demotix.com Open in urlscan Pro
2606:4700:3032::6815:7b2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://6mgu2.r.a.d.sendibm1.com/mk/cl/f/wM4WDMhteDkj5S623ZUmHF9Fv14Mcci4ijc1EBLAlCmV5gwJV7HNn3wv3Z6M5axzWDd3Gt7SPDCguXcIfx2ZOWjm...
Effective URL:
https://demotix.com/
Submission: On August 08 via api (August 8th 2021, 11:55:21 pm UTC) from US

Summary HTTP 50 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3032::6815:7b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is demotix.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time demotix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.107.232.244 185.107.232.244	200484 (SENDINBLU...) (SENDINBLUE-ASN)
2	2606:4700:303... 2606:4700:3032::6815:7b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	34.235.180.50 34.235.180.50	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
3	13.224.96.61 13.224.96.61	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.40 13.224.96.40	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.7 13.224.96.7	16509 (AMAZON-02) (AMAZON-02)
50	11

1 185.107.232.244 (France) 1 redirects

ASN200484 (SENDINBLUE-ASN, FR)

6mgu2.r.a.d.sendibm1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:7b2 (United States)

ASN13335 (CLOUDFLARENET, US)

demotix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

m9h7a2k2.rocketcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.180.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-180-50.compute-1.amazonaws.com

www.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net

img4.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-40.zrh50.r.cloudfront.net

img2.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-7.zrh50.r.cloudfront.net

img1.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	rocketcdn.me m9h7a2k2.rocketcdn.me	669 KB
8	zergnet.com www.zergnet.com img4.zergnet.com img2.zergnet.com img1.zergnet.com	110 KB
7	gstatic.com fonts.gstatic.com	169 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	taboola.com cdn.taboola.com	148 KB
2	demotix.com demotix.com	31 KB
1	jquery.com code.jquery.com	33 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	sendibm1.com 1 redirects 6mgu2.r.a.d.sendibm1.com	238 B
50	9

	Domain	Requested by
27	m9h7a2k2.rocketcdn.me	demotix.com m9h7a2k2.rocketcdn.me
7	fonts.gstatic.com	fonts.googleapis.com
3	img4.zergnet.com	demotix.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com demotix.com
2	img2.zergnet.com	demotix.com
2	www.zergnet.com	demotix.com www.zergnet.com
2	cdn.taboola.com	demotix.com cdn.taboola.com
2	demotix.com	demotix.com
1	img1.zergnet.com	demotix.com
1	code.jquery.com	demotix.com
1	fonts.googleapis.com	demotix.com
1	6mgu2.r.a.d.sendibm1.com	1 redirects
50	12

This site contains links to these domains. Also see Links.

Domain
www.zergnet.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.rocketcdn.me R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.zergnet.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://demotix.com/
Frame ID: DFFF400EB8E8A82C83F2F69ED903E38A
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://6mgu2.r.a.d.sendibm1.com/mk/cl/f/wM4WDMhteDkj5S623ZUmHF9Fv14Mcci4ijc1EBLAlCmV5gwJV7HNn3wv3Z6M5axzWDd3... HTTP 302
https://demotix.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

50
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

1163 kB
Transfer

3162 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zergnet.com/privacy-widget
Title: Powered by ZergNet

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6693735/88038/0/0/237002136/1
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6635761/88038/0/0/237002136/2
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6645737/88038/0/0/237002136/3
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6662839/88038/0/0/237002136/4
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6677436/88038/0/0/237002136/5
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6642551/88038/0/0/237002136/6
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://6mgu2.r.a.d.sendibm1.com/mk/cl/f/wM4WDMhteDkj5S623ZUmHF9Fv14Mcci4ijc1EBLAlCmV5gwJV7HNn3wv3Z6M5axzWDd3Gt7SPDCguXcIfx2ZOWjm1P2VbAAv20EX7ewvhayJICNnUf4SrYEW0YKiJBUF8Ei-A1uZmlVvhHhxVxxBV_HBCydnLFsQYw HTTP 302
https://demotix.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9=

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
demotix.com/
Redirect Chain

https://6mgu2.r.a.d.sendibm1.com/mk/cl/f/wM4WDMhteDkj5S623ZUmHF9Fv14Mcci4ijc1EBLAlCmV5gwJV7HNn3wv3Z6M5axzWDd3Gt7SPDCguXcIfx2ZOWjm1P2VbAAv20EX7ewvhayJICNnUf4SrYEW0YKiJBUF8Ei-A1uZmlVvhHhxVxxBV_HBCydn...
https://demotix.com/

149 KB
29 KB

160ms
133ms

Document
text/html

2606:4700:3032::6815:7b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:7b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.7 PleskLin
Resource Hash: af6313fd178be5ce86158360aaa0cc391d12aafe7dabb5e62f869ffd67f279a1

Request headers

:method: GET
:authority: demotix.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.7 PleskLin
last-modified: Sun, 08 Aug 2021 23:16:53 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=0
expires: Sun, 08 Aug 2021 23:54:59 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYXjNm%2BKTcg%2FVTFLoiPKLEqXEywbKa90OAfenGYTdQRPsOJwWp0uYlt41RXDOrTlq2oNKdyV0wHWaj%2FbKJUq6A1DyZ2oiV8hoTozv5TUw%2FIC9zg6jIKiz86FzDOk2CgW7XjVmDeV%2FYj5hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67bcac496824dfdb-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Content-Length: 43
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Aug 2021 23:54:59 GMT
Location: https://demotix.com/
X-Content-Type-Options: nosniff
X-Sib-Server: SENDINBLUE-red2-2
X-Xss-Protection: 1

