www.evilmilk.com Open in urlscan Pro
2606:4700:e0::ac40:6622 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://evilmilk.com/
Effective URL:
https://www.evilmilk.com/
Submission: On October 18 via manual (October 18th 2019, 4:43:09 am UTC) from US

Summary HTTP 219 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 33 domains to perform 219 HTTP transactions. The main IP is 2606:4700:e0::ac40:6622, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.evilmilk.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 14th 2019. Valid for: 6 months.

This is the only time www.evilmilk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12 73	2606:4700:e0:... 2606:4700:e0::ac40:6622	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2600:9000:21f... 2600:9000:21f3:e800:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.101.39 143.204.101.39	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.241.204.180 54.241.204.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 11	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
10	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
12	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	185.33.223.100 185.33.223.100	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	172.104.21.249 172.104.21.249	63949 (LINODE-AP...) (LINODE-AP Linode)
1 8	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	38.140.99.21 38.140.99.21	174 (COGENT-174) (COGENT-174 - Cogent Communications)
11	52.18.117.195 52.18.117.195	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	208.100.17.174 208.100.17.174	32748 (STEADFAST) (STEADFAST - Steadfast)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	2606:4700:20:... 2606:4700:20::6819:9307	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	91.228.74.244 91.228.74.244	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
3	104.16.129.5 104.16.129.5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
6	152.195.34.232 152.195.34.232	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2600:9000:215... 2600:9000:2156:2e00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	13.89.35.253 13.89.35.253	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	13.225.78.17 13.225.78.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	8.41.222.100 8.41.222.100	26120 (RHYTHMONE) (RHYTHMONE - RhythmOne)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	34.206.108.72 34.206.108.72	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	77.245.58.158 77.245.58.158	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc.)
2	152.195.34.229 152.195.34.229	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	172.104.211.45 172.104.211.45	63949 (LINODE-AP...) (LINODE-AP Linode)
219	43

73 2606:4700:e0::ac40:6622 (United States) 12 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

evilmilk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.evilmilk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.evilmilk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:e800:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.39 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-39.fra50.r.cloudfront.net

theeighth-net.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.241.204.180 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-241-204-180.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.21.249 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1840-249.members.linode.com

bidder.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.140.99.21 (Wellsville, United States)

ASN174 (COGENT-174 - Cogent Communications, US)

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.18.117.195 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.174 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip174.208-100-17.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::6819:9307 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.244 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.129.5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prebid.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.195.34.232 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.89.35.253 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

engine.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
report.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
served.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viewed.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.17 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-17.fra2.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.41.222.100 (United States)

ASN26120 (RHYTHMONE - RhythmOne, LLC, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.108.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-108-72.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.58.158 (Netherlands)

ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US)
PTR: mypersonalfinancestoday.com

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.34.229 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ad.bidfluence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.211.45 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1917-45.members.linode.com

sync.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	evilmilk.com 12 redirects evilmilk.com www.evilmilk.com my.evilmilk.com	307 KB
22	bidfluence.com cdn.bidfluence.com engine.bidfluence.com server.bidfluence.com ad.bidfluence.com report.bidfluence.com served.bidfluence.com pb.bidfluence.com viewed.bidfluence.com	76 KB
21	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	327 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	261 KB
11	gumgum.com g2.gumgum.com	4 KB
10	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	115 KB
10	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	9 KB
8	openx.net 1 redirects the-eighth-d.openx.net pixfuture2-d.openx.net eu-u.openx.net	2 KB
8	adnxs.com ib.adnxs.com acdn.adnxs.com	3 KB
7	33across.com ssc.33across.com	3 KB
6	googletagservices.com www.googletagservices.com	129 KB
4	rubiconproject.com eus.rubiconproject.com fastlane.rubiconproject.com	3 KB
4	google.com adservice.google.com	684 B
4	google.de adservice.google.de	684 B
3	mgid.com prebid.mgid.com	871 B
3	quantserve.com pixel.quantserve.com	1 KB
3	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	106 KB
3	fontawesome.com use.fontawesome.com	136 KB
2	adkernel.com sync.adkernel.com	218 B
2	1rx.io tag.1rx.io	542 B
2	ad-delivery.net ad-delivery.net	1 KB
2	rtk.io bidder.rtk.io sync.rtk.io	1 KB
2	cloudflare.com cdnjs.cloudflare.com	14 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	36 KB
1	cdnjquery.com cluster-na.cdnjquery.com	356 B
1	consensu.org vendorlist.consensu.org	17 KB
1	districtm.io dmx.districtm.io	419 B
1	lockerdome.com lockerdome.com	438 B
1	ipfind.co ipfind.co	546 B
1	videoplayerhub.com theeighth-net.videoplayerhub.com	22 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	693 B
219	33

	Domain	Requested by
52	www.evilmilk.com	1 redirects www.evilmilk.com code.jquery.com thisiswaldo.com
19	my.evilmilk.com	9 redirects www.evilmilk.com
12	served-by.pixfuture.com	code.jquery.com www.evilmilk.com served-by.pixfuture.com cdn.pixfuture.com pagead2.googlesyndication.com
11	g2.gumgum.com	cdn.thisiswaldo.com cdn.pixfuture.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
9	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
7	ads.pubmatic.com	cdn.bidfluence.com ads.pubmatic.com cdn.pixfuture.com
7	ssc.33across.com	cdn.thisiswaldo.com
6	cdn.bidfluence.com	www.evilmilk.com cdn.bidfluence.com
6	www.googletagservices.com	cdn.thisiswaldo.com cdn.bidfluence.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	www.evilmilk.com cdn.pixfuture.com pagead2.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
5	ib.adnxs.com	cdn.thisiswaldo.com cdn.pixfuture.com
4	eu-u.openx.net	1 redirects cdn.pixfuture.com
4	server.bidfluence.com	cdn.bidfluence.com
4	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
4	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
3	acdn.adnxs.com	cdn.pixfuture.com
3	pixfuture2-d.openx.net	cdn.pixfuture.com
3	hbopenbid.pubmatic.com	cdn.pixfuture.com
3	prebid.mgid.com	cdn.pixfuture.com
3	pixel.quantserve.com	www.evilmilk.com served-by.pixfuture.com
3	use.fontawesome.com	www.evilmilk.com
2	viewed.bidfluence.com	cdn.bidfluence.com
2	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	pb.bidfluence.com	cdn.bidfluence.com
2	served.bidfluence.com	cdn.bidfluence.com
2	report.bidfluence.com	cdn.bidfluence.com
2	ad.bidfluence.com	cdn.bidfluence.com
2	sync.adkernel.com	cdn.bidfluence.com
2	tag.1rx.io	cdn.bidfluence.com
2	fastlane.rubiconproject.com	cdn.bidfluence.com
2	eus.rubiconproject.com	cdn.bidfluence.com
2	ad-delivery.net	theeighth-net.videoplayerhub.com
2	engine.bidfluence.com	cdn.bidfluence.com
2	cdn.thisiswaldo.com	www.evilmilk.com cdn.thisiswaldo.com
2	cdnjs.cloudflare.com	www.evilmilk.com
2	stackpath.bootstrapcdn.com	www.evilmilk.com
2	evilmilk.com	2 redirects
1	sync.rtk.io	cdn.thisiswaldo.com
1	cluster-na.cdnjquery.com	theeighth-net.videoplayerhub.com
1	vendorlist.consensu.org	thisiswaldo.com
1	dmx.districtm.io	cdn.thisiswaldo.com
1	lockerdome.com	cdn.thisiswaldo.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	bidder.rtk.io	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	ipfind.co	cdn.thisiswaldo.com
1	theeighth-net.videoplayerhub.com	cdn.thisiswaldo.com
1	fonts.gstatic.com	www.evilmilk.com
1	code.jquery.com	www.evilmilk.com
1	fonts.googleapis.com	www.evilmilk.com
219	52

This site contains links to these domains. Also see Links.

Domain
my.evilmilk.com
example.com
facebook.com
gifpit.com
www.dailyhaha.com
www.trumparea.com
www.allmotivated.com
www.lolpix.com
www.angryduck.com
www.facebook.com

Subject Issuer	Validity	Valid
sni146596.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-14` - `2020-04-21`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2019-06-16` - `2020-06-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
ipfind.co Amazon	`2019-03-31` - `2020-04-30`	a year	crt.sh
served-by.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-15` - `2021-04-24`	2 years	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2018-09-19` - `2020-11-18`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rtk.io COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2020-03-25`	3 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2018-09-27` - `2019-11-26`	a year	crt.sh
*.gumgum.com Amazon	`2019-07-31` - `2020-08-31`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
ssl377713.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-24` - `2020-04-01`	6 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ssl382979.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-21` - `2020-02-27`	6 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
sa216gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-04-19` - `2020-07-22`	2 years	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.bidfluence.com DigiCert SHA2 Secure Server CA	`2018-04-21` - `2020-06-23`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
sa300gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-06-01` - `2020-04-18`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.evilmilk.com/
Frame ID: 8FC9139429C73DD8284546AFCCB44D27
Requests: 111 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/pixfuture/728.aspx
Frame ID: 88E8339293C8E5F4D73CE9DC85FAF797
Requests: 2 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/pixfuture/728.aspx
Frame ID: E3C8DEC7E2A18B6C23DE80D636F466DC
Requests: 2 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Frame ID: 2E84C17EEBE42E3E648C98A3F015310A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 850AE87FDDB0F963FA8B1BDB8D59DC42
Requests: 10 HTTP requests in this frame

Frame: https://cdn.bidfluence.com/forge.js
Frame ID: 0ECD4496589943FD1D5A576C731B33F6
Requests: 22 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Frame ID: B8BA090E196ED71D862FBF0BA0573C53
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 981129863CA5E1E0B776AC3E5FB86F0E
Requests: 10 HTTP requests in this frame

Frame: https://cdn.bidfluence.com/forge.js
Frame ID: 1EAD64814669AD0B6CD34D00358324F9
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 41BEBB98D44FE56C6F783B64DC6598EC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 25F95315511CD5C31CD7D90BEC690D98
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0B5D29F70006349636ABD84E76A17BB8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4ACCCBCC0BF4C6F38C8C96C242BC64E9
Requests: 1 HTTP requests in this frame

Frame: https://www.evilmilk.com/spon/300framed.aspx
Frame ID: CED5306D41775127EC542CF6B6456020
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Frame ID: 0AA628B230F082DF8C0AB79CBE36BCCD
Requests: 1 HTTP requests in this frame

