Response headers

date: Tue, 09 Jun 2020 03:33:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 23:41:33 GMT
server: sffe
age: 650787
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24884
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:33:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://mydomainscan.com

Response headers

date: Thu, 11 Jun 2020 02:33:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 481639
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:33:02 GMT

GET
H2 200 fontawesome-webfont.woff2
mydomainscan.com/modern_theme/build/fonts/ 75 KB
76 KB 18ms
17ms Font
font/woff2 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/modern_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mydomainscan.com/modern_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://mydomainscan.com

Response headers

date: Tue, 16 Jun 2020 16:20:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116114
status: 200
content-length: 77160
cf-request-id: 035f87910600000bf5959ee200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5a45db94da9d0bf5-AMS
expires: Mon, 22 Jun 2020 08:05:07 GMT

GET
H2 204 utx Show response
ritiesagently.fun/ 0
413 B 270ms
253ms XHR
text/plain 13.35.254.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ritiesagently.fun/utx?cb=1E4NVEIMW56J&top=mydomainscan.com&tid=844275
Requested by: Host: ds88pc0kw6cvc.cloudfront.net
URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-36.fra6.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:22 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA6-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://mydomainscan.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Smw-NYRSP4H-OAy4S0LDScy1ebbmy6BlS6Fx_pP-tej0_KSos36J1w==

GET
H2 200 MgUAOhQtJiBtMxsnARkQPysiEj8xAVoyEgMIWWIxGw0EDBcJCAwCFnsoWjFCKjUGLzAhGRkYAHh+IxIweAkuF196Dg0sTnABOj4IESErZDMbFQIxSSx0IhEoeyhaIl96CjA4OHkqMXgZERVaEC4rIVxmHns7BBsDATwiATshASphFgV+IzI7eyBZNjIwfgw4MHkVB...
ritiesagently.fun/VXpITGk0GCshVjRHKmocJxZ1aVsTX3oKDSZCcDwKZRE/egojGWYvBToPLCobOhQ8YgcwDm1+LwcoHTQhB0sBISAsESAuPRAWAX8ZJBkQJFg2PSwmIz8rJxwtAwINDlEvN3t0IhcoDQknPy8/Ax4EIAELLDgqMSRfMSIZPCUGES8uWxgKAx8... Frame 6D39 0
0 181ms
179ms Document
text/html 13.35.254.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ritiesagently.fun/VXpITGk0GCshVjRHKmocJxZ1aVsTX3oKDSZCcDwKZRE/egojGWYvBToPLCobOhQ8YgcwDm1+LwcoHTQhB0sBISAsESAuPRAWAX8ZJBkQJFg2PSwmIz8rJxwtAwINDlEvN3t0IhcoDQknPy8/Ax4EIAELLDgqMSRfMSIZPCUGES8uWxgKAx87Ix4PIwQcAAp4DBI/MgUAOhQtJiBtMxsnARkQPysiEj8xAVoyEgMIWWIxGw0EDBcJCAwCFnsoWjFCKjUGLzAhGRkYAHh+IxIweAkuF196Dg0sTnABOj4IESErZDMbFQIxSSx0IhEoeyhaIl96CjA4OHkqMXgZERVaEC4rIVxmHns7BBsDATwiATshASphFgV+IzI7eyBZNjIwfgw4MHkVBGUUBDYkcEgOBz45SwoEDWYcCz8cGikKPA0NGXkFKm0JAwQdMhwmLwIaECsmIjwweygeJV96Cg0dAnkVBxtIESIzPBkQFloxST98Iz8rIxwAYBMRDSdgHgAOUTEUOCQkOEJuJho6FDhxPg0bPn8kFzkJNhsiEwkZDg
Requested by: Host: ds88pc0kw6cvc.cloudfront.net
URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-36.fra6.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash

Request headers

:method: GET
:authority: ritiesagently.fun
:scheme: https
:path: /VXpITGk0GCshVjRHKmocJxZ1aVsTX3oKDSZCcDwKZRE/egojGWYvBToPLCobOhQ8YgcwDm1+LwcoHTQhB0sBISAsESAuPRAWAX8ZJBkQJFg2PSwmIz8rJxwtAwINDlEvN3t0IhcoDQknPy8/Ax4EIAELLDgqMSRfMSIZPCUGES8uWxgKAx87Ix4PIwQcAAp4DBI/MgUAOhQtJiBtMxsnARkQPysiEj8xAVoyEgMIWWIxGw0EDBcJCAwCFnsoWjFCKjUGLzAhGRkYAHh+IxIweAkuF196Dg0sTnABOj4IESErZDMbFQIxSSx0IhEoeyhaIl96CjA4OHkqMXgZERVaEC4rIVxmHns7BBsDATwiATshASphFgV+IzI7eyBZNjIwfgw4MHkVBGUUBDYkcEgOBz45SwoEDWYcCz8cGikKPA0NGXkFKm0JAwQdMhwmLwIaECsmIjwweygeJV96Cg0dAnkVBxtIESIzPBkQFloxST98Iz8rIxwAYBMRDSdgHgAOUTEUOCQkOEJuJho6FDhxPg0bPn8kFzkJNhsiEwkZDg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mydomainscan.com/CeqVal
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mydomainscan.com/CeqVal

Response headers

status: 200
content-type: text/html
content-length: 1235
date: Tue, 16 Jun 2020 16:20:22 GMT
server: openresty/1.15.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: b8bfJDxFF-1obGMUvcol16DFAvjewZ5jRSYCUTEe7DgdyFC9j1e7hw==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
937 B 69ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

329ffdad85c85c98d54f7c144db7bbf1b4dfc327e3ddde3c2e8fe04a3457e89c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 script.min.js Show response
mydomainscan.com/modern_theme/build/js/ 202 KB
58 KB 30ms
29ms Script
application/javascript 2606:4700:3037::681f:402b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mydomainscan.com/modern_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:402b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116101
status: 200
cf-request-id: 035f87931800000bf595a11200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5a45db9829cc0bf5-AMS
expires: Wed, 15 Jul 2020 08:05:21 GMT

GET
H2 200 mydomainscan.com.930157.js Show response
jsc.mgid.com/m/y/ 156 KB
41 KB 74ms
28ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef63761264fbf6a897345830c0070bd1c18360bba99bb35f05b90c72c2f92a07

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5188
cf-polished: origSize=159973
status: 200
last-modified: Mon, 15 Jun 2020 16:51:05 GMT
alt-svc: h3-27=":443"; ma=86400
x-amz-request-id: D3AE59C866FE790B
x-amz-id-2: l4J491YB7ii/FtAQcERGGKqKmIwTAK+eyjbfdfisfaipfyP6loV3Y8EcqfiuyO58xnXom24TQWw=
cf-bgj: minify
server: cloudflare
etag: W/"be8b8c3e7538b51f8bad35dc0a00fbab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 035f87934c00000b2f013c0200000001
cf-ray: 5a45db9879800b2f-AMS
expires: Tue, 16 Jun 2020 17:20:22 GMT