GET
H2 200 d7496f1adc850230df5f891d0e73fa83.css
m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/ 867 KB
118 KB 118ms
39ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 428fe46b41b908a7f6d29c0cea887742452466ad9c01069eea20fe1b7d9a6de0

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73F6mp1aZXHfn4WmY44WU44L3lqsL1KJVKLuAP2QdVFyBMSr3Ar7gk78jzz%2FpNrUIRF3JoLeu1Ot6q6ptm%2F0M%2BUCwIb%2Bjlvk93ZpjHq5mBKKiT92k5x%2F2ulSaWkmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 120036
last-modified: Wed, 28 Jul 2021 22:10:11 GMT
server: cloudflare
etag: W/"6101d5c3-d8b7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds212.sk1.c
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb39c7d15dc-ARN
link: <https://demotix.com/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css>; rel="canonical"

GET
H2 200 css
fonts.googleapis.com/ 45 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Requested by

Host: demotix.com
URL: https://demotix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a523fe332ebc8586dd33b9946572de84baf2857a62589c42b9f9e8b03be4e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 23:01:53 GMT
server: ESF
date: Sun, 08 Aug 2021 23:54:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 23:54:59 GMT

GET
H2 200 jquery.min.js Show response
m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/ 87 KB
31 KB 172ms
109ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477593
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmFUgk0nGq8HSFyAjWz9ljSCYf2VTx4W212PHRcux38sdzsu62gOvJnQpakzmUNdKZBn16WaDaWywTuaaMaINO0Nf3Cg%2FltnlCxjuGJ8X%2FN8icnht%2FdII8BT1Hhuow%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30900
last-modified: Fri, 23 Jul 2021 09:30:02 GMT
server: cloudflare
etag: W/"60fa8c1a-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds066.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fc62e2edac0-ARN
link: <https://demotix.com/wp-includes/js/jquery/jquery.min.js>; rel="canonical"

GET
H2 200 jquery-migrate.min.js Show response
m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/ 11 KB
4 KB 162ms
106ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477639
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLpKfWZW4r3MJFwd0rjInQPua2s%2Fwmnq1BcAcT00OyYc4Fsu%2F5ib68JoxMFwOEjn2fRRi41%2FZs1ymef9ipveVnH%2FWLqLt09UlJNOUN63jAtyeLy5jyrTo0U3q9PoVg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4165
last-modified: Wed, 09 Dec 2020 11:54:16 GMT
server: cloudflare
etag: W/"5fd0bae8-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds014.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fc639c316a5-ARN
link: <https://demotix.com/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"

GET
H2 200 regenerator-runtime.min.js Show response
m9h7a2k2.rocketcdn.me/wp-includes/js/dist/vendor/ 6 KB
3 KB 161ms
106ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477590
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kAo1q5OHfpW9ZGMj6LQtpwMsbIx8e7hLw9tltEsmxW9J6UZTy0gydZDINO7r1E2TEunpZStaigfNLEbt3Ebu1ZlTufhydevXTUHPm5B8i191xaiJSA0BwY04zgvOg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2378
last-modified: Fri, 23 Jul 2021 09:30:02 GMT
server: cloudflare
etag: W/"60fa8c1a-1906"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds228.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb39c7a1695-ARN
link: <https://demotix.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js>; rel="canonical"

GET
H2 200 wp-polyfill.min.js Show response
m9h7a2k2.rocketcdn.me/wp-includes/js/dist/vendor/ 16 KB
6 KB 161ms
106ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477590
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Autw4oYLrSeC4sq8WlX3K4G6jKV1jKr5XpzMMOOTNss2zbAwJoqpx3dloQJRcwOV%2FdG1h6J20xpLZ%2Fh3SJHH5cCPU6L4EatglMkYCtDJ9lmX7cz7kzKcC%2FzpM%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5988
last-modified: Fri, 23 Jul 2021 09:30:02 GMT
server: cloudflare
etag: W/"60fa8c1a-4056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds026.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3ac8c0d36-ARN
link: <https://demotix.com/wp-includes/js/dist/vendor/wp-polyfill.min.js>; rel="canonical"

GET
H2 200 dom-ready.min.js Show response
m9h7a2k2.rocketcdn.me/wp-includes/js/dist/ 1 KB
1010 B 169ms
114ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477590
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAHWIMRwkOyU%2FiXs5N8OAVE3B5381MMvdpsyE426c8BVeXlnKDqpvTsnm0KHhSqBRGQE%2FDV1btPI4YOiLQkN7PAKv9oOollQqOpXX94f7ORM%2FKzk4tYgmF0HsD4dZw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 604
last-modified: Fri, 23 Jul 2021 09:30:02 GMT
server: cloudflare
etag: W/"60fa8c1a-4e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds235.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3db5ecad8-ARN
link: <https://demotix.com/wp-includes/js/dist/dom-ready.min.js>; rel="canonical"

GET
H2 200 base-7fa7ea725284685ba78c351857215ef4.js Show response
m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 318 B
658 B 105ms
103ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base-7fa7ea725284685ba78c351857215ef4.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: a063d956be54d8d9c63a3463b154c89bcfeeb883db239966909f15b833fff0b9