Frame: https://ad.bidfluence.com/serving/serving.html
Frame ID: 0E901B86903BEC79D66EF463F06991C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Frame ID: E1EF8A2322EBF83550B8D4E91957F1D4
Requests: 1 HTTP requests in this frame

Frame: https://ad.bidfluence.com/serving/serving.html
Frame ID: F99A0AAEBC6D5173EE449122601FA9D2
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Frame ID: 45B590D99A682D86E5920FA28E424777
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7175332099F460515B394E661DEDFCA7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 43198CC61732CC9B10CAAB75DA885412
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0B761C45EF52338BC98E5CA8C9649E1C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax.js
Frame ID: 87BECA2FB0570C5F68F793183B75B60E
Requests: 10 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: AA68C952721DEAE2E65D2035C0A536CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A89656558C8A7191CDAB8725378A0796
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8C296E8DE5A9172E76D0A47EF9D66363
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 22B759596EF600F205D22F3710EC0241
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: D08A489BAC614F08176E0F3B071ECA28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/zrt_lookup.html
Frame ID: B4D35D550D0248C0B2CAD6C711458039
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Frame ID: 739E5DE488EA9FB330A26235DFDE9ACD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 10AC3727DD46ECD1D0B5AAB0721BB126
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 9AFC432C82262764A972BDCFA11A70F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6DB38C5B9FF53AE267F4FDF16BD7DA87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://evilmilk.com/ HTTP 301
https://evilmilk.com/ HTTP 301
http://www.evilmilk.com/ HTTP 301
https://www.evilmilk.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

219
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

52
Subdomains

43
IPs

6
Countries

1618 kB
Transfer

4240 kB
Size

3
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://my.evilmilk.com/
Title: My.Evilmilk

Search URL Search Domain Scan URL

URL: https://example.com/
Title: Misc

Search URL Search Domain Scan URL

URL: https://facebook.com/evilmilkdotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/login/
Title: Login

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/meme
Title: Login/Register

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/16o-1a0kq1.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/tx-1a0kz7.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/tx-1a0lc4.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/252-1a0liy.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/252-1a0lk2.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/252-1a0ll3.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/252-1a0lmi.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/252-1a0lor.htm

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/go/arr-19~sqk.htm

Search URL Search Domain Scan URL

URL: https://gifpit.com/
Title: ** GIF PIT **

Search URL Search Domain Scan URL

URL: http://www.dailyhaha.com/pictures/
Title: Funny Pictures

Search URL Search Domain Scan URL

URL: http://www.trumparea.com/
Title: Trump Area

Search URL Search Domain Scan URL

URL: http://www.allmotivated.com/
Title: DeMotivational Pics

Search URL Search Domain Scan URL

URL: http://www.lolpix.com/
Title: Funny Pictures

Search URL Search Domain Scan URL

URL: http://www.dailyhaha.com/soundboards.htm
Title: Soundboards

Search URL Search Domain Scan URL

URL: http://www.angryduck.com/
Title: Angry Duck

Search URL Search Domain Scan URL

URL: https://www.facebook.com/evilmilkdotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://my.evilmilk.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://evilmilk.com/ HTTP 301
https://evilmilk.com/ HTTP 301
http://www.evilmilk.com/ HTTP 301
https://www.evilmilk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://my.evilmilk.com/p/16o-1a0kq1_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/16o-1a0kq1_t1.jpg

Request Chain 94

https://my.evilmilk.com/p/tx-1a0kz7_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/tx-1a0kz7_t1.jpg

Request Chain 95

https://my.evilmilk.com/p/tx-1a0lc4_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/tx-1a0lc4_t1.jpg

Request Chain 96

https://my.evilmilk.com/p/252-1a0liy_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/252-1a0liy_t1.jpg

Request Chain 97

https://my.evilmilk.com/p/252-1a0lk2_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/252-1a0lk2_t1.jpg

Request Chain 98

https://my.evilmilk.com/p/252-1a0ll3_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/252-1a0ll3_t1.jpg

Request Chain 99

https://my.evilmilk.com/p/252-1a0lmi_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/252-1a0lmi_t1.jpg

Request Chain 100

https://my.evilmilk.com/p/252-1a0lor_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/a/252-1a0lor_t1.jpg

Request Chain 101

https://my.evilmilk.com/p/arr-19~sqk_t1.jpg HTTP 301
https://my.evilmilk.com/p/1/9/arr-19~sqk_t1.jpg

Request Chain 212

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1594924173&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.evilmilk.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1571373776984&bpp=17&bdt=27&fdt=79&idt=79&shv=r20191015&cbv=r20190131&saldr=sa&correlator=3193100443242&frm=23&ife=1&pv=2&ga_vid=1375061067.1571373777&ga_sid=1571373777&ga_hid=911567397&ga_fc=0&iag=255&icsg=170&nhd=4&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1073&ady=215&biw=1585&bih=1200&isw=300&ish=250&ifk=4117778280&scr_x=0&scr_y=0&oid=3&pvsid=3576983028096809&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.6m1gncnehpvp&fsb=1&dtd=91 HTTP 302
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

Request Chain 217

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

219 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.evilmilk.com/
Redirect Chain

http://evilmilk.com/
https://evilmilk.com/
http://www.evilmilk.com/
https://www.evilmilk.com/

18 KB
4 KB

281ms
280ms

Document
text/html

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1d4073f865044bc14eb43a05f359e10666ab57f8493e0e56f516af75c1b3c3e

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
cookie: __cfduid=d88da8ab576532512b05c234242a7ac8d1571373771
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 18 Oct 2019 04:42:52 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=hypyfigy12zk3v4naeibjsri; path=/; HttpOnly
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5277d91a1b8396b0-FRA
content-encoding: br

Redirect headers

Date: Fri, 18 Oct 2019 04:42:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Oct 2019 05:42:51 GMT
Location: https://www.evilmilk.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5277d919fe976431-FRA

GET
H2 200 css
fonts.googleapis.com/ 5 KB
693 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

85b8bc06b70053a31f23b3cea8a06a733c1c756ee85d42414abc81a0579c6ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 18 Oct 2019 04:42:52 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 18 Oct 2019 04:42:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:52 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 63ms
20ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
23 KB 12ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 19:19:47 GMT
status: 200
etag: "1545419987"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 22972

GET
H2 200 pagination.css
www.evilmilk.com/css/ 9 KB
2 KB 16ms
12ms Stylesheet
text/css 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/pagination.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1cdc548b67a8a47b7112338a80793672300ca8a246e2e624e22a3d9c6f417f8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Sep 2018 15:06:41 GMT
server: cloudflare
age: 4404
x-powered-by: ASP.NET
etag: W/"80d63789f350d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91bfcae96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 reset.css
www.evilmilk.com/css/ 1 KB
665 B 15ms
11ms Stylesheet
text/css 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/reset.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fdf3b5ca512139b90ea3c4ae1d47a8e14a85de2f02112a351b65a1fc4cf422b5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Aug 2018 15:10:57 GMT
server: cloudflare
age: 6550
x-powered-by: ASP.NET
etag: W/"80d6cd82ce2cd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91bfcaf96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 animate.css
www.evilmilk.com/css/ 79 KB
4 KB 17ms
13ms Stylesheet
text/css 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/animate.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb9c1a8b154186d5e9c43aed0c01fc47535e49eb9c40364197b172162452465d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Aug 2018 00:35:15 GMT
server: cloudflare
age: 4404
x-powered-by: ASP.NET
etag: W/"80e3fbd6782fd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91bfcb096b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 main.css
www.evilmilk.com/css/ 11 KB
3 KB 16ms
12ms Stylesheet
text/css 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/main.css?id=1117b
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a11f9ed48fbbc5d3c929ddfcf03d09cc1c64042ea49613fca1adbf818468a98d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 6550
x-powered-by: ASP.NET
status: 200
last-modified: Sat, 17 Nov 2018 12:49:15 GMT
cf-bgj: minify
server: cloudflare
etag: W/"80972df2737ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-polished: origSize=14873
cf-ray: 5277d91bfcb296b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 nav.css
www.evilmilk.com/css/ 5 KB
2 KB 17ms
14ms Stylesheet
text/css 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/css/nav.css
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4b1ceba8c9ba507eba857c76d626abf7edf231bd1fa8096187abaffd1cef02e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Oct 2018 00:14:16 GMT
server: cloudflare
age: 6550
x-powered-by: ASP.NET
etag: W/"0fce3ab4067d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91bfcb396b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 27ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:52 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1571373772.dop129.fr8.shc,1571373772.dop129.fr8.t,1571373772.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 Just_Restart_It_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 13ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Just_Restart_It_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e9c3c14373f69d6045a3c1814269a798025d7830730f80105ddb4ce994de0e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2033
x-powered-by: ASP.NET
status: 200
content-length: 7408
last-modified: Thu, 05 Sep 2019 18:51:40 GMT
server: cloudflare
etag: "eaf14f41a64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91bfcb796b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Makes_People_Uncomfortable_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 11ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Makes_People_Uncomfortable_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f12406cfa8eff599fd6ca73ce88d27000e96a0038fa995a020f0faa6e850e4a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2033
x-powered-by: ASP.NET
status: 200
content-length: 6820
last-modified: Fri, 04 Oct 2019 15:47:21 GMT
server: cloudflare
etag: "cc56652cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c1cdb96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Kelsey_Kernstine_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 12ms
11ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Kelsey_Kernstine_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a4591efe78791083d025feb840f1fa737d0cd245d0f07206a6325400ea55eb82

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 6146
last-modified: Thu, 05 Sep 2019 19:42:00 GMT
server: cloudflare
etag: "bc416fc2164d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c1cdc96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 She_Punched_Through_s.jpg
www.evilmilk.com/thumbs/ 4 KB
4 KB 11ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/She_Punched_Through_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d12bf7931d767a8186e3165d6f113cabfdf5516fad4f8cca1724bc10d9a54653