GET
H2 200 mydomainscan.com.930162.js Show response
jsc.mgid.com/m/y/ 156 KB
41 KB 79ms
33ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c92ba57afe12f4757ca83ee84a03614d380b3c698060cc7569e698d3bb17455

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 5188
cf-polished: origSize=159958
status: 200
last-modified: Mon, 15 Jun 2020 16:50:10 GMT
alt-svc: h3-27=":443"; ma=86400
x-amz-request-id: BB94AA3AB5BD140B
x-amz-id-2: kCY+Hj+yPJTZyPrxFb9iXhquV2IFgYdMNNDczCBJm3EdGLsqtHOIWs7mvxSr2LvSXnYWC2Xw50I=
cf-bgj: minify
server: cloudflare
etag: W/"744336e5bc21b31c7b895a6987e64237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 035f87934c00000b2f013c1200000001
cf-ray: 5a45db9879810b2f-AMS
expires: Tue, 16 Jun 2020 17:20:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 42ms
18ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

861223c73d62b06df22a5c5307f4bbca35d37dfbfbb7af4e6a717c1559350e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "544 / 736 of 1000 / last-modified: 1592319006"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14469
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 314 B
739 B 171ms
125ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=72b6b994f9cbf117490b5353e57d21d2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb419d6032de81049616a23d958e42b5db5ba4d23c4272e3213afe666ea5a51

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87934200000eab8ebe8200000001
pragma: no-cache
last-modified: Tue, 16 Jun 2020 12:20:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 1.210
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 5a45db986e940eab-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134987322-3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a75f30d2b8ad5ae9fe9c806de80434065670170696e1e8d4c76305676a7fbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33235
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:49:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 / Show response
tag.vlitag.com/v3/1592313123/ 253 KB
58 KB 27ms
19ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=72b6b994f9cbf117490b5353e57d21d2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b3ce72bb112845eab9488c83b8268d5b597969e2ee02403122c933ee169b6dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 11295
status: 200
alt-svc: h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-sv: 157.114
cache-control: public, max-age=31536000, immutable
cf-request-id: 035f87945d00000eab8e818200000001
cf-ray: 5a45db9a29d10eab-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 15ms
15ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

5ef4483f0093decd1c16febdfe054547a89b9238e272d63cf8e1d6376d050087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "544 / 481 of 1000 / last-modified: 1592319006"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14469
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 39ms
14ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mydomainscan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
1009 B 42ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mydomainscan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061001.js Show response
securepubads.g.doubleclick.net/gpt/ 247 KB
88 KB 17ms
17ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

1e8fb1838c8dc7c3c2ec8aa3d09b0c3eab7980d0afe576087b6c917c2606b976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 14:24:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90151
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:59:20 GMT
server: ESF
date: Tue, 16 Jun 2020 16:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:32:38 GMT
server: ESF
date: Tue, 16 Jun 2020 16:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK apu.php Show response
shorteh.com/ 3 KB
2 KB 131ms
88ms XHR
application/json 188.72.202.17
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/apu.php?zoneid=3064019&oo=1

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.17 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4477a24c9da07239c8019e93ec39d3e341dd8f44d28757ccc6e99f179eb412e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 16:20:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8886f6a5b57ac973d7ea08a6d50022bd
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://mydomainscan.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
shorteh.com/ 75 KB
24 KB 130ms
87ms Script
application/javascript 188.72.202.17
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/tag.min.js

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.17 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

922014228b35f797405be950c40370b64e8c71b7dce9c69b38b8fbe0c5a0f4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 16:20:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23701
X-Trace-Id: c3c3b9a2f55a95d1a3cc44b7dd473c87
Pragma: no-cache
Last-Modified: Tue, 16 Jun 2020 12:49:13 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK script-appender.js Show response
client.trackpush.com/ 1 KB
1 KB 761ms
325ms Script
application/x-javascript 157.230.253.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://client.trackpush.com/script-appender.js
Requested by: Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.230.253.19 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 443fdb85494dd16e1597fc503f2b0ce2db700b21ec0c2f7dfaa0efc9885030bc

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 16:20:23 GMT
Last-Modified: Fri, 22 Nov 2019 03:38:28 GMT
Server: nginx
ETag: "5dd75834-476"
Content-Type: application/x-javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1142
Expires: Tue, 16 Jun 2020 16:30:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134987322-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6044
date: Tue, 16 Jun 2020 14:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 16 Jun 2020 16:39:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ds88pc0kw6cvc.cloudfront.net
URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://mydomainscan.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 660988
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ds88pc0kw6cvc.cloudfront.net
URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://mydomainscan.com

Response headers

date: Fri, 12 Jun 2020 13:44:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 354970
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:44:12 GMT

GET
H2 200 popunder.gif
saturalolk.club/ 35 B
367 B 380ms
147ms Image
image/gif 13.249.120.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saturalolk.club/popunder.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.120.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-120-6.atl51.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: gzip
x-amz-cf-pop: ATL51-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 812defed1167ca00304e9ce555dcf6e3.cloudfront.net (CloudFront)
x-amz-cf-id: jRhJ33e9GkYC50DZGV4B6Z1JihumqJm6la8D5Cubj62lHpslMvG4Og==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/ 316 KB
125 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/oqtdXEs9TE9ZUAIhXNz5JBt_/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 16:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 04:05:48 GMT
server: sffe
age: 85053
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127301
x-xss-protection: 0
expires: Tue, 15 Jun 2021 16:42:49 GMT

GET
H2 200 1 Show response
servicer.mgid.com/930162/ 3 KB
2 KB 188ms
186ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/930162/1?w=945&h=787&cols=2&pv=5&cbuster=1592324422870914296512&uniqId=0ad80&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fmydomainscan.com%2FCeqVal&pageView=1&pvid=172bdee7cd88505ad37&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8aee51fd36098511d0cf3a44e24b2fe5f8abdad9497e9e6057b4def088fb48

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a45db9b0ee10b2f-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 035f8794e200000b2f013e0200000001

GET
H2 200 1 Show response
servicer.mgid.com/930157/ 4 KB
2 KB 75ms
74ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/930157/1?w=945&h=583&cols=3&pv=5&cbuster=1592324422883335397681&uniqId=057a3&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fmydomainscan.com%2FCeqVal&pageView=0&pvid=172bdee7ce3b96b7648&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da559b07234e0a6bceaa18e68e56f742d981c4715a88565681dd154d1000f57