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GE9pha8Z570HDZr58ap0NqDTm71eUI8SiOqtRJpHt4mG%2FE7CB42B7JHXjsap5GgO1dVHVm4%2BbU48dU4rgAMu8LynyBtrswEsGJ%2BYppy6RubVxlRbkhsPIqFr%2FaOqg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 193
last-modified: Wed, 28 Jul 2021 22:10:11 GMT
server: cloudflare
etag: "1627510211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds213.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3a92d1685-ARN
link: <https://demotix.com/wp-content/cache/min/1/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base-7fa7ea725284685ba78c351857215ef4.js>; rel="canonical"

GET
H2 200 c4wp-public-f043d830794067e46b4e6085b3053b5c.js Show response
m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/wp-captcha/assets/js/ 423 B
687 B 105ms
104ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/wp-captcha/assets/js/c4wp-public-f043d830794067e46b4e6085b3053b5c.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 67c1739fe29534bb44be29aabeae8a82972ebae824d75d0ff579d8405d0df706

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs04zuEddDL3zjjPkRli%2BhtE3UMNRSzR5Jag0G0%2FGNMFsmtkYjMq9TSU4dd3EGvGYTYPRjUwtfzUVgFkqMWdYG%2BOj7fhAS1HzO6zTZFWakm4t2YkI%2F7t6Tp6ZZgiKw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 238
last-modified: Wed, 28 Jul 2021 22:10:11 GMT
server: cloudflare
etag: "1627510211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds012.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3bb54cb0c-ARN
link: <https://demotix.com/wp-content/cache/min/1/wp-content/plugins/wp-captcha/assets/js/c4wp-public-f043d830794067e46b4e6085b3053b5c.js>; rel="canonical"

GET
H2 200 flatpickr.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 47 KB
14 KB 105ms
104ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.8
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477590
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue%2FRuQnfh5rCWQ5x7cXzqGxLoBPtsSsCxv6M9NNAenggMhMuq2hDUkbbSFyZ3kIyKQbkNM6ESdxgxOf3VljqR28%2FGIq1r1Dq2j4cj2LF%2F%2B4pYQjuy1yWpd%2FVHl%2B5Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13743
last-modified: Wed, 14 Jul 2021 08:43:50 GMT
server: cloudflare
etag: W/"60eea3c6-bd86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds012.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3bcab0d36-ARN
link: <https://demotix.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js>; rel="canonical"

GET
H2 200 select2.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 108ms
107ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.8
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477593
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQgtOOFar%2FxpU4uhGzL64pWEm25T05XxEEO2%2BIfPpiSgpY9Zr8bFGgJeh3q1JCnW%2FO%2F9zS7gAQL%2BUnDOAoTAiEiWrUGeru%2FlIGRjQPf%2F1QznOpHOI1Gn%2F%2Bfk8l5Trw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19880
last-modified: Wed, 14 Jul 2021 08:43:50 GMT
server: cloudflare
etag: W/"60eea3c6-114c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds014.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fc63efd0d52-ARN
link: <https://demotix.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js>; rel="canonical"

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/shantel-network/ 299 KB
30 KB 214ms
142ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b29810beb4e7ead5d5568547e920449d491dfba8b6e35fab52f3fd25f89b6eab

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CqacpqQkvM_caHlr7VdPeYVoDmnJqQjV
content-encoding: gzip
etag: "eea7659cd370dcce0d180518e5bbd835"
age: 0
x-cache: HIT
content-length: 29922
x-amz-id-2: GFwxMd7LWyLGdXcEZHoHkW9wexkggCdyUuJgCZ9iYbLU0qK/faq7Xf+bl3oR6CBhqYP9Vj7M9Ok=
x-served-by: cache-fra19170-FRA
last-modified: Sun, 08 Aug 2021 09:13:49 GMT
server: AmazonS3
x-timer: S1628466900.681225,VS0,VE108
date: Sun, 08 Aug 2021 23:54:59 GMT
vary: Accept-Encoding
x-amz-request-id: RP17JZR980A4JMTP
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 1

GET
H2 200 Demotix-Logo-2019.png
m9h7a2k2.rocketcdn.me/wp-content/uploads/2019/04/ 5 KB
6 KB 117ms
105ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2019/04/Demotix-Logo-2019.png
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 76cc848735904819c9ad685d4cb53fba8ea7de5d7634fda6c9e4b2bca1dd5f1a

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 472696
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLpfHhZtsNP9e8DQ%2F%2Ff6Z9p0VPSrHW4wvRVZyhOibhsy9OlpK2Gf5%2Fj6yXNjoUfRlQM1ylrnm7IlWwhOww9SIlrXyg82ZJELGnXv8B7urvzbLga5d%2BDLfkcrrBckwg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5410
last-modified: Sat, 05 Jun 2021 20:28:21 GMT
server: cloudflare
etag: "1622924901"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds203.sk1.c
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 67616fb3aa1116a5-ARN
link: <https://demotix.com/wp-content/uploads/2019/04/Demotix-Logo-2019.png>; rel="canonical"

GET
H2 200 penci-holder.png
m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/images/ 125 B
585 B 116ms
104ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/images/penci-holder.png
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 472696
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etls2iXe3MmuA8pdzPi07TgQI%2B5GJvkQ4SwKFU8c3q%2B0xLcCACLMgU1ffiug7NaMTLuheOLn4bqWYCpd%2BZEABO7snXNa27BCcKJcTr17c5VJOsqp9pecFoaV5HorGA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 125
last-modified: Mon, 05 Jul 2021 13:26:17 GMT
server: cloudflare
etag: "1625491577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds026.sk1.c
content-type: image/png
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 67616fb39cbd15f0-ARN
link: <https://demotix.com/wp-content/themes/soledad/images/penci-holder.png>; rel="canonical"