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 4334
last-modified: Fri, 04 Oct 2019 15:47:23 GMT
server: cloudflare
etag: "799c543cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cf796b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Sitting_On_Your_Lap_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 12ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Sitting_On_Your_Lap_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ca60b95c7dac3fac4f1807927017b3e2e43479e88644f54dad87a94ca32f82c2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 5749
last-modified: Fri, 09 Aug 2019 19:01:11 GMT
server: cloudflare
etag: "eab356cfe44ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cf896b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Full_of_Win___GIFDUMP__-5_s.jpg
www.evilmilk.com/thumbs/ 6 KB
7 KB 11ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Full_of_Win___GIFDUMP__-5_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 97dd2ec74759f88b1cb20811c540dbefef59c742d8f451814df4d45631939dc1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 6645
last-modified: Thu, 03 Oct 2019 15:08:56 GMT
server: cloudflare
etag: "13d3d879fc79d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cf996b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Failing-44_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 12ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Failing-44_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4bf3e18508259a0312f4e0c3c5a664e1b6b067793b5e3b7cb8033ea7aa242ea2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 5003
last-modified: Thu, 05 Sep 2019 19:22:21 GMT
server: cloudflare
etag: "a243b3d1f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cfa96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 The_Best_Kind_Of_Sleep_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 13ms
12ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/The_Best_Kind_Of_Sleep_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 67c4ef48f843323d10ad812e870989a2b2e371796af95d2e096b0f79a85f054d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 5439
last-modified: Fri, 04 Oct 2019 15:47:23 GMT
server: cloudflare
etag: "8c81ac3cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cfb96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Come_fly_the_friendly_skies-8_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Come_fly_the_friendly_skies-8_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8c77aa521da9f97a671db4c4f6db45f3fbc3fb8c77729862c005d26ffa6028d0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 5904
last-modified: Wed, 17 Jul 2019 17:46:26 GMT
server: cloudflare
etag: "45ab858ec73cd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c2cfc96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 I_Blame_Cartoons7368_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 13ms
11ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/I_Blame_Cartoons7368_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ed112a9306d2364b977ef5a2ea9154c990d92cc6ff2c8057c826b5bf0d13ffd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 7300
last-modified: Fri, 04 Oct 2019 15:46:30 GMT
server: cloudflare
etag: "2503fe4ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d1b96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 A_True_Hero5206_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 12ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_True_Hero5206_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e8ef35e263fc1492446ce0c2ea5dc7af50bc1a316f07b38f08b2a369f6fcde8e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 6244
last-modified: Fri, 04 Oct 2019 15:47:18 GMT
server: cloudflare
etag: "d454d20cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d1c96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Many_Things_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 10ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Many_Things_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eb9f48b258b376d8065aa55ec115af3340e45307396994fbf3a3ead1dbb7ce14

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 5328
x-powered-by: ASP.NET
status: 200
content-length: 6505
last-modified: Fri, 04 Oct 2019 15:47:21 GMT
server: cloudflare
etag: "a268952cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d1d96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Social_Justice_Warriors-31_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 11ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Social_Justice_Warriors-31_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f60f7c4431b5dd862cfe25d80217a79667e7fb303a15df3ab89db51c1290277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 7004
last-modified: Thu, 03 Oct 2019 15:25:34 GMT
server: cloudflare
etag: "b356f0ccfe79d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d1e96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Girls_love_tight_dresses-57_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 11ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Girls_love_tight_dresses-57_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01aeb180d07aa6fcca3fcf0ac6d15c8742ef59a76e44960bae051fc12674a871

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6545
x-powered-by: ASP.NET
status: 200
content-length: 6664
last-modified: Thu, 05 Sep 2019 19:51:03 GMT
server: cloudflare
etag: "a4e7ed3f2364d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d1f96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Selena_Gomez_GIFDUMP8711_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 14ms
14ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Selena_Gomez_GIFDUMP8711_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7372698cd03ddf5407c8ea75ac1e2ea6c35298bddbbd35090454ef9cd9f5a502

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 5523
last-modified: Fri, 19 Apr 2019 14:26:31 GMT
server: cloudflare
etag: "4c6b39e2bbf6d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d2096b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Seduction_In_A_Marriage_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 9ms
8ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Seduction_In_A_Marriage_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3fd496f36f165955b8c65d2d5ebc7441bf14c237c2d3499fd4ca0682b19a09a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 7088
last-modified: Fri, 04 Oct 2019 15:46:34 GMT
server: cloudflare
etag: "b3f859e6ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3696b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Her_Milkshake_Brings_All_The_Boys_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Her_Milkshake_Brings_All_The_Boys_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f7b78e97f8445d885b65a3591db98243797cedebb5abce9e70ebe93b4c4cdacc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6096
last-modified: Fri, 04 Oct 2019 15:46:30 GMT
server: cloudflare
etag: "f65adbe3ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3796b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 This_Kid_Was_Right_All_Along_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 10ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/This_Kid_Was_Right_All_Along_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc87736767a55c9bc7e4d4ff2cd91fecb45f48d43ab17ef20b1e51e75d101ed8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6766
last-modified: Wed, 16 Oct 2019 16:51:49 GMT
server: cloudflare
etag: "ac4bb04284d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3996b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 WTF-119_s.jpg
www.evilmilk.com/thumbs/ 7 KB
8 KB 10ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/WTF-119_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1be90e00b660e7fe1638a06cbcd17f14813710985051c3972c7bc8755e50d423

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 7527
last-modified: Thu, 05 Sep 2019 19:22:35 GMT
server: cloudflare
etag: "f3fdb451f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3a96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Times_Sure_Have_Changed_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 10ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Times_Sure_Have_Changed_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 356f79f6dfa5bba7d74e01711e409d62756268d744b453b9219c87c64418a477

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6737
last-modified: Wed, 16 Oct 2019 12:59:09 GMT
server: cloudflare
etag: "7c047802184d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3b96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Friendly_Reminder1423_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 12ms
11ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Friendly_Reminder1423_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18caca1f0ad8bbd47cb7bf538b8eac4e4ebe71fa1e9f8773e8599128ff5d884b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6979
last-modified: Fri, 04 Oct 2019 15:47:20 GMT
server: cloudflare
etag: "bf75ad1cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c5d3e96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Might_Hurt_You_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 11ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Might_Hurt_You_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f570d9c308d60541fc74ec7274a969d6890fa16f6c6f9b8612aad3f1ff7e3d47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 4900
last-modified: Fri, 04 Oct 2019 15:46:32 GMT
server: cloudflare
etag: "2d74f2e4ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4596b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 3d_Tinder_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 10ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/3d_Tinder_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6537906d99c79f2fc93594d396c311e98f7327bce1b35e51c698c11bfa12bfa2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 5785
last-modified: Fri, 09 Aug 2019 19:01:02 GMT
server: cloudflare
etag: "38392bcae44ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4696b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Wheels_On_A_Shopping_Cart_s.jpg
www.evilmilk.com/thumbs/ 6 KB
7 KB 11ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Wheels_On_A_Shopping_Cart_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 77c0f12ca986aaa1a73d240f662d286d8e30f9804f0e475e7916ad085ce8aeef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6618
last-modified: Fri, 04 Oct 2019 15:46:38 GMT
server: cloudflare
etag: "4dd5e9e8ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4796b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Presentation_Time_s.jpg
www.evilmilk.com/thumbs/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Presentation_Time_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7f25b60f534f1b0e1a29462489d367cca03d61bc3008420540c064c09c8c8a6f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4787
x-powered-by: ASP.NET
status: 200
content-length: 6025
last-modified: Fri, 04 Oct 2019 15:47:22 GMT
server: cloudflare
etag: "fdca183cb7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4896b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Alabama_In_One_Picture_s.jpg
www.evilmilk.com/thumbs/ 8 KB
8 KB 10ms
9ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Alabama_In_One_Picture_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b721fdafa934c01607783d679274acfab966b70b1171413b0c7facb82c4fe86e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2800
x-powered-by: ASP.NET
status: 200
content-length: 7853
last-modified: Fri, 04 Oct 2019 15:46:27 GMT
server: cloudflare
etag: "35b952e2ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4996b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Morgan_Rose_s.jpg
www.evilmilk.com/thumbs/ 4 KB
4 KB 9ms
8ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Morgan_Rose_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05eafcf8c6f8b3b7e20d22142609f20a373091a1df5e46f111c0ffd3d216108b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2800
x-powered-by: ASP.NET
status: 200
content-length: 4240
last-modified: Thu, 05 Sep 2019 19:42:03 GMT
server: cloudflare
etag: "829412fe2164d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c6d4b96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 A_Nicer_Body_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 11ms
8ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_Nicer_Body_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf74b96f1def0d6fd6514daf7bcecee2f11f372ade2f88846a5e92f02199b9f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2800
x-powered-by: ASP.NET
status: 200
content-length: 7096
last-modified: Thu, 05 Sep 2019 18:51:34 GMT
server: cloudflare
etag: "c8427ff01a64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c7d5896b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 A_Spanking_s.jpg
www.evilmilk.com/thumbs/ 7 KB
7 KB 14ms
11ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/A_Spanking_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4267006e5c5881eb2fc112f17bc193cb65228ea496009b36d6f71ddb6bc01e36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2800
x-powered-by: ASP.NET
status: 200
content-length: 7295
last-modified: Fri, 04 Oct 2019 15:46:27 GMT
server: cloudflare
etag: "73fe1ee2ca7ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c7d5996b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 Full_of_Win-105_s.jpg
www.evilmilk.com/thumbs/ 5 KB
5 KB 14ms
12ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/thumbs/Full_of_Win-105_s.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 170e7f7ce74a0e14b8e9516b23a5c0e5707bb7d08e717b1f5b9aedd9e4733ffe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 2800
x-powered-by: ASP.NET
status: 200
content-length: 4811
last-modified: Thu, 05 Sep 2019 19:22:32 GMT
server: cloudflare
etag: "7085d6431f64d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c7d5a96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 mymilk-logo.png
my.evilmilk.com/img/ 12 KB
12 KB 51ms
11ms Image
image/png 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/img/mymilk-logo.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf22d33ad9ba33a825e26a0b39e24740016bb403eb2aeb136688e768bbd0bf2f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 4404
x-powered-by: ASP.NET
status: 200
content-length: 12152
last-modified: Sun, 08 Oct 2017 19:27:16 GMT
server: cloudflare
etag: "04210736b40d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c4d2696b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 51ms
20ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16007696
status: 200
served-in-seconds: 0.009
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5277d91c3df25a18-VIE
expires: Wed, 07 Oct 2020 04:42:52 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 12ms
5ms Script
text/javascript 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:54 GMT
status: 200
etag: "1544639634"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14090

GET
H2 200 modernizr.js Show response
www.evilmilk.com/js/ 11 KB
4 KB 13ms
10ms Script
application/javascript 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/modernizr.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6a32741d5cad4e3a0eeb9c115073bef55cd3639108e9d90f7cc9626d1112b3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 6550
x-powered-by: ASP.NET
status: 200
last-modified: Thu, 18 Oct 2018 00:50:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"014f0887c66d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 5277d91c1cd696b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 spon.js Show response
www.evilmilk.com/js/ 8 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/spon.js?d=050819
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9beb150113a5ef1e705d45036fd62c4aebb2f526248b02ea4307e923927a89b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2019 14:52:38 GMT
server: cloudflare
age: 6550
x-powered-by: ASP.NET
etag: W/"2bb4aead5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91c1cd796b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 notify.min.js Show response
cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/ 13 KB
7 KB 23ms
17ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16007125
status: 200
served-in-seconds: 0.009
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:10 GMT
server: cloudflare
etag: W/"5afd49fe-3562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5277d91c1fd2cbb4-VIE
expires: Wed, 07 Oct 2020 04:42:52 GMT