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a45db9b1f060b2f-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 035f8794ed00000b2f013e1200000001

GET
H2 200 cmp.min.css
assets.vlitag.com/plugins/cmpv3/static/delivery/ 14 KB
3 KB 52ms
38ms Stylesheet
text/css 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmpv3/static/delivery/cmp.min.css

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 472547
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87950100000eab8e824200000001
x-robots-tag: noindex, nofollow
last-modified: Tue, 14 Jan 2020 16:49:30 GMT
server: cloudflare
etag: W/"5e1df11a-36a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5a45db9b3c100eab-FRA
expires: Thu, 11 Jun 2020 05:34:35 GMT

GET
H2 200 cmp_en.js Show response
assets.vlitag.com/plugins/cmpv3/js/ 160 KB
31 KB 53ms
39ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmpv3/js/cmp_en.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 472537
cf-polished: origSize=275470
status: 200
expires: Thu, 11 Jun 2020 05:34:45 GMT
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87950200000eab8e825200000001
x-robots-tag: noindex, nofollow
last-modified: Thu, 16 Jan 2020 18:08:39 GMT
server: cloudflare
etag: W/"5e20a6a7-4340e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5a45db9b3c190eab-FRA
cf-bgj: minify

GET
H2 200 bidfilter.js Show response
cdn.bidfilter.com/ 34 KB
11 KB 136ms
65ms Script
application/javascript 2606:4700:3034::ac43:ce02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfilter.com/bidfilter.js
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ce02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1168
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87954e0000bf4b8d890200000001
last-modified: Tue, 21 Apr 2020 19:06:19 GMT
server: cloudflare
etag: W/"8662-5a3d1b5e920c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 5a45db9bbd5cbf4b-AMS

GET
H2 200 prebid-v3.23.1.js Show response
assets.vlitag.com/prebid/default/ 340 KB
97 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bd1fdfc5ed5bdca5354ab8d6646b0cb51adcaca1a4b64d31d3f0ee845b3758b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 115057
cf-polished: origSize=348375
status: 200
expires: Mon, 15 Jun 2020 08:52:45 GMT
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87950400000eab8e826200000001
x-robots-tag: noindex, nofollow
last-modified: Mon, 15 Jun 2020 08:22:39 GMT
server: cloudflare
etag: W/"5ee72fcf-550d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5a45db9b3c220eab-FRA
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 134ms
94ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3acdfae6770bd63b280d7a139a07064ed5086fb10b529aebc4a6805f7df6a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "544 / 209 of 1000 / last-modified: 1592319006"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14469
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 viPlayer_v32.min.js Show response
assets.vlitag.com/plugins/vlPlayer/ 11 KB
4 KB 35ms
34ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v32.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba1c55085aaa98bf814d9f6c47ab48436da1abb122b68303c17ff7a5452c2e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 472562
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87950400000eab8e827200000001
x-robots-tag: noindex, nofollow
last-modified: Wed, 10 Jun 2020 03:50:41 GMT
server: cloudflare
etag: W/"5ee05891-2ac7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
cf-ray: 5a45db9b3c240eab-FRA
expires: Thu, 11 Jun 2020 05:34:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 284 KB
97 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec612f97bb39725ea932d554414a797084b95a24f81c8cef16d90236a02d06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99054
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:22 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
121 B 17ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=252746658&t=pageview&_s=1&dl=https%3A%2F%2Fmydomainscan.com%2FCeqVal&ul=en-us&de=UTF-8&dt=GPlinks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=751499870&gjid=33943364&cid=1478249147.1592324423&tid=UA-134987322-3&_gid=104754234.1592324423&_r=1&gtm=2ou640&z=315181713

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.steepto.com/ 130 B
499 B 368ms
289ms Script
application/javascript 104.19.136.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?cbuster=1592324423080506684645
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 5a45db9cdecc72e1-AMS
cf-request-id: 035f879609000072e12a264200000001

GET
H2 200 i-noref.js Show response
cm.steepto.com/ Frame D48D 19 B
215 B 365ms
290ms Script
application/javascript 104.19.136.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i-noref.js?cbuster=1592324423085942803676
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 5a45db9cdecd72e1-AMS
content-length: 19
cf-request-id: 035f879609000072e12a265200000001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 395ms
20ms Script
application/x-javascript 23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 16:20:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 17 Jun 2020 16:20:23 GMT

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 109ms
45ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 5232
cf-ray: 5a45db9cd9d8c769-AMS
status: 200
content-length: 2745
x-amz-id-2: 3FON5nVIipw2Py0JdK0d2FAOS/zbIat+EVEKYmAt4Bim7i7TxgMNlpZbwLhY+eSu6ty/ctVFyQc=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ECEF3DDCE0723D97
cache-control: public, max-age=14400
cf-request-id: 035f87960a0000c769ea313200000001
accept-ranges: bytes
content-type: image/png
expires: Tue, 16 Jun 2020 20:20:23 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMzE0NzIyLzNmYzQwNjRmZmQ0NjFlMGM0YzkxZjIzYjI3MGIzYzI1LmpwZw**.webp
s-img.mgid.com/g/5806637/492x328/0x0x492x328/ 8 KB
8 KB 102ms
98ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5806637/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMzE0NzIyLzNmYzQwNjRmZmQ0NjFlMGM0YzkxZjIzYjI3MGIzYzI1LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d623117ff8651ebe1f591afb627feda5be7f2f3d1d590f1b95ad16ca01c21b7e

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 1772504
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 8230
cf-request-id: 035f8795c300000b2f013f0200000001
last-modified: Wed, 13 May 2020 15:24:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9c69d60b2f-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMjg3MzU1LzFmYWM5YWIzMjU4Mjg0YTRiYzczMmM4N2VmODRkYTE0LmpwZWc*.webp
s-img.mgid.com/g/5610670/492x328/0x0x492x328/ 15 KB
15 KB 52ms
49ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5610670/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMjg3MzU1LzFmYWM5YWIzMjU4Mjg0YTRiYzczMmM4N2VmODRkYTE0LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879c2e11473a612dfa7e4081b96326b87e3f09e839219005e1bbc793870b2d35

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 5218148
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 15138
cf-request-id: 035f8795c300000b2f013ef200000001
last-modified: Fri, 17 Apr 2020 06:50:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9c69d50b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMzA3NTg0LzMyZTIwMzE3Y2M2NzcwNDNjNzZhZTVhOWNkYzQzNDY2LmpwZw**.webp
s-img.mgid.com/g/4231241/492x328/0x0x492x328/ 31 KB
31 KB 53ms
50ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4231241/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMzA3NTg0LzMyZTIwMzE3Y2M2NzcwNDNjNzZhZTVhOWNkYzQzNDY2LmpwZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc17174f8b7fd785aa6b6c929b861795c3ef4e900b67363a7de12884620b12d