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:05:55 GMT
x-content-type-options: nosniff
age: 200944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:05:55 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:46:52 GMT
x-content-type-options: nosniff
age: 482887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 09:46:52 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:35:43 GMT
x-content-type-options: nosniff
age: 458356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29400
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:35:43 GMT

GET
H3-29 200 EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v12/ 34 KB
34 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be5daba1b69c2dad0eed50cc17bea9659ab23d79d8d412dc8e5c6013b41f39c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 538125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34732
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:14 GMT

GET
H3-29 200 email-decode.min.js Show response
demotix.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
8ms Script
application/javascript 2606:4700:3032::6815:7b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://demotix.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: demotix.com
URL: https://demotix.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:7b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: demotix.com
referer: https://demotix.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 10:50:45 GMT
server: cloudflare
etag: W/"610bc285-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6duVXlMYi9U1fT%2BuihOiXt4WTv835ltnf4a5zVLO0i0rwb%2FveEHhrH2EqbRm5%2BGMc5wOrvO4aOLyenXnWlVeB1i1uimcqEU8C9%2BPWPb4cC6lI%2Bv2gdpadlOCs9NS2tKH8%2FhTwFqbcO3Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67bcac4aceb24ece-FRA
vary: Accept-Encoding
expires: Tue, 10 Aug 2021 23:54:59 GMT

GET
H2 200 frontend.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 108ms
107ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.1.15
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR3049XqIsgvSfTrdgi13KscXKZYKSumiN1FYVsTIeKkX3HfsPZWmkzQFkzi%2FE3CyohxB0UBZqpHKoeTxO3XOOayBPR%2FRS743Vls%2Bdicjg4iCyjiip3TJ4j7hOhjAA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2271
last-modified: Tue, 03 Aug 2021 08:04:36 GMT
server: cloudflare
etag: W/"6108f894-236e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds069.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 678e2389f9741699-ARN
link: <https://demotix.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js>; rel="canonical"

GET
H2 200 libs-script.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/js/ 169 KB
47 KB 112ms
111ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/js/libs-script.min.js?ver=7.9.5
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: b502364d386c7cec8866d76dcb7c89291bd919d1653ee64958e2078ce8495089

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 35966
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzqFXK30x65VI4i1doOaspqTlup8f3TdD4g3EgS%2BunooZ%2FV6eF1Lx3M0P1eOL7s1XFtya1LVboRkVphMWYagU5dhVgBcW3MPWiXSDvOn6jy2jlw8l%2FYVDSMIk%2BTBhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47652
last-modified: Wed, 28 Jul 2021 12:10:29 GMT
server: cloudflare
etag: W/"61014935-2a5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds021.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3ccfd15dc-ARN
link: <https://demotix.com/wp-content/themes/soledad/js/libs-script.min.js>; rel="canonical"

GET
H2 200 main-8184d38cc5b8cce140abb39ff6e94191.js Show response
m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/soledad/js/ 41 KB
10 KB 119ms
118ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/soledad/js/main-8184d38cc5b8cce140abb39ff6e94191.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: bebf84575bce26cdb5f47cf88c32599c4ce85f81aadaed3f6ba9beda08c92afe

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAT%2BTqI5TXVThkPfTdBAIe7N1JCqRTBeuE3LaxMLvFTUz%2BRSgJ5PFetExDRbddueyHUhgOQk3lJjJC8Wc8n3eU6YfZ3DjiTWHhrW8%2FmnIt%2BVzw%2FfBCdj3HTI8DbcrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9391
last-modified: Wed, 28 Jul 2021 22:10:11 GMT
server: cloudflare
etag: W/"6101d5c3-a350"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds204.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3bf49caf8-ARN
link: <https://demotix.com/wp-content/cache/min/1/wp-content/themes/soledad/js/main-8184d38cc5b8cce140abb39ff6e94191.js>; rel="canonical"

GET
H2 200 post-like-b81b1fc112a75053e0e246da07cdad69.js Show response
m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/soledad/js/ 857 B
853 B 120ms
119ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/soledad/js/post-like-b81b1fc112a75053e0e246da07cdad69.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 29390faf8abf06c02cd71e000170f65af674957aea785f1b74b292dd40c75b05

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rj0ES1tjAoqxss5Z0lx9xMz%2FoImRYM%2BSVNPISiH6lglWhnHRcjeycaTVwQEC3jbGV3LkfpbweHRSsEas2xEu7k0%2BVDqtwoVI%2FkBrRNmmFSVH4NuFtLZ9tQelCtcu4A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 405
last-modified: Wed, 28 Jul 2021 22:10:11 GMT
server: cloudflare
etag: "1627510211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds044.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb418eaf16a-ARN
link: <https://demotix.com/wp-content/cache/min/1/wp-content/themes/soledad/js/post-like-b81b1fc112a75053e0e246da07cdad69.js>; rel="canonical"

GET
H2 200 front.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 120ms
119ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.0
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477636
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUJALhU0FR6bNDjfqreZwQ0Y0gZlP%2BOKde5HMmLzpwuAiFJMRDR1gDT0CAGIc0nkRtweHBEt9mOB3yH3oFtbPeu2kNUFkP9GKSEQAH5IxUnXJJiVfI%2BhaOjte7zjBg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1937
last-modified: Sun, 11 Jul 2021 23:50:07 GMT
server: cloudflare
etag: W/"60eb83af-20b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds212.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3982e1691-ARN
link: <https://demotix.com/wp-content/plugins/cookie-notice/js/front.min.js>; rel="canonical"