GET
H2 200 global.js Show response
www.evilmilk.com/js/ 359 B
353 B 12ms
10ms Script
application/javascript 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/global.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2e3cf2d3e4de45c0871be9c764efeb70bec3136f02da6c0c7f271f5fede18f36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 4227
x-powered-by: ASP.NET
status: 200
last-modified: Wed, 24 Oct 2018 00:23:23 GMT
cf-bgj: minify
server: cloudflare
etag: W/"804ffec52f6bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-polished: origSize=545
cf-ray: 5277d91c1cd996b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 1828.js Show response
cdn.thisiswaldo.com/static/js/ 34 KB
7 KB 51ms
7ms Script
application/javascript 2600:9000:21f3:e800:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/static/js/1828.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:e800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 4560abefc480c70d209a5639db85b145b4873b81e6223cf9c8772b95841bec77

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 15:27:03 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 15:03:08 GMT
server: Apache/2.4.7 (Ubuntu)
age: 21542
etag: "870f-594a3d0e42203-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6529
via: 1.1 f0dda47e8f83bee88cb60d3d2e3fa5e5.cloudfront.net (CloudFront)
x-amz-cf-id: C4SLLSwo5OYefRXpmZXtxno3I89x-arMk8xtXFuwahiL7AzW7-LKpA==

GET
H2 200 jquery.mobile-events.js Show response
www.evilmilk.com/js/ 18 KB
3 KB 13ms
11ms Script
application/javascript 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/js/jquery.mobile-events.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 28018757e9aad7b9f199922ca7f6e778bb5e90bea4c28d9a03cead8bb0869a4f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2019 13:19:12 GMT
server: cloudflare
age: 6550
x-powered-by: ASP.NET
etag: W/"d3ece6c2121d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5277d91c1cda96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7efe592b5a50327d58dfa18f6567de2201967b41d8d15c3360e571bf20b410e5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 background.png
www.evilmilk.com/images/ 1 KB
1 KB 12ms
11ms Image
image/png 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/background.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c2375c96b7f803c91a4419355c70fc649e3bab774118e7ba2f0cdbe27f8eaa1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/css/main.css?id=1117b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 3891
x-powered-by: ASP.NET
status: 200
content-length: 1266
last-modified: Sun, 05 Aug 2018 15:02:18 GMT
server: cloudflare
etag: "0b9744dcd2cd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c7d5b96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 evilmilk-logo.png
www.evilmilk.com/images/ 21 KB
21 KB 11ms
10ms Image
image/png 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/evilmilk-logo.png
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/css/main.css?id=1117b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
cf-cache-status: HIT
age: 6524
x-powered-by: ASP.NET
status: 200
content-length: 21200
last-modified: Tue, 11 Sep 2018 23:52:14 GMT
server: cloudflare
etag: "0ba2762a4ad41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d91c7d5c96b0-FRA
expires: Fri, 18 Oct 2019 08:42:52 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 25ms
25ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 07:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 595560
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10968
x-xss-protection: 0
expires: Sat, 10 Oct 2020 07:16:52 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 37ms
36ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.evilmilk.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
status: 200
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 47 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f3c28580447dd9f7dc64b2da3391e8935f7d8587ea7a9c3608200aa170d2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "310 / 419 of 1000 / last-modified: 1571336496"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15049
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:52 GMT

GET
H2 200 prebid.js Show response
cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/ 184 KB
58 KB 9ms
8ms Script
application/javascript 2600:9000:21f3:e800:4:164e:ca00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:e800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 335c28706d6fec7112516fd9e02dcacaf1bf77928e6b916b30132f034e29461b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 14:38:55 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 14:34:59 GMT
server: Apache/2.4.7 (Ubuntu)
age: 50637
etag: "2dee7-592e8dbad4a4b-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 58999
via: 1.1 f0dda47e8f83bee88cb60d3d2e3fa5e5.cloudfront.net (CloudFront)
x-amz-cf-id: oMP9wg6ctvhf0DEy3E0OzDFQd4ko3ELCHA04hQf_d1cGoyrGQ7GoNw==

GET
H/1.1 200
OK videoplayer.js Show response
theeighth-net.videoplayerhub.com/ 92 KB
22 KB 117ms
35ms Script
application/javascript 143.204.101.39
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://theeighth-net.videoplayerhub.com/videoplayer.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.39 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdcdd7cdb2e8438966b51c69ba0b1258ea36987d86e5f3afc79655a1fcbb6de9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: .KtumlNOBor9rBue61NjBiMbHMWT00fz
Content-Encoding: gzip
Last-Modified: Thu, 17 Oct 2019 19:53:57 GMT
Server: AmazonS3
Age: 62
Date: Fri, 18 Oct 2019 04:42:05 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: xxovHDYwBvbnz6nRbHvDNv1rXS2IXDigbK8iL8Ivg7UFAXXyCrQi_g==

GET
H2 200 me Show response
ipfind.co/ 337 B
546 B 523ms
186ms XHR
application/json 54.241.204.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.204.180 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-241-204-180.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 56e362299a9c4aef9e507cc05dd4a2df3c80ac036fdeb974f60dea26f5bfcd01

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
server: Apache/2.4.18 (Ubuntu)
status: 200
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 337

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/ 227 B
203 B 131ms
131ms XHR
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5277d91d0dd896b0-FRA

GET
H2 200 300.aspx Show response
www.evilmilk.com/spon/ 251 B
361 B 129ms
129ms XHR
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/300.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 44a9637c16efc6c22898f85eceec42ad61fdb770d3dd11696f9f8ca797e1c94c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5277d91d0ddb96b0-FRA

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/ 227 B
180 B 136ms
136ms XHR
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5277d91d0ddc96b0-FRA

GET
H2 200 / Show response
www.evilmilk.com/functions/myevilmilk-sidebar/ 2 KB
354 B 724ms
724ms XHR
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/functions/myevilmilk-sidebar/
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f5fd5281329b78b0587c30689389947b70cf5c3fcfb692a05eb59387d397dd2a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.evilmilk.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5277d91d0ddd96b0-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019101601.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 91ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

085e1cea2bb60aae97d238e308ce05a1be8433f1c5421283e4e582c27b91d1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Oct 2019 18:03:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58664
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:52 GMT

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 1 KB
2 KB 311ms
95ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:52 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/pixfuture/ Frame 88E8 327 B
243 B 129ms
128ms Document
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/pixfuture/728.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d88da8ab576532512b05c234242a7ac8d1571373771; ASP.NET_SessionId=hypyfigy12zk3v4naeibjsri
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Fri, 18 Oct 2019 04:42:52 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5277d91dee8f96b0-FRA
content-encoding: br

GET
H2 200 728.aspx Show response
www.evilmilk.com/spon/pixfuture/ Frame E3C8 327 B
310 B 984ms
984ms Document
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/pixfuture/728.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d88da8ab576532512b05c234242a7ac8d1571373771; ASP.NET_SessionId=hypyfigy12zk3v4naeibjsri
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Fri, 18 Oct 2019 04:42:53 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5277d91dee9796b0-FRA
content-encoding: br

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ Frame 88E8 1 KB
2 KB 273ms
95ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:52 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H/1.1 200
OK cmp.complete.bundle.js Show response
thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/ 195 KB
41 KB 562ms
147ms Script
application/javascript 52.15.219.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/1828.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: d293633e94d92cd639cf8f8dcc6755e77160483c5659c947bf6507bb74c0237f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 May 2019 23:35:43 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "30ac4-588f59ba34056-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41485

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
714 B 64ms
21ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: a2f03a4f-a7e5-4fe7-add1-1ec3f98a53c1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK aardvark Show response
bidder.rtk.io/IS9K/eu2l_UzG9_qT2e_47W7_7t7C_b8DR_5GHY/ 959 B
1 KB 996ms
443ms XHR
text/html 172.104.21.249
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.rtk.io/IS9K/eu2l_UzG9_qT2e_47W7_7t7C_b8DR_5GHY/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.evilmilk.com%2F&gdpr=false&eu2l=106d5ad48254ad2&UzG9=11311fbb020dbb5&qT2e=12716c965a53afe&47W7=1306730a8c000fe&7t7C=1472ff000bc14ea&b8DR=15e7718727fb6ff&5GHY=160a04193f15a9d&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.21.249 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1840-249.members.linode.com
Software: RTK AdStorm/1.0 /
Resource Hash: 52f3d2ba25ceb6a7f6983e2440b31045873835ff2f215ca6ab935d9b6c7333d4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: gzip
Server: RTK AdStorm/1.0
Etag: "8314bb1d77a8cd9a18f366dafba99bb7977f0b74"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Rtk-Nid: li1231-43.members.linode.com:113
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length: 258
Expires: 0

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 172 B
543 B 88ms
31ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=39fbad7a-940b-4bad-9e57-f74ceb89f8d7%2Cb6c1c198-ecc6-4e08-83b0-dad07bf44ebb%2C897f74ae-3d54-4896-b07a-015a96ade89d%2C5b7819ec-8fa3-4dbf-aeb7-01e28b6796a6%2Cc66e8ea0-9240-45fd-8c8e-152672c754b3%2Ca97d215a-076a-4db0-a0ec-e48b94eae1f2&nocache=1571373772852&x_gdpr_f=1&aus=300x250%7C160x600%7C300x250%7C728x90%7C728x90%7C300x250%2C300x600&divIds=waldo-tag-1845%2Cwaldo-tag-1846%2Cwaldo-tag-1847%2Cwaldo-tag-1848%2Cwaldo-tag-1849%2Cwaldo-tag-1997&auid=540066620%2C540066623%2C540066626%2C540066627%2C540066628%2C540144789&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: f4c6b15833c6cd5e017ddfe52c52270abcd582be9a7027eb5dbf34bc3d03aa86

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
438 B 494ms
116ms XHR
application/json 38.140.99.21
Cogent Communicat...

