urlscan.io logo urlscan.io
SecurityTrails logo

newsredir.com Open in urlscan Pro
142.93.226.180  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.papercraftsquare.com/
Effective URL: https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
Submission: On September 07 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 19 domains to perform 52 HTTP transactions. The main IP is 142.93.226.180, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is newsredir.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 18th 2019. Valid for: 3 months.
This is the only time newsredir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.58.106.71 63949 (LINODE-AP...)
2 2a00:1450:400... 15169 (GOOGLE)
3 6 119.18.52.34 394695 (PUBLIC-DO...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2 192.241.240.89 14061 (DIGITALOC...)
1 142.93.226.180 14061 (DIGITALOC...)
1 2.18.232.28 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 64.202.112.63 22075 (AS-OUTBRAIN)
52 12
1    198.58.106.71 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li581-71.members.linode.com
www.papercraftsquare.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
ajax.googleapis.com
6    119.18.52.34 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)
wiilberedmodels.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2606:4700:30::681b:bd77 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
platform.bidgear.com
2    192.241.240.89 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: server2.tiny.cc
tiny.cc
1    142.93.226.180 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
newsredir.com
1    2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
4    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
1    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com
log.outbrainimg.com
Domain Requested by
6 wiilberedmodels.com 3 redirects www.papercraftsquare.com
3 pagead2.googlesyndication.com www.papercraftsquare.com
pagead2.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tiny.cc 2 redirects
1 log.outbrainimg.com widgets.outbrain.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 newsredir.com www.papercraftsquare.com
1 ajax.googleapis.com www.papercraftsquare.com
1 platform.bidgear.com www.papercraftsquare.com
1 widgets.outbrain.com www.papercraftsquare.com
1 fonts.googleapis.com www.papercraftsquare.com
1 www.papercraftsquare.com www.papercraftsquare.com
0 rtb.adnemo.com Failed www.papercraftsquare.com
0 tags-cdn.deployads.com Failed www.papercraftsquare.com
0 tag.contextweb.com Failed www.papercraftsquare.com
0 resources.infolinks.com Failed www.papercraftsquare.com
0 assets.pinterest.com Failed www.papercraftsquare.com
0 pixel.watch Failed www.papercraftsquare.com
52 21

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
wiilberedmodels.com
Let's Encrypt Authority X3		 2019-08-22 -
2019-11-20		 3 months crt.sh
zscript.life
Let's Encrypt Authority X3		 2019-08-18 -
2019-11-16		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2019-02-24 -
2020-05-25		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
Frame ID: 7EB0667A99F86742BDA03753C38D877E
Requests: 52 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js
Frame ID: C70C2235B09AA76BE3857B70CC9EE191
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/zrt_lookup.html
Frame ID: 0A8E93F5EBBC33024047388EA9C0F371
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1567843186&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1567843186040&bpp=7&bdt=1179&fdt=62&idt=62&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8667149234959&frm=20&pv=2&ga_vid=1633389208.1567843186&ga_sid=1567843186&ga_hid=1583488740&ga_fc=0&iag=0&icsg=138&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.bwrhvdpbmf7w&fsb=1&dtd=78
Frame ID: 951827B490C43BB5C75B2E8D4C95B606
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.papercraftsquare.com/ Page URL
  2. https://wiilberedmodels.com/forwardme.php?a=1& HTTP 302
    http://tiny.cc/0048bz HTTP 301
    https://tiny.cc/0048bz HTTP 303
    https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

52
Requests

25 %
HTTPS

42 %
IPv6

19
Domains

21
Subdomains

12
IPs

5
Countries

359 kB
Transfer

981 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.papercraftsquare.com/ Page URL
  2. https://wiilberedmodels.com/forwardme.php?a=1& HTTP 302
    http://tiny.cc/0048bz HTTP 301
    https://tiny.cc/0048bz HTTP 303
    https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1 HTTP 302
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1
Request Chain 34
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1 HTTP 302
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
Request Chain 35
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1 HTTP 302
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.papercraftsquare.com/ 		77 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Server
198.58.106.71 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li581-71.members.linode.com
Software
nginx / PHP/5.6.36
Resource Hash
606cbcb00f8c760b6b79e646403c94c39ef93c37b10f6a7f4c7098d55bd80c9d