GET
H2 200 lazyload.min.js Show response
m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 121ms
120ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477636
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQZZgNa181qBU%2Fb8dQk8Qq4DN8K3BJs1Kr%2B1Z%2FByoRLr3%2FYcmeFoTK26Gb18M0oJBkKTJeRloloZMOlWZy41Hg9GayV77sF28e0%2BKM9YerJh%2F3f68Nrmb0KouUkyow%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2692
last-modified: Wed, 31 Mar 2021 11:50:14 GMT
server: cloudflare
etag: W/"606461f6-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds224.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 67616fb3bd75dab0-ARN
link: <https://demotix.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js>; rel="canonical"

GET
H2 200 zerg.js Show response
www.zergnet.com/ 7 KB
3 KB 525ms
123ms Script
application/javascript 34.235.180.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=88038
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.180.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-180-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0e1ea3fa78a2b17a30b99a0a0fb3a98a781025c42d5f9dc3d1431f2fafe21ce8

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
content-encoding: gzip
expires: Sun, 15 Aug 2021 23:55:00 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery-1.8.2.min.js Show response
code.jquery.com/ 91 KB
33 KB 26ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.2.min.js
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16cfb"
vary: Accept-Encoding
x-hw: 1628466899.dop216.fr8.t,1628466899.cds056.fr8.hc,1628466899.cds201.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33384

GET
H2 200 searchsubmit.png
m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/images/ 279 B
668 B 117ms
117ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/images/searchsubmit.png
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: e1c1780a74c1fff77322398211f259a7499b282e572fca3fb9fcddc5f5b55d01

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:54:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 472698
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtpYkVutOj0tPEap6D28AWgPBX9ubh4hhQOcYCDyLaH%2BPgmZ9Q%2BTaUmD0dPjh8yy5rWwlgKEvKx9aRZ4vEVlvdWoqEFEmwcdh%2B%2F%2BGrdjp%2FiHWzEW9Y0Au9pSeC9BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 279
last-modified: Mon, 05 Jul 2021 13:26:17 GMT
server: cloudflare
etag: "1625491577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466899.cds052.sk1.hn,1628466899.cds014.sk1.c
content-type: image/png
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 67616fc63e300d3a-ARN
link: <https://demotix.com/wp-content/themes/soledad/images/searchsubmit.png>; rel="canonical"

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 538115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H2 200 fontawesome-webfont.woff2
m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/fonts/ 75 KB
76 KB 414ms
45ms Font
font/woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: m9h7a2k2.rocketcdn.me
URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://demotix.com
Referer: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477637
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndCziiQW42Iu1JkrZ7vs2T25io3oF%2Byv41%2B%2B4JsWr9hVcvrWazvIVK%2BJTJWJcGZMHUIr8zcuVrcfszTjf2BdODfYlJY3dM6PihjxgoPtDc4P3ZlUEKcPdyH0e65ytQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 05 Jul 2021 13:26:17 GMT
server: cloudflare
etag: "60e30879-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds017.sk1.hn,1628466900.cds055.sk1.c
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 67616fb87c24cad4-ARN
link: <https://demotix.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2>; rel="canonical"

GET
H2 200 penciicon.ttf
m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/fonts/ 41 KB
21 KB 466ms
97ms Font
application/font-sfnt 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/themes/soledad/fonts/penciicon.ttf
Requested by: Host: m9h7a2k2.rocketcdn.me
URL: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 14d58600f8072475498254d3d389a0522150add829da0f109178137c43286cf5

Request headers

Origin: https://demotix.com
Referer: https://m9h7a2k2.rocketcdn.me/wp-content/cache/min/1/d7496f1adc850230df5f891d0e73fa83.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477637
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVewc7g3KPD2OLVPk2D%2Fetn4We%2FGfF7tylBiEuMGFk4YTU1KVeMjqJJvDCXfHVFnw55ZS77GsRWbwEiNKjRzVKg2IF%2F4imLjQ8hc9IWIHLjxufcFi9Sx2Z3zU7kxfg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21340
last-modified: Mon, 05 Jul 2021 13:26:17 GMT
server: cloudflare
etag: W/"60e30879-a374"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds017.sk1.hn,1628466900.cds021.sk1.c
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 67616fb82d2715dc-ARN
link: <https://demotix.com/wp-content/themes/soledad/fonts/penciicon.ttf>; rel="canonical"

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options: nosniff
age: 200892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:06:47 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://demotix.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:08:54 GMT
x-content-type-options: nosniff
age: 200765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:08:54 GMT

GET
H2 200 impl.20210808-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 35ms
34ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210808-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1fa77cbca5fca3b8ec38d6ef9663d80ccde2373b64f814d74c236cb2aa3a29a0

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 42Kwq046k.R7O.8p7RQdLzUIjcPwP_wZ
content-encoding: br
etag: "500dad4ff87f48faa3c0bb81fe745548"
age: 25252
x-cache: HIT
content-length: 120526
x-amz-id-2: CAeAOYW6jN7zRALDL8dCNE7j3Y49zhrr8Z6SnOeFJgBhSHjKCC9P4guNzx5s9kArouWBJbuoG2s=
x-served-by: cache-fra19170-FRA
last-modified: Sun, 08 Aug 2021 08:52:37 GMT
server: AmazonS3-br
x-timer: S1628466900.973465,VS0,VE0
date: Sun, 08 Aug 2021 23:54:59 GMT
vary: Accept-Encoding
x-amz-request-id: 4TDSJZZK76BE731A
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 50
x-cache-hits: 78862