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 38.140.99.21 Wellsville, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 31

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 114ms
42ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 114ms
43ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7723&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 121ms
49ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 114ms
42ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7726&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 113ms
42ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7726&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 113ms
41ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 114ms
43ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7724&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 imp Show response
g2.gumgum.com/hbid/ 0
381 B 114ms
43ms XHR
text/plain 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=7722&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A7%7D&ns=9626&
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:52 GMT
server: nginx
status: 204
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 117 B
392 B 368ms
116ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: e6b648b884bcbabc707e364bfbac710ac1683ce3174ce2e7ff20f4269e6a6647

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 117 B
400 B 369ms
118ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 077de0cef87815df6b043125d194f1dbfa68e2d088aec640c25381e225cd240f

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
393 B 450ms
198ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 1023b1fcbfa04d6d4ef5414a6e8a0846dfb449b0337c491deefc5752600d5e2d

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
393 B 380ms
128ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: e57553b4ed44f16e729526e2bfb909e08cc3b443e02e898df0aa1d932bef3473

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
392 B 451ms
200ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 14895e1b5f98c020766e44cd13b375440ad954039c9f8fb06f3a60c0310e88a4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
402 B 383ms
131ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 39aee058da615ab95f33efbedc8a9b088557d90fd9c6b9ad809b4b9ff956d225

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 118 B
393 B 381ms
130ms XHR
application/json 208.100.17.174
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.174 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip174.208-100-17.static.steadfastdns.net
Software: / 33Across
Resource Hash: 54505a87d6720a3a6c80418664fe0f5da9ec7f6551ffcb5d627293e16fb11ae0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
714 B 58ms
21ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: 12c909a7-dbe5-4458-ba4c-2b805a676055
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
419 B 82ms
39ms XHR
text/plain 104.16.68.69
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.evilmilk.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5277d9212c869bd3-AMS
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame 2E84 6 KB
6 KB 204ms
204ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9bb771c6af05226308a38c3d3ba95dc834f5b60ba22d01f091e23aa352e7a4cf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 myevilmilk.jpg
www.evilmilk.com/images/ 8 KB
8 KB 16ms
10ms Image
image/jpeg 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.evilmilk.com/images/myevilmilk.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc516e2380c0c511c04a564d5d4a1195c7e4008ec62ae97095030fdf086cb048

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 4786
x-powered-by: ASP.NET
status: 200
content-length: 8337
last-modified: Thu, 27 Jul 2017 00:02:11 GMT
server: cloudflare
etag: "80348986b6d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921a96496b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

16o-1a0kq1_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/16o-1a0kq1_t1.jpg
https://my.evilmilk.com/p/1/a/16o-1a0kq1_t1.jpg

6 KB
6 KB

25ms
7ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/16o-1a0kq1_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ac9108a7811bc51479676ba86393bf735bf4ca42a05f780fd04184514b90703c

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2793
x-powered-by: ASP.NET
status: 200
content-length: 5883
last-modified: Fri, 18 Oct 2019 00:05:09 GMT
server: cloudflare
etag: "9ca3beb44785d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e99f96b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/16o-1a0kq1_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96696b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

tx-1a0kz7_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/tx-1a0kz7_t1.jpg
https://my.evilmilk.com/p/1/a/tx-1a0kz7_t1.jpg

5 KB
5 KB

28ms
8ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/tx-1a0kz7_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bff40abf6f9668fb625ff78c47bcb04eb20055cac9c38728ee9f5aa2fc584db0

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2794
x-powered-by: ASP.NET
status: 200
content-length: 5044
last-modified: Fri, 18 Oct 2019 00:10:49 GMT
server: cloudflare
etag: "2246277f4885d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e9a596b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/tx-1a0kz7_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96796b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

tx-1a0lc4_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/tx-1a0lc4_t1.jpg
https://my.evilmilk.com/p/1/a/tx-1a0lc4_t1.jpg

5 KB
5 KB

15ms
11ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/tx-1a0lc4_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ed8bbb98180485879916bb9bde37485d08595ced77423f7980caad34f1b8d87b

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2794
x-powered-by: ASP.NET
status: 200
content-length: 4847
last-modified: Fri, 18 Oct 2019 00:19:24 GMT
server: cloudflare
etag: "616365b24985d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921d98d96b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/tx-1a0lc4_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96896b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

252-1a0liy_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/252-1a0liy_t1.jpg
https://my.evilmilk.com/p/1/a/252-1a0liy_t1.jpg

4 KB
4 KB

28ms
8ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/252-1a0liy_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c3604d185536e051df3a811f49532143e854d194f83d1a680183561f30bf67bf

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2793
x-powered-by: ASP.NET
status: 200
content-length: 3999
last-modified: Fri, 18 Oct 2019 00:23:36 GMT
server: cloudflare
etag: "402d54484a85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e9a396b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/252-1a0liy_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96996b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

252-1a0lk2_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/252-1a0lk2_t1.jpg
https://my.evilmilk.com/p/1/a/252-1a0lk2_t1.jpg

6 KB
6 KB

16ms
10ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/252-1a0lk2_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a615dd75f48b965fb4fa38f92c20c88ba93163d3e4da54c6eed3720374204131

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2793
x-powered-by: ASP.NET
status: 200
content-length: 6256
last-modified: Fri, 18 Oct 2019 00:24:18 GMT
server: cloudflare
etag: "b7e44614a85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921d98996b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/252-1a0lk2_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96a96b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

252-1a0ll3_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/252-1a0ll3_t1.jpg
https://my.evilmilk.com/p/1/a/252-1a0ll3_t1.jpg

5 KB
6 KB

18ms
12ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/252-1a0ll3_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 66549bd2326c0aa6e6294dfbf8ccb6be0098398449db83f83bec943816d8784e

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2793
x-powered-by: ASP.NET
status: 200
content-length: 5571
last-modified: Fri, 18 Oct 2019 00:24:56 GMT
server: cloudflare
etag: "38339784a85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921d98a96b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/252-1a0ll3_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921a96b96b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

252-1a0lmi_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/252-1a0lmi_t1.jpg
https://my.evilmilk.com/p/1/a/252-1a0lmi_t1.jpg

5 KB
5 KB

26ms
11ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/252-1a0lmi_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9683817bc66aea604079c4a424a601bd464951521314955fbce85f6969f3b5e4

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2794
x-powered-by: ASP.NET
status: 200
content-length: 5228
last-modified: Fri, 18 Oct 2019 00:25:48 GMT
server: cloudflare
etag: "55c3cc964a85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e9a696b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/252-1a0lmi_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921b97296b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

252-1a0lor_t1.jpg
my.evilmilk.com/p/1/a/
Redirect Chain

https://my.evilmilk.com/p/252-1a0lor_t1.jpg
https://my.evilmilk.com/p/1/a/252-1a0lor_t1.jpg

6 KB
6 KB

23ms
9ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/a/252-1a0lor_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 345b1626333eb4dcf84ae29383b028b2f9611e4b71359687ee0d1d2d56cd32ad

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 2794
x-powered-by: ASP.NET
status: 200
content-length: 6178
last-modified: Fri, 18 Oct 2019 00:27:11 GMT
server: cloudflare
etag: "623a31c84a85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e9a796b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 2794
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/a/252-1a0lor_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921b97496b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2

200

arr-19~sqk_t1.jpg
my.evilmilk.com/p/1/9/
Redirect Chain

https://my.evilmilk.com/p/arr-19~sqk_t1.jpg
https://my.evilmilk.com/p/1/9/arr-19~sqk_t1.jpg

4 KB
4 KB

22ms
8ms

Image
image/jpeg

2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.evilmilk.com/p/1/9/arr-19~sqk_t1.jpg
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 750ed6cd11967393a7e2ac206e957c56df5513567f50da9f0dac8351acdf0057

Request headers

Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
age: 4786
x-powered-by: ASP.NET
status: 200
content-length: 3973
last-modified: Thu, 17 Oct 2019 13:03:44 GMT
server: cloudflare
etag: "bea334eeb84d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5277d921e9a896b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

Redirect headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: HIT
server: cloudflare
age: 4786
status: 301
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://my.evilmilk.com/p/1/9/arr-19~sqk_t1.jpg
cache-control: public, max-age=14400
cf-ray: 5277d921b97196b0-FRA
expires: Fri, 18 Oct 2019 08:42:53 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 850A 17 KB
5 KB 178ms
128ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d9224f6e5958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 850A 206 KB
64 KB 170ms
121ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d9224f705958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 850A 35 B
494 B 134ms
34ms Image
image/gif 91.228.74.244
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 850A 94 KB
29 KB 128ms
125ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d9231fc85958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 850A 21 B
713 B 19ms
19ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:55 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 943c5678-7018-40dc-8f4d-ec0990d0dbe5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 850A 0
513 B 120ms
73ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5277d923cf319c93-AMS

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 850A 0
117 B 62ms
22ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 18 Oct 2019 04:42:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.evilmilk.com

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 850A 172 B
356 B 51ms
34ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=6a5b2b54-2cff-4679-9996-011f56f779b1&nocache=1571373773352&aus=728x90&divIds=4055x728x90x790x_ADSLOT1111&auid=540580842&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: 1b039185c5aacfe520f70966c8777485303d3a0eabf08678edfc1ed0cbcc9bed

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 850A 123 B
410 B 43ms
43ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28491&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 463f48d0763e6d91bf6c824517af62d84df8c55a5150f766741b491ec75fb1ca

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ Frame E3C8 1 KB
2 KB 96ms
96ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:53 GMT
Last-Modified: Wed, 26 Jun 2019 17:30:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d13ab9f-5b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1464

GET
H2 200 forge.js Show response
cdn.bidfluence.com/ Frame 0ECD 123 KB
29 KB 205ms
31ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/forge.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7890) / ASP.NET
Resource Hash: 6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
etag: "802ea0e44668d51:0"
last-modified: Wed, 11 Sep 2019 02:16:17 GMT
server: ECAcc (lhc/7890)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 29965
expires: Fri, 18 Oct 2019 04:57:53 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 850A 2 KB
3 KB 99ms
99ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 31d6bdfdcb5a3f436d8ce29befc80fece8aa49c2605468f485a2b43acb624bd0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:53 GMT
Last-Modified: Fri, 06 Sep 2019 19:01:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d72acf8-9fe"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2558

GET
H2 200 pubvendors.json Show response
www.evilmilk.com/.well-known/ 0
194 B 128ms
128ms Fetch
application/json 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/.well-known/pubvendors.json
Requested by: Host: thisiswaldo.com
URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 14 Nov 2018 01:01:52 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "080f0a0b57bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
status: 200
accept-ranges: bytes
cf-ray: 5277d924aba996b0-FRA
content-length: 0