Request headers

Host
www.papercraftsquare.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sat, 07 Sep 2019 08:00:03 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.36
X-Pingback
http://wiilberedmodels.com/step.js?source=004&/xmlrpc.php
Content-Encoding
gzip
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C700%2C400%7COpen+Sans%3A400italic%2C600italic%2C700italic%2C400%2C700%2C600&ver=2015.2
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7aa4f167df16d4795dc8d8b6f2da49026a0a7bc2cc5e21cf5439f321b53e832d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Sep 2019 07:59:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 07 Sep 2019 07:59:44 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Sat, 07 Sep 2019 07:59:44 GMT
step.js
wiilberedmodels.com/
Redirect Chain
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1
144 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.18.52.34 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
1678c6761b85a123055e0c03c4835f1cdbe162e82a7078390065a318ec50563b

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Sep 2019 08:00:06 GMT
Server
nginx
X-Powered-By
PHP/5.6.40
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
144

Redirect headers

Location
https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/style_css&ver=1.7.1
Date
Sat, 07 Sep 2019 08:00:06 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
34e3ea0043c78c7008a71c662821de137e50a101968645f9495bc9a3edc89b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 07 Sep 2019 07:59:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2718277544122706904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
35043
X-XSS-Protection
0
Expires
Sat, 07 Sep 2019 07:59:44 GMT
outbrain.js
widgets.outbrain.com/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.outbrain.com/outbrain.js
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9dd38d6974a757d3bc94e20027ca31377e5c6788ab6c66b32e6e2acd95158d54

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Sep 2019 07:59:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Sep 2019 11:22:44 GMT
Server
Apache
ETag
"661cd30dffabee0aea64a188dc704078:1567669012"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
36583
logo_normal.png
www.papercraftsquare.com/wp-content/themes/pcs/images/ 		0
0
logo_normal_mobile.png
www.papercraftsquare.com/wp-content/themes/pcs/images/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
nmlz
pixel.watch/ 		0
0
ads.php
platform.bidgear.com/ 		512 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.bidgear.com/ads.php?domainid=293&sizeid=2&zoneid=625&k=5812ba70e5467
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:bd77 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c2e928f7719db6577e9114a81f88255bda67895556807857d0d56086284c58

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 Sep 2019 07:59:45 GMT
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
CF-RAY
5127252248d85976-VIE
Expires
Thu, 31 Dec 2037 23:55:55 GMT
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
step.js
wiilberedmodels.com/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=1.11.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 25 Aug 2019 08:44:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1120525
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33434
X-XSS-Protection
0
Expires
Mon, 24 Aug 2020 08:44:19 GMT
step.js
wiilberedmodels.com/
Redirect Chain
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.18.52.34 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Sep 2019 08:00:06 GMT
Server
nginx
X-Powered-By
PHP/5.6.40
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
142

Redirect headers

Location
https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
Date
Sat, 07 Sep 2019 08:00:06 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
294
Content-Type
text/html; charset=iso-8859-1
step.js
wiilberedmodels.com/
Redirect Chain
  • http://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1
  • https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1
0
0
pinit.js
assets.pinterest.com/js/ 		0
0
infolinks_main.js
resources.infolinks.com/js/ 		0
0
getjs.aspx
tag.contextweb.com/TagPublish/ 		0
0
papercraftsquare.com.js
tags-cdn.deployads.com/a/ 		0
0
adnemo.js
rtb.adnemo.com/sys/ 		0
0
hjoo.js
wiilberedmodels.com/ 		141 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wiilberedmodels.com/hjoo.js?
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.18.52.34 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Sep 2019 08:00:07 GMT
Server
nginx
X-Powered-By
PHP/5.6.40
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
141
Primary Request /
newsredir.com/
Redirect Chain
  • https://wiilberedmodels.com/forwardme.php?a=1&
  • http://tiny.cc/0048bz
  • https://tiny.cc/0048bz
  • https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
43 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.93.226.180 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc70e4dd73ec4b4780dcfdbd111802f32767ccb37f8e52098c609ab6913909c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
newsredir.com
:scheme
https
:path
/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://www.papercraftsquare.com/

Response headers

status
200
server
nginx
date
Sat, 07 Sep 2019 07:59:46 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=4c53aa79-7aa2-49b2-82c9-48f6d94bff07; expires=Mon, 07-Oct-2019 07:59:46 GMT; Max-Age=2592000; path=/; domain=newsredir.com
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