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 129ms
41ms Script
application/javascript 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/shantel-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:53:48 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 73
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: ZDMKFFQgN2luuxAZeJuBGvaDqposs3gjtx-SGBulSHWvg7hUTeHigQ==

GET
H2 200 Donald-Trump-1-1-585x529.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/ 18 KB
19 KB 342ms
41ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/Donald-Trump-1-1-585x529.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: a937a7a9fa08611288c94b828fd85413ff9de8d68bc7cb06282f9b25d8ac999d

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVmmhLgR%2FpU%2BR7S8WqSZ5OBtCMHddcNWbPJpyXQxo%2FgQYSu8k7Dd6Swckkbo2IEntG%2FEKFgIZWcnSsZBSmatIItBxV11J0rdGwyO2zUSOooVhzmirYJ3B80LwwyGrA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18520
last-modified: Sun, 08 Aug 2021 18:32:05 GMT
server: cloudflare
etag: "1628447525"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds052.sk1.hn,1628466900.cds233.sk1.c
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 67bb78626e9ecb0c-ARN
link: <https://demotix.com/wp-content/uploads/2021/08/Donald-Trump-1-1-585x529.jpg>; rel="canonical"

GET
H2 200 Donald-Trump-2-585x585.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/ 25 KB
25 KB 344ms
42ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/Donald-Trump-2-585x585.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 260bc9691660058c3a3169735a197f8d47fe3160bc6a474d71819adc836e3be9

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bs3L3KBhJ9t9g50Q%2FwM4fq%2Blg17DgR3LefZQVFS5Youe6yPVhIMv5nA6NAXAG36H3HagzXlrE8AqJPpu%2F4TcSofcphGcmIEkQANNFHJk9zHwIbn7P1tx0hFoUB2R%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25494
last-modified: Thu, 05 Aug 2021 20:10:27 GMT
server: cloudflare
etag: "1628194227"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds052.sk1.hn,1628466900.cds020.sk1.c
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 67a2fcc16a39cb08-ARN
link: <https://demotix.com/wp-content/uploads/2021/08/Donald-Trump-2-585x585.jpg>; rel="canonical"

GET
H2 200 Donald-Trump-585x585.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/ 10 KB
11 KB 345ms
44ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/Donald-Trump-585x585.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 6cf150cb4b7bdd9025929e8dd25c4bfcd3bb9ed9386529cfb060299cb9f7528e

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anJlqQ6U5nZ4nCis6IxVCfqp0aSf7CaXhpJgPqJIzjBMyVZf8WETl0f7t5WMUk8sQ5yNLmpBsmbXiRiCgEqyTH13PSjS5baWZndE00q8ToiKNngCipcshTw39EhVvg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10600
last-modified: Sun, 01 Aug 2021 17:39:35 GMT
server: cloudflare
etag: "1627839575"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds052.sk1.hn,1628466900.cds201.sk1.c
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6785a8768eef15f0-ARN
link: <https://demotix.com/wp-content/uploads/2021/08/Donald-Trump-585x585.jpg>; rel="canonical"

GET
H2 200 Donald-Trump-21-585x585.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/07/ 18 KB
19 KB 345ms
44ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/07/Donald-Trump-21-585x585.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 5bdae6907207e753bcaee8560627d0707c23ad6da0f6c89dc8d04dc6a9f2aab6

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8awhZs1rAtlkNdrVYhb5QxQ2pWSoTJ5iW3fjgAQMW4MaCVuwgbGZd%2B%2BwvOxf4wRlegipLjwxbDS46GCnw7mpkrspWosx1V4jAANxbVxIRb5Ilv4VJsSgSxQ6ygZnSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18764
last-modified: Thu, 29 Jul 2021 16:31:57 GMT
server: cloudflare
etag: "1627576317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds052.sk1.hn,1628466900.cds018.sk1.c
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6767d72be9ed0b69-OSL
link: <https://demotix.com/wp-content/uploads/2021/07/Donald-Trump-21-585x585.jpg>; rel="canonical"

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9=

64 B
329 B

54ms
54ms

Image
image/gif

13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9=
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: EiSmRNbK5UxOa9lQVMuWoooZ0Y6544ug-HkYhfFgMt1wpEhVU6jebg==

Redirect headers

date: Sun, 08 Aug 2021 23:55:00 GMT
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1628466900141&ns_c=UTF-8&cv=3.5&c8=DemotiX%20-%20Global%20Magazine%202021&c7=https%3A%2F%2Fdemotix.com%2F&c9=
content-length: 195
x-amz-cf-id: SLnmuDxj6XEQFRWFnAhbmkNO3S4ifXa_8rzsyx_kuXiHvG1Cd9COyg==

GET
H2 200 output.js Show response
www.zergnet.com/ 5 KB
2 KB 124ms
124ms Script
application/javascript 34.235.180.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=88038&time=1628466900169&sc=1&callback=json1845544
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=88038
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.180.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-180-50.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f228753130cd666455fc04a87b76f0f736cfc9316a7f2c534934cd34f47d116a

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 23:55:00 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 6693735_300.jpg
img4.zergnet.com/ 19 KB
20 KB 130ms
42ms Image
image/jpeg 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6693735_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd4dacd8b98b71614ec20a0b125f481ae50114cffa4c14c638f52116c6b29816