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 4586206
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 31398
cf-request-id: 035f8795c300000b2f013ee200000001
last-modified: Thu, 02 Jan 2020 09:41:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9c69d40b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzEwMTQxL2Q3OWI5MTVjZTBhOTk1M2YyODAxZDMzODA3NzAwYjhmLmpwZWc*.webp
s-img.mgid.com/g/4079367/492x328/0x49x565x376/ 11 KB
11 KB 50ms
48ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4079367/492x328/0x49x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMzEwMTQxL2Q3OWI5MTVjZTBhOTk1M2YyODAxZDMzODA3NzAwYjhmLmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88d7ce92ffecfe9558cd8019ffd880c60881de169117be627206f07f657fef31

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 4586173
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 11150
cf-request-id: 035f8795c300000b2f013ed200000001
last-modified: Mon, 02 Sep 2019 12:30:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9c69d20b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMTEvMzEwMTQxLzNjYTczOGJmN2FjZjYwN2Y5MDlhYWExMzNhMDFmMTE1LmpwZz90PTE1MzkzMDkzMjQ4ODY*.webp
s-img.mgid.com/g/4146527/492x328/0x265x1202x801/ 13 KB
13 KB 46ms
35ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4146527/492x328/0x265x1202x801/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMTEvMzEwMTQxLzNjYTczOGJmN2FjZjYwN2Y5MDlhYWExMzNhMDFmMTE1LmpwZz90PTE1MzkzMDkzMjQ4ODY*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a55813c936c2b92d788506d65193397d88011f223e04aa5698f5c4015b48608

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 4586260
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 12966
cf-request-id: 035f87960900000b2f013f3200000001
last-modified: Sun, 12 Jan 2020 09:13:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9cdab90b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMzEwMTQxLzhhYzMzZGIxMDMyM2NmMWJkMjExNmViOWE5YzYxNjk0LmpwZWc*.webp
s-img.mgid.com/g/4079399/492x328/0x0x492x328/ 17 KB
18 KB 96ms
84ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4079399/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMzEwMTQxLzhhYzMzZGIxMDMyM2NmMWJkMjExNmViOWE5YzYxNjk0LmpwZWc*.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5fadd39a5803332b585411cfc9e4355b818d9497ca61dba2da1497cd3b67b9

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 7204883
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 17790
cf-request-id: 035f87960a00000b2f013f4200000001
last-modified: Tue, 29 Oct 2019 12:04:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9cdaba0b2f-AMS
cf-bgj: h2pri

GET
H/1.1 204
No Content fac.php
itpatratr.com/ Frame 3562 0
0 414ms
17ms Document
text/html 206.54.165.186
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://itpatratr.com/fac.php

Requested by

Host: shorteh.com
URL: https://shorteh.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.186 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: itpatratr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mydomainscan.com/CeqVal
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mydomainscan.com/CeqVal

Response headers

Server: nginx
Date: Tue, 16 Jun 2020 16:20:23 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 9259ef6f9638edc3c6ad71f225845391
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 292ms
291ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2691121030149657&correlator=355037952483081&output=ldjh&impl=fif&adsid=NT&eid=21066439%2C21064372&vrg=2020061001&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=112081842%2Cmydomainscan.com_fluidx90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1024x90&eri=4&cookie_enabled=1&cdm=mydomainscan.com&bc=31&abxe=1&lmt=1592324423&dt=1592324423174&dlt=1592324421741&idt=1212&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=1110&adks=2707911850&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fmydomainscan.com&loc=https%3A%2F%2Fmydomainscan.com%2FCeqVal&dssz=40&icsg=46180035738864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1478249147.1592324423&ga_sid=1592324423&ga_hid=252746658&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

0cdcdf1f0c53b4bf70f24991951c46de8103d8bfda8e8f31e3d7a9e00e8dfc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10667
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mydomainscan.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 104ms
12ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 77ms
5ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 774ms
774ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2691121030149657&correlator=355037952483081&output=ldjh&impl=fif&adsid=NT&eid=21066439%2C21064372&vrg=2020061001&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200616&iu_parts=112081842%2Cmydomainscan.com_336x280_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&eri=4&cookie_enabled=1&cdm=mydomainscan.com&bc=31&abxe=1&lmt=1592324423&dt=1592324423188&dlt=1592324421741&idt=1212&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=163&adks=1367205177&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&url=https%3A%2F%2Fmydomainscan.com&loc=https%3A%2F%2Fmydomainscan.com%2FCeqVal&dssz=40&icsg=46180035738864&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x1319&msz=945x280&ga_vid=1478249147.1592324423&ga_sid=1592324423&ga_hid=252746658&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

5d01d627e013d4106ccaee944ba5ee35536b8cc682649b5d922657ff15e8a8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11099
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mydomainscan.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 97 KB
18 KB 72ms
13ms XHR
application/json 2600:9000:2182:f800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmpv3/js/cmp_en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:f800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jun 2020 12:23:42 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 14202
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 11 Jun 2020 16:00:46 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: J1hJuy6rXgqAD.r5CjxF1FefD7WlCD_1
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: S8Gxz5VKs6dn2VcBdDTF6bzAKyuFvs9dloMxA8rYYrXb_ZiQIBlc8A==

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 83ms
80ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 5232
cf-ray: 5a45db9e2c6cc769-AMS
status: 200
content-length: 2745
x-amz-id-2: 3FON5nVIipw2Py0JdK0d2FAOS/zbIat+EVEKYmAt4Bim7i7TxgMNlpZbwLhY+eSu6ty/ctVFyQc=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ECEF3DDCE0723D97
cache-control: public, max-age=14400
cf-request-id: 035f8796d80000c769ea31d200000001
accept-ranges: bytes
content-type: image/png
expires: Tue, 16 Jun 2020 20:20:23 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMTEvMzEwMTQxLzNjYTczOGJmN2FjZjYwN2Y5MDlhYWExMzNhMDFmMTE1LmpwZz90PTE1MzkzMDkzMjQ4ODY*.webp
s-img.mgid.com/g/4146527/492x328/0x265x1202x801/ 13 KB
13 KB 79ms
76ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4146527/492x328/0x265x1202x801/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMTEvMzEwMTQxLzNjYTczOGJmN2FjZjYwN2Y5MDlhYWExMzNhMDFmMTE1LmpwZz90PTE1MzkzMDkzMjQ4ODY*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a55813c936c2b92d788506d65193397d88011f223e04aa5698f5c4015b48608