GET
H/1.1 200
OK headerbid_refresh.php Show response
served-by.pixfuture.com/www/delivery/ Frame B8BA 6 KB
6 KB 199ms
198ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cc6e5bfe26c6d5fba05cda365b41ed9057bbbe4618d691181b9585d87d29fba4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 88 KB
17 KB 23ms
9ms Fetch
application/json 2600:9000:2156:2e00:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: thisiswaldo.com
URL: https://thisiswaldo.com/sites/all/modules/custom/ad_delivery/cmp/build/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:2e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad96ebbaf4937f3f680e8c2c21ed3d870f0f00852998dc4f9464bd6d5debc63

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 02:07:47 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 9307
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 16:00:20 GMT
server: AmazonS3
access-control-max-age: 86400
access-control-allow-methods: GET
x-amz-version-id: ryUIAOJeHNaJKJvkL4TiuyUYEBcc6e4Z
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA50-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: khmyYnhLBFm5PUmW9hqMShPxdyAla0mgzF8x1Lf4WDAmAnVvJruNCw==

GET
H2 200 ads.js Show response
cdn.bidfluence.com/ Frame 0ECD 131 B
314 B 33ms
32ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/ads.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7899) / ASP.NET
Resource Hash: f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
etag: "44f1b06b45c6d41:0"
last-modified: Sat, 16 Feb 2019 22:17:36 GMT
server: ECAcc (lhc/7899)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 224
expires: Fri, 18 Oct 2019 04:57:53 GMT

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 9811 17 KB
4 KB 123ms
122ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d92608d15958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 9811 206 KB
62 KB 124ms
123ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d92608d25958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 9811 35 B
494 B 33ms
32ms Image
image/gif 91.228.74.244
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh.php?dat=4055x728x90x790x_ADSLOT1111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK Check Show response
engine.bidfluence.com/ Frame 0ECD 4 KB
4 KB 545ms
129ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bidfluence.com/Check
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4c5262cf65d1993c6b593e9ef6fde012383733973766b6a6bd3fa424a4205164

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
11 KB 121ms
120ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3551623930406560&correlator=1994360907458613&output=ldjh&impl=fifs&adsid=NT&eid=21064798%2C21062452%2C21064371%2C21064687%2C370204026&vrg=2019101601&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191018&iu_parts=8491498%2Cevilmilk_passback_300x250_2%2Cevilmilk_passback_160x600%2Cevilmilk_passback_728x90%2Cevilmilk_passback_728x90_2%2Cevilmilk_passback_300x250_3%2Cevilmilk300x250FX_5_Universal_Passback_5bcdd73534fce&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%2C160x600%2C320x50%2C320x50%2C300x250%2C300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1571373773&dt=1571373773855&dlt=1571373772145&idt=356&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=792040253%2C4221903830%2C1649824028%2C3165818374%2C181391100%2C1000438725&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=50&icsg=178261811&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=51266202.1571373774&ga_sid=1571373774&ga_hid=784559367&fws=2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

72dba35b5711e5e5715b29e857a1fd186e7a3a31ea2e91cd5722a07523e2dd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10596
x-xss-protection: 0
google-lineitem-id: 4830422530,4766449672,4831168526,4831168526,4830422530,4831859902
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247491550,138241454053,138247265868,138247296356,138247490896,138287634064
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019101601.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 38ms
38ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5a91190227662b77e484acef92367d9a0f6c782bfe80a7e9258a707979a8f66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Oct 2019 18:03:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24832
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:53 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 5ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
845 B 75ms
75ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3551623930406560&correlator=1994360907458613&output=ldjh&impl=fifs&adsid=NT&eid=21064798%2C21062452%2C21064371%2C21064687%2C370204026&vrg=2019101601&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191018&iu_parts=124067137%2Cevilmilk300x250FX%2Cevilmilk160x600%2Cevilmilk300x250FX_2%2Cevilmilk_728x90FS_1%2Cevilmilk_728x90FS_2%2Cevilmilk300x250FL_1%2Cevilmilk300x250FX_5&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%2C160x600%2C300x250%2C728x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%7C160x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1571373773&dt=1571373773874&dlt=1571373772145&idt=356&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=624181800%2C3026648230%2C1879113025%2C1442736500%2C3137769098%2C922745469%2C3349891921&ucis=d%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=51&icsg=34538000179&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=51266202.1571373774&ga_sid=1571373774&ga_hid=784559367&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

22063024b11565c41d8fa1f910f142657dbd87331a5dc3ef223c09cc300cdbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 308
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 9811 94 KB
28 KB 122ms
121ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d926d9285958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9811 21 B
712 B 19ms
19ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:55 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.6:80
AN-X-Request-Uuid: 21ea0623-2c9e-4489-98f8-3c4de68a5b59
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9811 0
61 B 21ms
21ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 18 Oct 2019 04:42:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.evilmilk.com

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 9811 172 B
356 B 40ms
40ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=ca60a0d5-c278-42e7-81fe-a6ef64531c7a&nocache=1571373773902&aus=728x90&divIds=4055x728x90x790x_ADSLOT1111&auid=540580842&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: db9efaae7a33f9cba05990682e8248af4989fb73193ec0fe5ca452daba443bb3

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 9811 0
119 B 67ms
67ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5277d926f9279c93-AMS

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 9811 123 B
561 B 44ms
44ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28491&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 24ed732b701f138cafbbbf24671c7b1f353983f047bb135972f36c64ca7e0af0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
16ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=160x600&w=160&h=600

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 17ms
16ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=728x90&w=728&h=90

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forge.js Show response
cdn.bidfluence.com/ Frame 1EAD 123 KB
29 KB 31ms
31ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/forge.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7890) / ASP.NET
Resource Hash: 6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:53 GMT
content-encoding: gzip
etag: "802ea0e44668d51:0"
last-modified: Wed, 11 Sep 2019 02:16:17 GMT
server: ECAcc (lhc/7890)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 29965
expires: Fri, 18 Oct 2019 04:57:53 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 9811 3 KB
3 KB 96ms
95ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/pixfuture/728.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3fcb9d3400da554ddfbaafbbf77904196140aaf9ccee9ae0cea03ef05752a430

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:54 GMT
Last-Modified: Fri, 06 Sep 2019 19:01:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d72acf8-a01"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2561

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
16ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=160x600&w=160&h=600

Requested by

Host: www.evilmilk.com
URL: https://www.evilmilk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
cdn.bidfluence.com/ Frame 1EAD 131 B
323 B 31ms
31ms Script
application/x-javascript 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidfluence.com/ads.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7899) / ASP.NET
Resource Hash: f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
etag: "44f1b06b45c6d41:0"
last-modified: Sat, 16 Feb 2019 22:17:36 GMT
server: ECAcc (lhc/7899)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 224
expires: Fri, 18 Oct 2019 04:57:54 GMT

POST
H/1.1 200
OK Check Show response
engine.bidfluence.com/ Frame 1EAD 4 KB
4 KB 378ms
129ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bidfluence.com/Check
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 9a9e67bdbdf03e544d5603422ad3b7fa38a8437534695cdae940f2a878cf0fb7

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
985 B 114ms
32ms Script
application/x-javascript 13.225.78.17
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: theeighth-net.videoplayerhub.com
URL: https://theeighth-net.videoplayerhub.com/videoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.17 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 920
date: Fri, 18 Oct 2019 04:27:44 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Rt6euEI11Na5WzHIRXztyN54w2pG9obU-HtKDjxxZ9Jx4SeegREu5w==
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0ECD 46 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

07242e8854853219c437a8b0cc7ce768a6e4a85693ff9de1e6910e764c643642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "310 / 229 of 1000 / last-modified: 1571336459"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14753
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:54 GMT

GET
H2 200 mp.png
cdn.bidfluence.com/ Frame 0ECD 2 KB
2 KB 33ms
33ms Image
image/png 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bidfluence.com/mp.png
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7949) / ASP.NET
Resource Hash: b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
etag: "fd2ae463cb14d41:0"
last-modified: Fri, 06 Jul 2018 01:48:08 GMT
server: ECAcc (lhc/7949)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 1713
expires: Fri, 18 Oct 2019 04:57:54 GMT

POST
H/1.1 200
OK Demand Show response
server.bidfluence.com/ Frame 0ECD 280 B
612 B 531ms
178ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 41BE 0
0 78ms
26ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 14 Oct 2019 17:50:03 GMT
Content-Encoding: gzip
Content-Length: 7682
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=20238
Expires: Fri, 18 Oct 2019 10:20:12 GMT
Date: Fri, 18 Oct 2019 04:42:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0ECD 240 B
2 KB 183ms
91ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20052&site_id=238572&zone_id=1176734&size_id=2&p_pos=unknown&rp_floor=0.12&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=ba247d801e384ff1ad396acabf66e5d5&p_screen_res=1600x1200x24&rf=https%3A%2F%2Fwww.evilmilk.com%2F&slots=1&rand=0.742008404690415
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d512a0fcbd4209e648e9d88a2d9c9aa35bdeea709a0c88365d3bf9256bf88c31

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=459
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/79353/0/ Frame 0ECD 0
271 B 524ms
161ms XHR
text/plain 8.41.222.100
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79353/0/mvo?z=1r&hbv=2.8,1.0.2.1
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.41.222.100 , United States, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0ECD 9 KB
4 KB 97ms
36ms Script
text/javascript 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2019 09:39:55 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-2492-58e9253364338"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=18608
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 3640
Expires: Fri, 18 Oct 2019 09:53:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0ECD 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0ECD 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0ECD 156 KB
57 KB 37ms
36ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

f8800772f0dd827877029d9d634a170a156ff82b6b6bdf251b62c750b73cfe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58589
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:54 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1EAD 46 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

07242e8854853219c437a8b0cc7ce768a6e4a85693ff9de1e6910e764c643642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "310 / 713 of 1000 / last-modified: 1571336459"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14753
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:54 GMT

GET
H2 200 mp.png
cdn.bidfluence.com/ Frame 1EAD 2 KB
2 KB 31ms
31ms Image
image/png 152.195.34.232
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bidfluence.com/mp.png
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.232 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7949) / ASP.NET
Resource Hash: b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
etag: "fd2ae463cb14d41:0"
last-modified: Fri, 06 Jul 2018 01:48:08 GMT
server: ECAcc (lhc/7949)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 1713
expires: Fri, 18 Oct 2019 04:57:54 GMT