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 13:50:59 GMT
Via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Age: 295442
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 19576
Last-Modified: Thu, 05 Aug 2021 13:28:06 GMT
Server: AmazonS3
ETag: "268056c4af5fee87debe87b103c42d16"
x-amz-version-id: xFVHo5mSg17XAcuMeRBEbMZ5pqgoRMbb
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: fg8ajf__NtefpRlS35nb1Dz7G4HI-l4270GV_eX3fuXyhWZspsM5ow==
Expires: Fri, 05 Aug 2022 13:28:05 GMT

GET
H/1.1 200
OK 6635761_300.jpg
img2.zergnet.com/ 13 KB
13 KB 137ms
48ms Image
image/jpeg 13.224.96.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6635761_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-40.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 158f51e470ae48a64566f453b560530a9ce360edd26f0d32f88aa5b326034759

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 13:34:48 GMT
Via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
Age: 2283613
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 13174
Last-Modified: Tue, 13 Jul 2021 13:31:03 GMT
Server: AmazonS3
ETag: "f329a76ec67c0646cba39381d23b4d87"
x-amz-version-id: MUTlbnAQSDDt1XRFR3d8tlXpPeMO2S60
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: Bx5K3KoMEtloyjoXtrxreEhqsPvIjQuUadlnwHO9w3lMoaUqmAdE6w==
Expires: Wed, 13 Jul 2022 13:31:02 GMT

GET
H/1.1 200
OK 6645737_300.jpg
img2.zergnet.com/ 12 KB
12 KB 148ms
53ms Image
image/jpeg 13.224.96.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6645737_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-40.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ea3cff97e30efda031d62b075f22f215898f32bd4f35296baafd608df42dbfd

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 14:20:08 GMT
Via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
Age: 2021693
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12036
Last-Modified: Fri, 16 Jul 2021 13:56:19 GMT
Server: AmazonS3
ETag: "257410bbc4865600fc4db28b5e109e13"
x-amz-version-id: hZnxUPdDZBR67UY7JaS3fV6_G9foAdY8
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: LxhJbt15lOozrMo031TPeIp_tfWwAprKXPLBormfhW25T0UQEMO1nQ==
Expires: Sat, 16 Jul 2022 13:56:18 GMT

GET
H/1.1 200
OK 6662839_300.jpg
img4.zergnet.com/ 24 KB
25 KB 143ms
52ms Image
image/jpeg 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6662839_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 257ed6286e23d2b5ec0a0d6e6ed4da981da8f48590d1bf804c0b572c90fafa76

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 12:41:19 GMT
Via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
Age: 1422822
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 24735
Last-Modified: Fri, 23 Jul 2021 12:32:27 GMT
Server: AmazonS3
ETag: "22b0c9b4d424b2b7657bed097c5690c9"
x-amz-version-id: 67LkEcA0ClXNt7776ttw_cK____OTe36
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: KxULS-InOApWPIhLpjDZely0Orox-XsMt0ikVAjbcIrjrmQHAAsL1g==
Expires: Sat, 23 Jul 2022 12:32:26 GMT

GET
H/1.1 200
OK 6677436_300.jpg
img1.zergnet.com/ 9 KB
10 KB 139ms
48ms Image
image/jpeg 13.224.96.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/6677436_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-7.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28b725a04027ec11b3f4419d41b78f36cbe970b533171a2a09c2ea8e89d91462

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 14:20:21 GMT
Via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
Age: 898479
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 9505
Last-Modified: Thu, 29 Jul 2021 14:18:12 GMT
Server: AmazonS3
ETag: "75555000c8b351a5318f440947098124"
x-amz-version-id: IciiZcdODhWqdc5vS1gyrJMlkqr4cE6y
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: ADpIGu_l44I5mCH17zPOW0ruOghbqHTmi-t0boVfGvNGXoA59bh3DQ==
Expires: Fri, 29 Jul 2022 14:18:11 GMT

GET
H/1.1 200
OK 6642551_300.jpg
img4.zergnet.com/ 24 KB
25 KB 140ms
45ms Image
image/jpeg 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6642551_300.jpg
Requested by: Host: demotix.com
URL: https://demotix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90d69a92b549a3c16be806481e7215ed5a1e9b9c94f7d0427d78a31a878ed7d7

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 00:30:53 GMT
Via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Age: 948248
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 24943
Last-Modified: Thu, 15 Jul 2021 13:54:19 GMT
Server: AmazonS3
ETag: "82de254c25dfe876a7fd297f7ce25af5"
x-amz-version-id: 8X34h0vwY.rzNbf0YvOjulyCiL0Sqsnj
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: W3JPvaWgqnvqkxaGjOaoFBfW6mGI_W_olWsLjNCrRO_CkO1tibOWsQ==
Expires: Fri, 15 Jul 2022 13:54:18 GMT

GET
H2 200 Alexa-Bliss-1170x780.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/ 114 KB
114 KB 338ms
37ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/Alexa-Bliss-1170x780.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 194c1317b958bb7a491694ae9cceeb21118481557a6fd0cad75bc6374ea4712e

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ViTO%2FWvNclUfmVVY%2B75GK8m%2BqLKzF2tQMVIgdpuFGVkoA86Rgrg%2FL5oiL%2Fi3pVvAbSptumFoeuIhtLFbmBp1aS9OkwNOY5YA7ovXmRLOaG7pWa0eeys5Se0k%2BLCBA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116260
last-modified: Sun, 08 Aug 2021 16:21:20 GMT
server: cloudflare
etag: "61100480-1c624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466900.cds052.sk1.hn,1628466900.cds207.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 67ba244bda1115ec-ARN
link: <https://demotix.com/wp-content/uploads/2021/08/Alexa-Bliss-1170x780.jpg>; rel="canonical"