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 4586260
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 12966
cf-request-id: 035f8796d800000b2f013fe200000001
last-modified: Sun, 12 Jan 2020 09:13:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9e2d4a0b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMjg3MzU1LzFmYWM5YWIzMjU4Mjg0YTRiYzczMmM4N2VmODRkYTE0LmpwZWc*.webp
s-img.mgid.com/g/5610670/492x328/0x0x492x328/ 15 KB
15 KB 78ms
75ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5610670/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMjg3MzU1LzFmYWM5YWIzMjU4Mjg0YTRiYzczMmM4N2VmODRkYTE0LmpwZWc*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879c2e11473a612dfa7e4081b96326b87e3f09e839219005e1bbc793870b2d35

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 5218148
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 15138
cf-request-id: 035f8796d800000b2f013ff200000001
last-modified: Fri, 17 Apr 2020 06:50:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9e2d4b0b2f-AMS
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMzEwMTQxLzhhYzMzZGIxMDMyM2NmMWJkMjExNmViOWE5YzYxNjk0LmpwZWc*.webp
s-img.mgid.com/g/4079399/492x328/0x0x492x328/ 17 KB
17 KB 75ms
73ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4079399/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMzEwMTQxLzhhYzMzZGIxMDMyM2NmMWJkMjExNmViOWE5YzYxNjk0LmpwZWc*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5fadd39a5803332b585411cfc9e4355b818d9497ca61dba2da1497cd3b67b9

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: HIT
age: 7204883
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 17790
cf-request-id: 035f8796d800000b2f01000200000001
last-modified: Tue, 29 Oct 2019 12:04:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5a45db9e2d4c0b2f-AMS
cf-bgj: h2pri

GET
H2 200 creatives
green.erne.co/ 46 KB
46 KB 261ms
95ms Image
image/jpeg 188.165.4.142
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://green.erne.co/creatives?id=EU2GjRQwAIJzymS1aI7X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 188.165.4.142 , Ireland, ASN16276 (OVH, FR),
Reverse DNS: ip142.ip-188-165-4.eu
Software: openresty /
Resource Hash: d6de61a3217cb263a496e79617588d2da31d5d32c864a51504f2ab5b2c32c79d

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 16 Jul 2020 16:20:23 GMT

GET
H2 200 b Show response
x.bidfilter.com/ 42 B
588 B 188ms
79ms XHR
application/json 2606:4700:3036::681b:8850
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidfilter.com/b?V=0&S=1046
Requested by: Host: cdn.bidfilter.com
URL: https://cdn.bidfilter.com/bidfilter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:8850 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c8a64a3b6aff7421b0dcd1dc9aabe48c8d04fcfa0924c380bfed1be1d62260

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 7078
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f8797990000fa9040aee200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 5a45db9f5dccfa90-AMS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 83ms
8ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200616

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

339fb96ac6e1e79ec5f36b7011c81acc33bb709cfa4e63e45fa7eaa46a47a8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 22739
x-cache: HIT, HIT
status: 200
content-length: 760
etag: W/"538-L1i9wrb6wwzsIlWtAqHRyEiCUmg"
x-served-by: cache-fra19169-FRA, cache-hhn4038-HHN
date: Tue, 16 Jun 2020 16:20:23 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
logs.vlitag.com/sub/ 0
220 B 142ms
120ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.vlitag.com/sub/?d=mydomainscan.com&h=mydomainscan.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
cf-ray: 5a45db9f5cc00eab-FRA
alt-svc: h3-27=":443"; ma=86400
content-length: 0
cf-request-id: 035f87979300000eab8e85a200000001

GET
H2 200 floater Show response
ritiesagently.fun/ 3 KB
2 KB 601ms
599ms XHR
text/plain 13.35.254.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ritiesagently.fun/floater?tid=844275&red=1&cs=U1RsbHFiYl1VQGE1XF1Ia20KCkFj&abt=0&v=0.5.37.1&sm=83&k=gplinks%20free%20short%20links%20from%20paid%20money&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmydomainscan.com%2FCeqVal&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_P1KL=1592324423560&crc=1
Requested by: Host: ds88pc0kw6cvc.cloudfront.net
URL: https://ds88pc0kw6cvc.cloudfront.net/?kcpsd=844275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-36.fra6.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: ffafaee2d94959b9ee31618bd412ccf58419b66cf14d321d8b801134df30e112

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:24 GMT
content-encoding: gzip
server: openresty/1.15.8.2
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://mydomainscan.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1398
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: fNLsEdQQ0eYMNFcnfSNmTzi-vymKiYKkBOEv7cxm-cRXTWekT_n3bg==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 015F 202 KB
56 KB 91ms
5ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2776
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 15:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 15:34:07 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 015F 16 KB
6 KB 103ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 446464
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 015F 97 KB
29 KB 101ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2765
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 15:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 15:34:18 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 015F 4 KB
2 KB 101ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308705
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 015F 48 KB
15 KB 98ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 446469
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 015F 5 KB
761 B 69ms
69ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:34:00 GMT
server: ESF
date: Tue, 16 Jun 2020 16:20:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 16:20:23 GMT

GET
DATA 200
OK truncated
/ Frame 015F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53f337d42787c1ce93c9d104dc840098e21645ad106bca3a93360bfac64a5825

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 2 KB
3 KB 63ms
62ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 60386
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 295 B
398 B 64ms
0ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 66423
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Jun 2020 21:53:20 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 015F 0
0 79ms
11ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CThTyR_HoXqLsDK2W7_UP9cmj4A-TsuWrT7W1ie_9A8_7kOPXAhABIKrswCNgleKQgqAHoAHprN7fA8gBAeACAKgDAcgDCqoEzgFP0BVn8QUlT7JGkpF_TD3U5w2SpcDqJdYH-37y5nHb5Z4heFE6-ZgGQC8LYTiRTiAhg_GWYHMZTmPtmnTLdH023KXSIjA7qoDq4lZVpi5-KIfKLL8RRh6qtBRyWozwKRpKiciaG5dYzIv1qbwbw4F3F3Z2bAiKhJdgCNlh-K-WGZM_FCfH1gwEdM3S29ZJceMcqUhMIyYa4hVVod_qwrWp2cG27H0sIhNHAW7Za2vphSDT-6gV-7-q_HyV1E0qKyNcy4CpPIgfLsoWmyKDrsAE0sHcrYkB4AQBkgUECAQYAZIFBAgFGASAB__SoSCoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ8P4F0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zNjcwNTA4MTY0ODg4NTI2gAoDyAsB2BMM&sigh=ITp06QXUNsY&tpd=AGWhJmvKfCf_jlIiXp-J_TtUQOri3LzEm-wBEN3p9pY3AwtNVQ
Requested by: Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 100ms
68ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f5fa5954e9ddfe5d8cc130283b8dbf6d5849c7e755dafa4574dbc67a3f71dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5611
x-xss-protection: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=79de45ee-847a-4209-8914-7c499b020b55&ttl=1594916423