Server
nginx
Date
Sat, 07 Sep 2019 08:00:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.28
Set-Cookie
main_session=les%2FdFxNlwwl3%2Fql87cj2MVJGl3l211VzzuatSJgukzyfHkUP4p4JZNtog6%2ByPZ88jLOw7A39ioPg1GzlOl71L3pzi9jb%2FuDUzmwLDmRcWlCMujI26CQwV3pByrMniFFa7gDixYIudKLhRNagbZ%2B3ef0E2f3xk0s%2BycMvdh7DbZq1eM90ahl9%2Fb4mtoNTEFrj%2BGcpAVOs%2Fw1Q%2BB8x8WIYSIRv%2BQVuu4CY4lPPgoAwYrgw4D3xmGfrjW2t1DVnx7h9CRe98Ng7Y2J7vXkeFCCo6l869oIe5Fh%2BU56d9chJq%2BkuNvWU43M0fTHfwNderps%2BWEwFpvjtFRt47UORKvbg8yfB2ijIGXx1d4115r8O1yP2F4ksiXipmgfYJyhjKLMXu9MmyZebNSWpyAK1YsSbuRIa0kM9RgeZvnvaDv%2BZHKEHtFe6xmv4LKVdX8UIt9U85ZM1zjXPFJZj0o5IhcpaJZ1Q%2ByVc%2BZyzU%2BN8TbbjKJl95%2B6IIs9tpWOH8bvnfc9x9t%2Fq5Egp48YHhrdVPJfCXEXtcsFQvjWHmjVEFGmF8bwxxknoZvGYgVS4AaqGoY1Yvt11MXjML7%2BHNXEbzHJdVO0AdaxjBm3GT2vQ5B16mrf3UYAPgH%2BW%2FIm8J%2FuX61r; expires=Sun, 08-Sep-2019 08:00:06 GMT; path=/; domain=.tiny.cc; secure; httponly
X-Robots-Tag
nofollow, noindex
Location
https://newsredir.com/?p=gntgknbsha5gi3bpgezde&sub1=waiting&sub2=groups&sub3=dest
d2lpbGJlcmVkbW9kZWxzLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		16 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d2lpbGJlcmVkbW9kZWxzLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Sec-Fetch-Mode
cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
Date
Sat, 07 Sep 2019 07:59:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Sat, 07 Sep 2019 19:59:46 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.papercraftsquare.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 Sep 2019 07:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.papercraftsquare.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 Sep 2019 07:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/ 		222 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Sep 2019 07:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
83749
x-xss-protection
0
server
cafe
etag
850274908779307231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Sep 2019 07:59:46 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/ Frame C70C 		222 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Sep 2019 07:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
83749
x-xss-protection
0
server
cafe
etag
850274908779307231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Sep 2019 07:59:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/ Frame 0A8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190903/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190903/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://www.papercraftsquare.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 04 Sep 2019 18:43:35 GMT
expires
Wed, 18 Sep 2019 18:43:35 GMT
content-type
text/html; charset=UTF-8
etag
147867684170163064
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7266
x-xss-protection
0
cache-control
public, max-age=1209600
age
220571
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 9518 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1567843186&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1567843186040&bpp=7&bdt=1179&fdt=62&idt=62&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8667149234959&frm=20&pv=2&ga_vid=1633389208.1567843186&ga_sid=1567843186&ga_hid=1583488740&ga_fc=0&iag=0&icsg=138&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.bwrhvdpbmf7w&fsb=1&dtd=78
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1567843186&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1567843186040&bpp=7&bdt=1179&fdt=62&idt=62&shv=r20190903&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8667149234959&frm=20&pv=2&ga_vid=1633389208.1567843186&ga_sid=1567843186&ga_hid=1583488740&ga_fc=0&iag=0&icsg=138&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.bwrhvdpbmf7w&fsb=1&dtd=78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://www.papercraftsquare.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 07 Sep 2019 07:59:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 07-Sep-2019 08:14:46 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Sat, 07 Sep 2019 07:59:46 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190903/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Sep 2019 07:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1567595695661868"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28441
x-xss-protection
0
expires
Sat, 07 Sep 2019 07:59:46 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1567843186234&sessionId=c1459718-a699-f911-1085-9c9194c263d9&url=wiilberedmodels.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 Sep 2019 07:59:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-TraceId
eecf48a629e1e3d4456fc08de3c9cbde
Content-Length
4
Expires
0
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.papercraftsquare.com
URL
http://www.papercraftsquare.com/wp-content/themes/pcs/images/logo_normal.png
Domain
www.papercraftsquare.com
URL
http://www.papercraftsquare.com/wp-content/themes/pcs/images/logo_normal_mobile.png
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Lego-Batman-Paper-Toy-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/02/Pokemon-Volcanion-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/02/Pokemon-Alolan-Persian-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/02/Pokemon-Golem-V3-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/02/Pokemon-Meloetta-Aria-Forme-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2016/08/Advanced-Paper-Aircraft-Origami-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2016/07/Step-by-step-Origami-Dragon-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2016/07/Step-by-step-Simple-Origami-Unicorn-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2016/07/Step-by-step-Simple-Origami-Pliosaur-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2016/07/Step-by-step-Origami-Sea-Turtle-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Zoo-Tycoon-Green-Sea-Turtle-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Zoo-Tycoon-Orca-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Giraffe-Robot-Paper-Model-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Simple-OmniBus-Paper-Toy-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Undecided-SmartPhone-Paper-Toy-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Star-Wars-Moisture-Evaporator-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Buddha-at-Borobudur-Temple-Paper-Model-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Simple-Arena-Corinthians-Stadium-Building-Paper-Model-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Harry-Potter-and-the-Prisoner-of-Azkaban-Gold-Chest-Papercraft-180x135.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Ancient-Roman-Villa-Building-Paper-Model-180x135.jpg
Domain
pixel.watch
URL
http://pixel.watch/nmlz
Domain
wiilberedmodels.com
URL
http://wiilberedmodels.com/step.js?source=004&/wp-includes/js/wp-emoji-release.min.js?ver=4.2.4
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Zoo-Tycoon-Green-Sea-Turtle-Papercraft-100x75.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Zoo-Tycoon-Orca-Papercraft-100x75.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/uploads/2017/03/Giraffe-Robot-Paper-Model-100x75.jpg
Domain
wiilberedmodels.com
URL
https://wiilberedmodels.com/step.js?source=004&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1
Domain
assets.pinterest.com
URL
http://assets.pinterest.com/js/pinit.js
Domain
resources.infolinks.com
URL
http://resources.infolinks.com/js/infolinks_main.js
Domain
tag.contextweb.com
URL
http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=556092&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=162623
Domain
tags-cdn.deployads.com
URL
http://tags-cdn.deployads.com/a/papercraftsquare.com.js
Domain
rtb.adnemo.com
URL
http://rtb.adnemo.com/sys/adnemo.js?pzoneid=361&dmid=71&height=250&width=300&tld=http://papercraftsquare.com&cb=196419834