GET
H2 200 Alexa-Bliss-1170x780.jpg
m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/ 114 KB
114 KB 337ms
36ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m9h7a2k2.rocketcdn.me/wp-content/uploads/2021/08/Alexa-Bliss-1170x780.jpg
Requested by: Host: m9h7a2k2.rocketcdn.me
URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare / PleskLin, RocketCDN
Resource Hash: 194c1317b958bb7a491694ae9cceeb21118481557a6fd0cad75bc6374ea4712e

Request headers

Referer: https://demotix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 23:55:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin, RocketCDN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ViTO%2FWvNclUfmVVY%2B75GK8m%2BqLKzF2tQMVIgdpuFGVkoA86Rgrg%2FL5oiL%2Fi3pVvAbSptumFoeuIhtLFbmBp1aS9OkwNOY5YA7ovXmRLOaG7pWa0eeys5Se0k%2BLCBA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116260
last-modified: Sun, 08 Aug 2021 16:21:20 GMT
server: cloudflare
etag: "61100480-1c624"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1628466901.cds052.sk1.hn,1628466901.cds207.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 67ba244bda1115ec-ARN
link: <https://demotix.com/wp-content/uploads/2021/08/Alexa-Bliss-1170x780.jpg>; rel="canonical"

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://m9h7a2k2.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.zergnet.com/zerg.js?id=88038(Line 29) Message: ZERG CONTAINER ALREADY LOADED: zergnet-widget-88038
console-api	log	URL: https://www.zergnet.com/zerg.js?id=88038(Line 29) Message: ZERG CONTAINER ALREADY LOADED: zergnet-widget-88038

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6mgu2.r.a.d.sendibm1.com
cdn.taboola.com
code.jquery.com
demotix.com
fonts.googleapis.com
fonts.gstatic.com
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
m9h7a2k2.rocketcdn.me
sb.scorecardresearch.com
www.zergnet.com
13.224.96.40
13.224.96.61
13.224.96.7
13.224.96.92
151.101.13.44
151.139.128.11
185.107.232.244
2001:4de0:ac18::1:a:3b
2606:4700:3032::6815:7b2
2a00:1450:4001:800::2003
2a00:1450:4001:831::200a
34.235.180.50
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e1ea3fa78a2b17a30b99a0a0fb3a98a781025c42d5f9dc3d1431f2fafe21ce8
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
14d58600f8072475498254d3d389a0522150add829da0f109178137c43286cf5
158f51e470ae48a64566f453b560530a9ce360edd26f0d32f88aa5b326034759
194c1317b958bb7a491694ae9cceeb21118481557a6fd0cad75bc6374ea4712e
1fa77cbca5fca3b8ec38d6ef9663d80ccde2373b64f814d74c236cb2aa3a29a0
205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2
257ed6286e23d2b5ec0a0d6e6ed4da981da8f48590d1bf804c0b572c90fafa76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260bc9691660058c3a3169735a197f8d47fe3160bc6a474d71819adc836e3be9
28b725a04027ec11b3f4419d41b78f36cbe970b533171a2a09c2ea8e89d91462
29390faf8abf06c02cd71e000170f65af674957aea785f1b74b292dd40c75b05
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3ea3cff97e30efda031d62b075f22f215898f32bd4f35296baafd608df42dbfd
428fe46b41b908a7f6d29c0cea887742452466ad9c01069eea20fe1b7d9a6de0
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5bdae6907207e753bcaee8560627d0707c23ad6da0f6c89dc8d04dc6a9f2aab6
67c1739fe29534bb44be29aabeae8a82972ebae824d75d0ff579d8405d0df706
6a523fe332ebc8586dd33b9946572de84baf2857a62589c42b9f9e8b03be4e95
6cf150cb4b7bdd9025929e8dd25c4bfcd3bb9ed9386529cfb060299cb9f7528e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
76cc848735904819c9ad685d4cb53fba8ea7de5d7634fda6c9e4b2bca1dd5f1a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
90d69a92b549a3c16be806481e7215ed5a1e9b9c94f7d0427d78a31a878ed7d7
a063d956be54d8d9c63a3463b154c89bcfeeb883db239966909f15b833fff0b9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a937a7a9fa08611288c94b828fd85413ff9de8d68bc7cb06282f9b25d8ac999d
af6313fd178be5ce86158360aaa0cc391d12aafe7dabb5e62f869ffd67f279a1
b29810beb4e7ead5d5568547e920449d491dfba8b6e35fab52f3fd25f89b6eab
b502364d386c7cec8866d76dcb7c89291bd919d1653ee64958e2078ce8495089
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be5daba1b69c2dad0eed50cc17bea9659ab23d79d8d412dc8e5c6013b41f39c3
bebf84575bce26cdb5f47cf88c32599c4ce85f81aadaed3f6ba9beda08c92afe
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e1c1780a74c1fff77322398211f259a7499b282e572fca3fb9fcddc5f5b55d01
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f228753130cd666455fc04a87b76f0f736cfc9316a7f2c534934cd34f47d116a
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fd4dacd8b98b71614ec20a0b125f481ae50114cffa4c14c638f52116c6b29816
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

demotix.com Open in urlscan Pro 2606:4700:3032::6815:7b2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

33 %IPv6

9 Domains

12 Subdomains

11 IPs

4 Countries

1163 kBTransfer

3162 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

demotix.com Open in urlscan Pro
2606:4700:3032::6815:7b2 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

1163 kB
Transfer

3162 kB
Size

0
Cookies

50 HTTP transactions
0 data transactions