43 B
400 B

99ms
97ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=79de45ee-847a-4209-8914-7c499b020b55&ttl=1594916423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:24 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a45dba1bcfc0b2f-AMS
content-type: image/gif
cf-request-id: 035f87991600000b2f0101d200000001

Redirect headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:23 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=79de45ee-847a-4209-8914-7c499b020b55&ttl=1594916423
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 yes.svg
assets.vlitag.com/plugins/cmpv3/static/delivery/btns0/ 2 KB
1 KB 66ms
65ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/plugins/cmpv3/static/delivery/btns0/yes.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 472561
cf-ray: 5a45dba00dc00eab-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87980600000eab8e85d200000001
last-modified: Tue, 14 Jan 2020 16:51:16 GMT
server: cloudflare
etag: W/"5e1df184-91f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 015F 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: shorteh.com
URL: https://shorteh.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://mydomainscan.com

Response headers

date: Sat, 13 Jun 2020 02:31:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 308955
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:31:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 015F 11 KB
11 KB 62ms
61ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: shorteh.com
URL: https://shorteh.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://mydomainscan.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 660989
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1

0
528 B

20ms
19ms

Image
text/plain

23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 16:20:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423749&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 16 Jun 2020 16:20:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1

0
528 B

19ms
19ms

Image
text/plain

23.42.18.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.42.18.223 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-42-18-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 16:20:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1592324423750&ns_c=UTF-8&cv=3.5&c8=GPlinks&c7=https%3A%2F%2Fmydomainscan.com%2FCeqVal&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 16 Jun 2020 16:20:23 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 16 Jun 2020 16:20:23 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 015F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Jun 2020 16:20:23 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C805 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mydomainscan.com/CeqVal
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mydomainscan.com/CeqVal

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 16 Jun 2020 15:21:11 GMT
expires: Wed, 16 Jun 2021 15:21:11 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3552
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 60386
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 015F 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 66423
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Jun 2020 21:53:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 9549 202 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2777
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 15:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 15:34:07 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 9549 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 446465
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 9549 97 KB
29 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2766
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Tue, 16 Jun 2020 15:34:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jun 2021 15:34:18 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 9549 4 KB
2 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308706
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 9549 48 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 446470
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9549 7 KB
824 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:36:31 GMT
server: ESF
date: Tue, 16 Jun 2020 16:20:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 16:20:24 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9549 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 60387
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9549 295 B
357 B 6ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 66424
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Jun 2020 21:53:20 GMT

GET
H2 200 9446146891465582424
tpc.googlesyndication.com/simgad/ Frame 9549 16 KB
16 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9446146891465582424

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061001.js?21066439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562650819d275c9d8764fcae3cfdedf9eab0bea1d6114aba884f52aee1cdb874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:34:40 GMT
x-content-type-options: nosniff
age: 380744
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16227
x-xss-protection: 0
last-modified: Tue, 31 Oct 2017 17:18:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:34:40 GMT

GET
DATA 200
OK truncated
/ Frame 9549 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e57ccd16f4340799f35dc5e756291dca31755b07a9f78c9a12da38b141264e

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9549 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea3795cabbcf5911c4f62a8730084d865e2aa90329f4a76ccbe90addd21aa8d

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9549 0
0 18ms
18ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8Ey_R_HoXtDEG6vD7_UPpu6l0ASTsuWrT7nA6tKcBs_7kOPXAhABIKrswCNgleKQgqAHoAHprN7fA8gBCeACAKgDAcgDCqoE1AFP0BDGR7rGz7rkcYtrwE6pevRnAaxjM5DDmkVDyJZI83AHefzbsk6Mp9taCOaDnU3koFcT-CXmakCrKTS2MUvYZogVYRPGnAxv-oF_yGf1UEqmK4bkWdTTlwm8j1nv_IHQZj-OZeII9zkre1hrtbbMazcIR3iQlB8cKCF5ycG6jcaL5OUM1o07FxfLD6kcgiKkr_r2uMLHY97nAms_U4Oycl47pbZFNmNyWWsktrpfjiG1Z2O5JcHqyEwzNXH2uayhhJhFva-6-sHRDkAfLvAF3LYjX8AEkMLF1YQB4AQBkgUECAQYAZIFBAgFGASgBi6AB__SoSCoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQtuEZ0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zNjcwNTA4MTY0ODg4NTI2gAoDyAsB2BMM&sigh=49vCaF20fbA&template_id=5000&tpd=AGWhJmsTTF6oDE6OQ0O8dK1C8zqBAH5f_ISuOP2BKA8sRkbzTg
Requested by: Host: mydomainscan.com
URL: https://mydomainscan.com/CeqVal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9549 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://mydomainscan.com

Response headers

date: Sat, 13 Jun 2020 02:31:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 308956
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:31:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9549 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://mydomainscan.com

Response headers

date: Sat, 13 Jun 2020 02:26:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 309257
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:26:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9549 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://mydomainscan.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 660990
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9549 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 60387
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 16 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9549 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 66424
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Jun 2020 21:53:20 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 16ms
16ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061001&jk=2691121030149657&bg=!PD-lPydYsQBAURKBACwCAAAAblIAAAAMmQF4XQqM-6z4CF2zsoi6GrpRwmh04ayR3qFAP_iqjQ81IFRbKtvlecaD14sHp8HEwIhGtV-qVjuE-EnQ95c80hjf3lxajyl7hTa_YXlG62-5lvsZT--1vi0FZ71CVAK3wfh0i_ftajOhK1mFPUHOCkoXn2v-E2G-jIqPJtMEI69IhRasxchyDVJU2jMYY_s-WGb_iO8zSYaSw-6M-hktrlhTsjjtUFuSnNoK3ebwqsnF6gBqS3vvlIshiAWnb0HDezHcIwgQL5jhlFCezY-JYGzpKkZawJCspC8Gi-IqTRcRhsXhbqzkLBbp1bX3WN_KFa7ATHeIpbeHtAsKaxkfLTTNn0Ypc2gejUl71sWgAXTZcXwp7vAO7pMp0CFQSeH1nI7f6p52M4NLVd4hiLFQ-alY1xIfcU8fvzUaHcAYaQtRVkORVU_7I2ScomFEtIM3zvhFnzNd87GXB_kTFeuZ3VuKcpgmyN6VCrCWtYJJ-Vw1I7-_aw82ojRSeQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 015F 42 B
112 B 20ms
20ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXQsXYX5YjFQMLjmlZN9SNwj5iicJKcmJGlWmtzPBQW3ynT2iwc8qw5TI4Fd077VancGUlPUDuyBmgKTWMwHVdsVi0KAzAr_KUk233_6h7r9CQg0kALG5wE4eaVg&sai=AMfl-YSj7y6Z1FWo4Te9rE_I7JpTkj9BWIMUGj6gOxMpiAZ_-6F3uNd9N4B8VH4A_9nZRzpPk4RTdE4GBWe0YFQBigC1hBfm0_NZI3XbBAJW&sig=Cg0ArKJSzPsdZbZXBkeTEAE&id=ampim&o=288,1110&d=1024,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=222&tls=1223&g=100&h=100&tt=1223&r=v&avms=ampa&adk=2707911850