POST
H/1.1 200
OK Demand Show response
server.bidfluence.com/ Frame 1EAD 280 B
612 B 421ms
171ms XHR
application/json 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:53 GMT
Content-Encoding: br
Server: Kestrel
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store,no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 25F9 0
0 44ms
42ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 14 Oct 2019 17:50:03 GMT
Content-Encoding: gzip
Content-Length: 7682
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=20238
Expires: Fri, 18 Oct 2019 10:20:12 GMT
Date: Fri, 18 Oct 2019 04:42:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1EAD 240 B
2 KB 145ms
77ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20052&site_id=238572&zone_id=1176734&size_id=2&p_pos=unknown&rp_floor=0.12&rp_secure=1&tk_flint=pbjs_lite_v1.13.0&x_source.tid=30bb5565fc614d6bbbe304bebb10a615&p_screen_res=1600x1200x24&rf=https%3A%2F%2Fwww.evilmilk.com%2F&slots=1&rand=0.9217138161499141
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 244b7d5bf8c3485b29e705c3aad49eb50a32030abf5c04d81a5fb65d19e02f6c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=340
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/79353/0/ Frame 1EAD 0
271 B 606ms
176ms XHR
text/plain 8.41.222.100
RhythmOne

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79353/0/mvo?z=1r&hbv=2.8,1.0.2.1
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.41.222.100 , United States, ASN26120 (RHYTHMONE - RhythmOne, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK userSync.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1EAD 9 KB
4 KB 30ms
29ms Script
text/javascript 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jul 2019 09:39:55 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300709-2492-58e9253364338"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=18608
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 3640
Expires: Fri, 18 Oct 2019 09:53:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1EAD 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1EAD 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1EAD 156 KB
57 KB 38ms
37ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

f8800772f0dd827877029d9d634a170a156ff82b6b6bdf251b62c750b73cfe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58589
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:54 GMT

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 0B5D 0
0 35ms
34ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106822
Expires: Sat, 19 Oct 2019 10:23:16 GMT
Date: Fri, 18 Oct 2019 04:42:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 4ACC 0
0 36ms
35ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106822
Expires: Sat, 19 Oct 2019 10:23:16 GMT
Date: Fri, 18 Oct 2019 04:42:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 92 B
356 B 864ms
130ms Script
text/javascript 34.206.108.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1571373774627&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.evilmilk.com%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22bfa28991-f161-11e9-87e0-d279c1d488dc%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.evilmilk.com%2F&csVersion=1.18.8

Requested by

Host: theeighth-net.videoplayerhub.com
URL: https://theeighth-net.videoplayerhub.com/videoplayer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.206.108.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-206-108-72.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

59429897279d940c256bb969e15063831e50a8989cabd7919b36d8cb66321183

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:55 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5c-lEqW+l2+F/99zMWWOAr2qWa4Tlo"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 84

GET
H2 200 px.gif
ad-delivery.net/ 43 B
385 B 32ms
31ms Image
image/gif 13.225.78.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2827386381944019
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.17 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 34013
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Thu, 17 Oct 2019 20:33:33 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 43
x-amz-cf-id: pYy2khkRwRjlZDdYFvT_YnkE6WdfeuYOKuGXbE8gYbY-MJkiPNflKw==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0ECD 3 KB
2 KB 272ms
169ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=24249536448892&correlator=3063993385309247&output=ldjh&impl=fif&adsid=NT&vrg=2019101401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191018&iu=%2F368406191%2FRON&sz=728x90&scp=bdf%3D0.12%26bfadvid%3D1262465e-2cce-41b1-810a-dd0436499f1b%26excl_cat%3DBF-Exclude&cookie=ID%3D8dcda605c004e7f3%3AT%3D1571373773%3AS%3DALNI_MbTUlWI6agJxlImn-iggyx4YPbd2A&cdm=www.evilmilk.com&bc=31&abxe=1&lmt=1571373775&dt=1571373775183&dlt=1571373773472&idt=982&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=821&ady=65&adk=1448384972&uci=1mk0sq28xnyz&ifi=1&ifk=3547773615&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&iag=255&url=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2Fpixfuture%2F728.aspx&top=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=8&icsg=6816&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=725296227.1571373775&ga_sid=1571373775&ga_hid=120376069&fws=260&ohw=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

537bedc76f4fc84ef00c13f8413bdb3f2377e7bf2ca0150871bb3966b667c6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1789
x-xss-protection: 0
google-lineitem-id: 4501971261
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 88992308431
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0ECD 64 KB
24 KB 118ms
88ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

f123fae1ceff20dea7ee2ff8895276a22cddecc8e0ef503b5e95419e76909a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24836
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:55 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 0ECD 0
0 96ms
68ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 204
No Content Demand Show response
server.bidfluence.com/ Frame 0ECD 0
228 B 194ms
180ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 0ECD 0
109 B 508ms
101ms Image
text/plain 77.245.58.158
Webair Internet D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=77225&t=image&r=%2F%2Fsync.bidfluence.com%2FCS%2FBDF%3Fd%3D152ORTB%26id%3D{UID}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.158 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: mypersonalfinancestoday.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:55 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 1EAD 0
109 B 506ms
103ms Image
text/plain 77.245.58.158
Webair Internet D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=77225&t=image&r=%2F%2Fsync.bidfluence.com%2FCS%2FBDF%3Fd%3D152ORTB%26id%3D{UID}
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.158 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: mypersonalfinancestoday.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:55 GMT
Server: nginx
Connection: close
Content-Length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1EAD 3 KB
2 KB 267ms
165ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1747401340094272&correlator=423737177532570&output=ldjh&impl=fif&adsid=NT&eid=21063340%2C21064617%2C21064687&vrg=2019101401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191018&iu=%2F368406191%2FRON&sz=728x90&scp=bdf%3D0.12%26bfadvid%3D1262465e-2cce-41b1-810a-dd0436499f1b%26excl_cat%3DBF-Exclude&cookie=ID%3D8dcda605c004e7f3%3AT%3D1571373773%3AS%3DALNI_MbTUlWI6agJxlImn-iggyx4YPbd2A&cdm=www.evilmilk.com&bc=31&abxe=1&lmt=1571373775&dt=1571373775384&dlt=1571373773973&idt=570&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=607&ady=847&adk=3438688865&uci=6pygca65uxut&ifi=1&ifk=3547773615&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&iag=255&url=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2Fpixfuture%2F728.aspx&top=https%3A%2F%2Fwww.evilmilk.com%2F&dssz=8&icsg=6816&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1800870894.1571373775&ga_sid=1571373775&ga_hid=2028501322&fws=260&ohw=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5102281cd26a08de2de94bbb2d6ceec0a893ccd03c556ca7dac689a696eed5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1726
x-xss-protection: 0
google-lineitem-id: 4501971261
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 88992307591
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.evilmilk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1EAD 64 KB
24 KB 174ms
74ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

f123fae1ceff20dea7ee2ff8895276a22cddecc8e0ef503b5e95419e76909a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24836
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:55 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 1EAD 0
0 106ms
6ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 204
No Content Demand Show response
server.bidfluence.com/ Frame 1EAD 0
228 B 263ms
189ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.bidfluence.com/Demand
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:54 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 300framed.aspx Show response
www.evilmilk.com/spon/ Frame CED5 513 B
397 B 250ms
161ms Document
text/html 2606:4700:e0::ac40:6622
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.evilmilk.com/spon/300framed.aspx
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d10bd0615dc062df63043b66fe5e2e24faf7120fabd7612e7ac99a2ee8e1fc0d

Request headers

:method: GET
:authority: www.evilmilk.com
:scheme: https
:path: /spon/300framed.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.evilmilk.com/
accept-encoding: gzip, deflate, br
cookie: __cfduid=db344d4bb4f6c024625213e467949995f1571373773; bf_an_qk=true; __gads=ID=8dcda605c004e7f3:T=1571373773:S=ALNI_MbTUlWI6agJxlImn-iggyx4YPbd2A; __beaconTrackerID=2hhnbzee0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

status: 200
date: Fri, 18 Oct 2019 04:42:55 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=agzue1irgrjh22a0zurkngo4; path=/; HttpOnly
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5277d9317bd696b0-FRA
content-encoding: br

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 0AA6 0
0 15ms
6ms Document
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Wed, 16 Oct 2019 09:18:00 GMT
expires: Thu, 15 Oct 2020 09:18:00 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 156295
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ECD 77 KB
28 KB 89ms
85ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:55 GMT

GET
H2 200 serving.html
ad.bidfluence.com/serving/ Frame 0E90 0
0 473ms
80ms Document
text/html 152.195.34.229
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bidfluence.com/serving/serving.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.229 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7958) / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: ad.bidfluence.com
:scheme: https
:path: /serving/serving.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: bdfSurf=yQAAAY9j0gAAAfXygpWvMDYwbWFjb3N4Y2hyb21l2SQ4MjYxYmI1MC1mNWM5LTRiZDYtODFhZC0xNzI4MjE1ZWMzMmaf2Xltb3ppbGxhLzUuMCAobWFjaW50b3NoOyBpbnRlbCBtYWMgb3MgeCAxMF8xNF81KSBhcHBsZXdlYmtpdC81MzcuMzYgKGtodG1sLCBsaWtlIGdlY2tvKSCGAPMGLzc0LjAuMzcyOS4xNjkgc2FmYXJpNwDwE6CjMDYwrDE2MDB4MTIwMHgyNKDCwqhNYWMgT1MgWKcxMC4DACGmQ0kA8Rig2UlNaWNyb3NvZnQuQXNwTmV0Q29yZS5TZXJ2ZXIuS2VzdHJlbC4UANFJbnRlcm5hbC5IdHRwBQDwDVJlcXVlc3RIZWFkZXJzwsPCn9f%2FVkkZYF2pQs4KACAa8AoAQcs%2F8AABABHLBgD1GwAAAIHZJDk1Mzg3NDgxLTcwOGQtNDFhOS1hY2E4LWIyOTVmNDRlMzJkMTkAL4CRMQATDycAFCXDw4oADAkAUAAAgICA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=300
content-type: text/html
date: Fri, 18 Oct 2019 04:42:56 GMT
etag: "06d3651d0cdd41:0"
last-modified: Tue, 26 Feb 2019 12:39:30 GMT
server: ECAcc (lhc/7958)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
content-length: 2259

POST
H/1.1 204
No Content Rep Show response
report.bidfluence.com/ Frame 0ECD 0
228 B 525ms
126ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bidfluence.com/Rep?cid=a400cc40-d6b6-45b3-ac9c-85cba6ab5900&crid=e1dfaa34-10dd-424f-9ddc-5c418d222d0c
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:55 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame E1EF 0
0 20ms
6ms Document
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Wed, 16 Oct 2019 09:18:00 GMT
expires: Thu, 15 Oct 2020 09:18:00 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 156296
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EAD 77 KB
28 KB 95ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:56 GMT