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| urlB64ToUint8Array function| disableHistory function| disableIncognito function| denied function| Subscribe function| CheckSubscription

1 Cookies

Domain/Path Name / Value
.newsredir.com/ Name: uuid
Value: 4c53aa79-7aa2-49b2-82c9-48f6d94bff07

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.pinterest.com
fonts.googleapis.com
googleads.g.doubleclick.net
log.outbrainimg.com
newsredir.com
pagead2.googlesyndication.com
pixel.watch
platform.bidgear.com
resources.infolinks.com
rtb.adnemo.com
tag.contextweb.com
tags-cdn.deployads.com
tcheck.outbrainimg.com
tiny.cc
widgets.outbrain.com
wiilberedmodels.com
www.googletagservices.com
www.papercraftsquare.com
assets.pinterest.com
pixel.watch
resources.infolinks.com
rtb.adnemo.com
tag.contextweb.com
tags-cdn.deployads.com
wiilberedmodels.com
www.papercraftsquare.com
119.18.52.34
142.93.226.180
192.241.240.89
198.58.106.71
2.18.232.28
2.18.234.190
2606:4700:30::681b:bd77
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2002
64.202.112.63
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
1678c6761b85a123055e0c03c4835f1cdbe162e82a7078390065a318ec50563b
18c2e928f7719db6577e9114a81f88255bda67895556807857d0d56086284c58
34e3ea0043c78c7008a71c662821de137e50a101968645f9495bc9a3edc89b25
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
606cbcb00f8c760b6b79e646403c94c39ef93c37b10f6a7f4c7098d55bd80c9d
7aa4f167df16d4795dc8d8b6f2da49026a0a7bc2cc5e21cf5439f321b53e832d
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
9dc70e4dd73ec4b4780dcfdbd111802f32767ccb37f8e52098c609ab6913909c
9dd38d6974a757d3bc94e20027ca31377e5c6788ab6c66b32e6e2acd95158d54
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f