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.php
img.cdn.house/ 4 KB
4 KB 38ms
12ms Image
image/webp 46.4.122.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/img.php?id=NWVlOGQ2ODEzNzYzNC5wbmc6NjEyNTo3ODE2ODoxNDoxODo1Njo1MzIzODQ4Nzo5OTk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.122.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.122.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 2e7b3d6bc1bcd467e134d4dc5e7d404087d0002cc0d24b8a1f203cf8cd6a22ad

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:25 GMT
last-modified: Tue, 16 Jun 2020 14:46:04 GMT
server: nginx
content-type: image/webp
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4058

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9549 42 B
107 B 15ms
15ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmDww79oGQoHx63kIwdJi8F435r1AgzID67UxTOVixrud17GMK__cIIPu4TO91l2yw7ffxeQRveYSfd05wyoWTTMzWNhibEBrpG08Y_-6WdePdvzrTVIr-_5qMhw&sai=AMfl-YQiBmeJjTs_WgBIJ4h_HTXW42dIW9wumjrNiWfUok99ZTgKTsi62J-ApBaa_BlaJ4rulrDETo3aT31vcGTLN5IrWiWcl_sMkOdkTsT9&sig=Cg0ArKJSzAPBwsEL3rzJEAE&id=ampim&o=632,163&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=114&tls=1114&g=100&h=100&tt=1114&r=v&avms=ampa&adk=1367205177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.php
img.cdn.house/ Frame 8E4C 4 KB
4 KB 11ms
11ms Image
image/webp 46.4.122.124
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdn.house/img.php?id=NWVlOGQ2ODEzNzYzNC5wbmc6NjEyNTo3ODE2ODoxNDoxODo1Njo1MzIzODQ4Nzo5OTk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.122.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.124.122.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 2e7b3d6bc1bcd467e134d4dc5e7d404087d0002cc0d24b8a1f203cf8cd6a22ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:25 GMT
last-modified: Tue, 16 Jun 2020 14:46:04 GMT
server: nginx
content-type: image/webp
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4058

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 64ms
26ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

576fdc05c35308fe5a830f750cf41c41ccc2668ac3cf8bb30efb776383f39930

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Jun 2020 16:20:29 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid: 7d707249-1c21-49dc-bd38-49e6c405d023
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mydomainscan.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F12E 83 KB
33 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aa0a6d53951af2c5553cdd8778cb6ab65802eb360b69f9c2addaec3a646e191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33232
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:49:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jun 2020 16:20:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3E5A 83 KB
33 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v3/1592313123/?q=72b6b994f9cbf117490b5353e57d21d2&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7872d077b2f71efeb5410e0bb9aa97e2c53cc7254291b25d56f476690b54c1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33232
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 15:49:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jun 2020 16:20:27 GMT

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 12ms
11ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 16:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 472564
cf-ray: 5a45dbb8580c0eab-FRA
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 035f87a73a00000eab8e966200000001
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F12E 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6049
date: Tue, 16 Jun 2020 14:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 16 Jun 2020 16:39:38 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame F12E 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1900183786&t=pageview&_s=1&dl=https%3A%2F%2Fmydomainscan.com%2FCeqVal&ul=en-us&de=UTF-8&dt=Nobid_Outstream_mydomainscan.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=mydomainscan.com&cm=Nobid_Outstream&cc=Default&_u=IEBAAUAB~&jid=1880093963&gjid=1110330502&cid=236291547.1592324428&tid=UA-128776493-20&_gid=182435417.1592324428&_r=1&gtm=2ou640&z=1145854614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 16:20:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 359.json Show response
id5-sync.com/g/v1/ 190 B
728 B 155ms
38ms XHR
text/json 5.39.67.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/359.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.39.67.10 , France, ASN16276 (OVH, FR),

Reverse DNS

s06.id5-sync.com

Software

Resource Hash

b70dea7c4c299d01f4e3e0b3900e6cc5eddb120d3cd9de911fbc1ddaf0d69837

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mydomainscan.com/CeqVal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Jun 2020 16:20:29 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://mydomainscan.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8
Transfer-Encoding: chunked

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 71CF 0
0 25ms
7ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mydomainscan.com/CeqVal
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mydomainscan.com/CeqVal

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 16 Jun 2020 16:20:30 GMT
Age: 27239914
X-Served-By: cache-jfk8138-JFK, cache-fra19151-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 708775
X-Timer: S1592324431.603293,VS0,VE0
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mydomainscan.com/	1970-01-19 11:01:56	Name: __cfduid Value: da900a3c899b069ffbfad4256a0158c691592324422

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/m/y/mydomainscan.com.930157.js(Line 9) Message: [object HTMLImageElement]
console-api	warning	URL: https://assets.vlitag.com/prebid/default/prebid-v3.23.1.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	debug	URL: https://jsc.mgid.com/m/y/mydomainscan.com.930162.js(Line 9) Message: [object HTMLImageElement]
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://mydomainscan.com/CeqVal
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://mydomainscan.com/CeqVal

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
assets.vlitag.com
b40befe1721f8bb4a42e7368643f91d2.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.bidfilter.com
cdn.jsdelivr.net
cdn.steepto.com
client.trackpush.com
cm.mgid.com
cm.steepto.com
ds88pc0kw6cvc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gplinks.in
green.erne.co
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
img.cdn.house
itpatratr.com
jsc.mgid.com
logs.vlitag.com
match.adsrvr.org
mydomainscan.com
pagead2.googlesyndication.com
ritiesagently.fun
s-img.mgid.com
saturalolk.club
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.mgid.com
services.vlitag.com
shorteh.com
tag.vlitag.com
tpc.googlesyndication.com
vendorlist.consensu.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidfilter.com
104.19.132.78
104.19.135.80
104.19.136.80
13.226.156.74
13.249.120.6
13.35.254.36
151.101.13.108
157.230.253.19
172.217.23.130
185.33.221.13
188.165.4.142
188.72.202.17
206.54.165.186
23.42.18.223
2600:9000:2182:f800:1:af78:4c0:93a1
2606:4700:20::681a:fee
2606:4700:3034::ac43:ce02
2606:4700:3035::681c:1cbe
2606:4700:3036::681b:8850
2606:4700:3037::681f:402b
2606:4700::6810:85e5
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:817::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:825::2008
2a04:4e42:1b::621
46.4.122.124
5.39.67.10
52.18.161.147
02fb1606c5aa8be9bacbaeeb4519105fa33bd3e3695e31b6d5633f21f8d1e1f4
03e7e4b6ef1d39c3c85bba1cfc528b7a832353d1574165f35da1604a3fc0491d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a5fadd39a5803332b585411cfc9e4355b818d9497ca61dba2da1497cd3b67b9
0cdcdf1f0c53b4bf70f24991951c46de8103d8bfda8e8f31e3d7a9e00e8dfc2b
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1262f412b65c8556101d256ab8b47e8e3d958826d190b3d2613b5bc3ebf8c2e2
1e8fb1838c8dc7c3c2ec8aa3d09b0c3eab7980d0afe576087b6c917c2606b976
1ec612f97bb39725ea932d554414a797084b95a24f81c8cef16d90236a02d06a
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
25e57ccd16f4340799f35dc5e756291dca31755b07a9f78c9a12da38b141264e
2a75f30d2b8ad5ae9fe9c806de80434065670170696e1e8d4c76305676a7fbee
2aa0a6d53951af2c5553cdd8778cb6ab65802eb360b69f9c2addaec3a646e191
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e7b3d6bc1bcd467e134d4dc5e7d404087d0002cc0d24b8a1f203cf8cd6a22ad
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f5fa5954e9ddfe5d8cc130283b8dbf6d5849c7e755dafa4574dbc67a3f71dc7
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
329ffdad85c85c98d54f7c144db7bbf1b4dfc327e3ddde3c2e8fe04a3457e89c
339fb96ac6e1e79ec5f36b7011c81acc33bb709cfa4e63e45fa7eaa46a47a8c9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3acdfae6770bd63b280d7a139a07064ed5086fb10b529aebc4a6805f7df6a8d2
3bd1fdfc5ed5bdca5354ab8d6646b0cb51adcaca1a4b64d31d3f0ee845b3758b
3c92ba57afe12f4757ca83ee84a03614d380b3c698060cc7569e698d3bb17455
3ea3795cabbcf5911c4f62a8730084d865e2aa90329f4a76ccbe90addd21aa8d
443fdb85494dd16e1597fc503f2b0ce2db700b21ec0c2f7dfaa0efc9885030bc
4477a24c9da07239c8019e93ec39d3e341dd8f44d28757ccc6e99f179eb412e4
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
52dd288a6591930a306cbe4ddd43e6168ac2f7654cd50af472b9e3cb8d391dbd
53f337d42787c1ce93c9d104dc840098e21645ad106bca3a93360bfac64a5825
562650819d275c9d8764fcae3cfdedf9eab0bea1d6114aba884f52aee1cdb874
576fdc05c35308fe5a830f750cf41c41ccc2668ac3cf8bb30efb776383f39930
5b3ce72bb112845eab9488c83b8268d5b597969e2ee02403122c933ee169b6dc
5d01d627e013d4106ccaee944ba5ee35536b8cc682649b5d922657ff15e8a8ee
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5da559b07234e0a6bceaa18e68e56f742d981c4715a88565681dd154d1000f57
5ef4483f0093decd1c16febdfe054547a89b9238e272d63cf8e1d6376d050087
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
6bc17174f8b7fd785aa6b6c929b861795c3ef4e900b67363a7de12884620b12d
6e8aee51fd36098511d0cf3a44e24b2fe5f8abdad9497e9e6057b4def088fb48
7872d077b2f71efeb5410e0bb9aa97e2c53cc7254291b25d56f476690b54c1df
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
861223c73d62b06df22a5c5307f4bbca35d37dfbfbb7af4e6a717c1559350e90
879c2e11473a612dfa7e4081b96326b87e3f09e839219005e1bbc793870b2d35
88d7ce92ffecfe9558cd8019ffd880c60881de169117be627206f07f657fef31
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
922014228b35f797405be950c40370b64e8c71b7dce9c69b38b8fbe0c5a0f4dc
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
928b7cfe5733bf048d7973dba60c24cd7b76f0553f328c3c117f5a8bf10edf9b
93e1f5fd7abde59874d4205c0c7c829146c753dc43b28baea982d69b77a6e9c8
95f365b3ee62f2ca2655a64df8afa9c859c90876c4572a640b341f9d10c497d4
97e255ec3210b474db4e9215741eb8adebc215b7f244c607ecf38d1964d44b12
9a55813c936c2b92d788506d65193397d88011f223e04aa5698f5c4015b48608
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
9e61e03a6ee8599fd31c01a8bca6f146b329d49031de47f9edf6eddd9e1b885e
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a9f5b6071126c2fc1edc5297956388a541fd164cf617d994d3fcb2ee06a70a92
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
b70dea7c4c299d01f4e3e0b3900e6cc5eddb120d3cd9de911fbc1ddaf0d69837
ba1c55085aaa98bf814d9f6c47ab48436da1abb122b68303c17ff7a5452c2e0f
bbd284f4a9a9b5ee3da885fde0bb792b668b39511090588da98003377156b4a4
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c56c117acef484702925a48e333f3956346675c531d5590cf272f42234133803
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d623117ff8651ebe1f591afb627feda5be7f2f3d1d590f1b95ad16ca01c21b7e
d6de61a3217cb263a496e79617588d2da31d5d32c864a51504f2ab5b2c32c79d
dae81166c709f946daf618f2c189f988979e7b096a7627dda37d5dd3763a4124
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef63761264fbf6a897345830c0070bd1c18360bba99bb35f05b90c72c2f92a07
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f5c8a64a3b6aff7421b0dcd1dc9aabe48c8d04fcfa0924c380bfed1be1d62260
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
fcf9584c9347aabc3c8f00cc6df11cc7a3c5d7e4774ce80a1db0fca4614e325b
feb419d6032de81049616a23d958e42b5db5ba4d23c4272e3213afe666ea5a51
ffafaee2d94959b9ee31618bd412ccf58419b66cf14d321d8b801134df30e112

mydomainscan.com Open in urlscan Pro 2606:4700:3037::681f:402b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

125 Requests

100 %HTTPS

55 %IPv6

32 Domains

47 Subdomains

37 IPs

7 Countries

1816 kBTransfer

4716 kBSize

1 Cookies

24 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mydomainscan.com Open in urlscan Pro
2606:4700:3037::681f:402b Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

47
Subdomains

37
IPs

7
Countries

1816 kB
Transfer

4716 kB
Size

1
Cookies

125 HTTP transactions
4 data transactions