GET
H2 200 serving.html
ad.bidfluence.com/serving/ Frame F99A 0
0 184ms
81ms Document
text/html 152.195.34.229
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.bidfluence.com/serving/serving.html
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.229 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lhc/7958) / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: ad.bidfluence.com
:scheme: https
:path: /serving/serving.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: bdfSurf=yQAAAY9j0gAAAfXygpWvMDYwbWFjb3N4Y2hyb21l2SQ4MjYxYmI1MC1mNWM5LTRiZDYtODFhZC0xNzI4MjE1ZWMzMmaf2Xltb3ppbGxhLzUuMCAobWFjaW50b3NoOyBpbnRlbCBtYWMgb3MgeCAxMF8xNF81KSBhcHBsZXdlYmtpdC81MzcuMzYgKGtodG1sLCBsaWtlIGdlY2tvKSCGAPMGLzc0LjAuMzcyOS4xNjkgc2FmYXJpNwDwE6CjMDYwrDE2MDB4MTIwMHgyNKDCwqhNYWMgT1MgWKcxMC4DACGmQ0kA8Rig2UlNaWNyb3NvZnQuQXNwTmV0Q29yZS5TZXJ2ZXIuS2VzdHJlbC4UANFJbnRlcm5hbC5IdHRwBQDwDVJlcXVlc3RIZWFkZXJzwsPCn9f%2FVkkZYF2pQs4KACAa8AoAQcs%2F8AABABHLBgD1GwAAAIHZJDk1Mzg3NDgxLTcwOGQtNDFhOS1hY2E4LWIyOTVmNDRlMzJkMTkAL4CRMQATDycAFCXDw4oADAkAUAAAgICA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=300
content-type: text/html
date: Fri, 18 Oct 2019 04:42:56 GMT
etag: "06d3651d0cdd41:0"
last-modified: Tue, 26 Feb 2019 12:39:30 GMT
server: ECAcc (lhc/7958)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
content-length: 2259

POST
H/1.1 204
No Content Rep Show response
report.bidfluence.com/ Frame 1EAD 0
228 B 356ms
126ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bidfluence.com/Rep?cid=a400cc40-d6b6-45b3-ac9c-85cba6ab5900&crid=e1dfaa34-10dd-424f-9ddc-5c418d222d0c
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:55 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK ads.js Show response
served-by.pixfuture.com/www/delivery/ Frame CED5 1 KB
2 KB 95ms
95ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/ads.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/300framed.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5a47b6155fb230382526bf56de99461dc50b11463b0012a24afebd68a7427ccd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:56 GMT
Last-Modified: Thu, 25 Jul 2019 13:22:47 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d39ad27-40b"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1035

GET
H/1.1 200
OK headerbid.php Show response
served-by.pixfuture.com/www/delivery/ Frame 45B5 7 KB
8 KB 190ms
190ms Script
text/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ba3e53d4c3a0b818d6bb2ac2e02837a1bf78d2f7fda275835604d5cd02e8d62e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:56 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7175 0
0 104ms
29ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 17 Oct 2020 04:42:56 GMT
Date: Fri, 18 Oct 2019 04:42:56 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 4319 0
0 27ms
26ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: i=cd7831e0-2889-06be-18f1-b567d52ffacf|1571373773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=cd7831e0-2889-06be-18f1-b567d52ffacf|1571373773; Version=1; Expires=Sat, 17-Oct-2020 04:42:56 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571373776|mOgikimWiygu; Version=1; Expires=Sat, 02-Nov-2019 04:42:56 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 18 Oct 2019 04:42:56 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 0B76 0
0 36ms
35ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=157433:2; KADUSERCOOKIE=0CBDF069-C67E-4BA3-A623-0859F63C299C; chk=1; DPSync3=1572566400%3A201_197%7C1571443200%3A174; SyncRTB3=1572566400%3A3_55_176_56_189_195_7_166_64_8_22_205_161_104_13_5_92_81_204_71_99_170_194_54_21%7C1571961600%3A67_15_2%7C1572220800%3A63%7C1573948800%3A203; KRTBCOOKIE_1101=23040-6748998973419026576; PUBMDCID=3; KRTBCOOKIE_153=19420-GPrtsRms7-wA_O-wH6uhvBmuv78ArOnpSajLJNX0&KRTB&22979-GPrtsRms7-wA_O-wH6uhvBmuv78ArOnpSajLJNX0; KRTBCOOKIE_188=3189-no-consent&KRTB&22716-no-consent; KRTBCOOKIE_699=22727-AAdWf067UoYAAD-GQl9e_Q&KRTB&22744-AAdWf067UoYAAD-GQl9e_Q&KRTB&22745-AAdWf067UoYAAD-GQl9e_Q; KRTBCOOKIE_80=16514-CAESEDps5an55IEfiNlOGPcIBVI&KRTB&22987-CAESEDps5an55IEfiNlOGPcIBVI&KRTB&22995-CAESEDps5an55IEfiNlOGPcIBVI; KRTBCOOKIE_27=16735-uid:0bb95da9-3bec-4500-90dd-8847925cee2b&KRTB&16736-uid:0bb95da9-3bec-4500-90dd-8847925cee2b; KRTBCOOKIE_594=17105-OPTOUT; PugT=1571373776; KRTBCOOKIE_1113=23098-02460877755922919; KRTBCOOKIE_734=15208-uid:7db0ba4e-bf23-46e0-bd0a-32fd76377c6a-tuct4a2c84f&KRTB&23151-uid:7db0ba4e-bf23-46e0-bd0a-32fd76377c6a-tuct4a2c84f; KRTBCOOKIE_1051=22884-18072662387586582019; SPugT=1571373776; KRTBCOOKIE_22=14911-4279823973513055310&KRTB&16087-4279823973513055310&KRTB&23049-4279823973513055310&KRTB&23150-4279823973513055310; KRTBCOOKIE_391=22924-5420296341772109440; KRTBCOOKIE_1074=22956-e_f8b982bf-16db-4576-b421-8f4ec9dd3cbd; KRTBCOOKIE_377=6810-3184a691-71ea-46da-ad97-2553dbca940b&KRTB&22918-3184a691-71ea-46da-ad97-2553dbca940b&KRTB&23031-3184a691-71ea-46da-ad97-2553dbca940b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106820
Expires: Sat, 19 Oct 2019 10:23:16 GMT
Date: Fri, 18 Oct 2019 04:42:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 204
No Content Served Show response
served.bidfluence.com/ Frame 1EAD 0
919 B 1986ms
588ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://served.bidfluence.com/Served
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:58 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Pb Show response
pb.bidfluence.com/ Frame 1EAD 0
228 B 1988ms
591ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.bidfluence.com/Pb
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:58 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Served Show response
served.bidfluence.com/ Frame 0ECD 0
919 B 1989ms
591ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://served.bidfluence.com/Served
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:58 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Pb Show response
pb.bidfluence.com/ Frame 0ECD 0
228 B 1991ms
594ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.bidfluence.com/Pb
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:58 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 djax.js Show response
cdn.pixfuture.com/ Frame 87BE 17 KB
5 KB 133ms
133ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 15 Aug 2019 21:25:51 GMT
server: cloudflare
etag: W/"5d55cddf-4433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d938182e5958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 auc.js Show response
cdn.pixfuture.com/ Frame 87BE 206 KB
63 KB 128ms
127ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/auc.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Oct 2019 15:12:05 GMT
server: cloudflare
etag: W/"5d9f4a45-339b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d93828315958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 87BE 35 B
292 B 31ms
31ms Image
image/gif 91.228.74.244
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.php?dat=4052x300x250x790x_ADSLOT1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:56 GMT
Server: QS
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery-1.2.3.js Show response
cdn.pixfuture.com/ Frame 87BE 94 KB
29 KB 124ms
122ms Script
application/javascript 2606:4700:20::6819:9307
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery-1.2.3.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:9307 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Aug 2019 20:36:09 GMT
server: cloudflare
etag: W/"5d49e4b9-179fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5277d938f8875958-VIE
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 87BE 123 B
560 B 46ms
46ms XHR
application/json 52.18.117.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28489&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.evilmilk.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.117.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-117-195.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1aa04d01d5b744465fc360362e88ebb80fbe0758750ebff18d8416c2d7906bd1

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 87BE 0
61 B 24ms
24ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 18 Oct 2019 04:42:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.evilmilk.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 87BE 21 B
713 B 20ms
20ms XHR
application/json 185.33.223.100
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.100 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:58 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid: fd102574-f032-45a2-aa36-09493eaf32f1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.evilmilk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 87BE 172 B
355 B 30ms
30ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.evilmilk.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=aaa5117b-9ed3-4551-be55-606720701292&nocache=1571373776840&aus=300x250&divIds=4052x300x250x790x_ADSLOT1&auid=540580840&
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: 7255e981e6225c781ba431974053117bbb913103c9139245e14e0c0c406c3056

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:56 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.evilmilk.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 2 Show response
prebid.mgid.com/prebid/ Frame 87BE 0
239 B 114ms
114ms XHR
text/plain 104.16.129.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.mgid.com/prebid/2
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.129.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 04:42:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.evilmilk.com
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5277d9395d689c93-AMS

GET
H/1.1 200
OK Cookie set cs
sync.rtk.io/ Frame AA68 0
0 494ms
97ms Document
text/html 172.104.211.45
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/sites/all/modules/custom/ad_delivery/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.211.45 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1917-45.members.linode.com
Software: RTK CookiePixel/v1.0.8 /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/

Response headers

Date: Fri, 18 Oct 2019 04:42:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.0.8
Set-Cookie: rtkuuid=d700d8ac-f2f6-4ea9-b0e5-6e67e494cb58; Path=/; Domain=rtk.io; Expires=Thu, 16 Jan 2020 04:42:57 GMT
X-Rtk-Nid: li777-98.members.linode.com:8002
Content-Encoding: gzip

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A896 77 KB
28 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e94e61a96ef3d1e9cd56eb759084399039e93cba0ab599414b644559f3c57c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28339
x-xss-protection: 0
server: cafe
etag: 15709176121741281514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Oct 2019 04:42:56 GMT

GET
H/1.1 200
OK lg.php
served-by.pixfuture.com/www/delivery/ Frame A896 43 B
937 B 98ms
98ms Image
image/gif 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://served-by.pixfuture.com/www/delivery/lg.php?bannerid=67&campaignid=34&zoneid=4052&OACBLOCK=86400&OASCCAP=30&loc=https%3A%2F%2Fwww.evilmilk.com%2Fspon%2F300framed.aspx&cb=48aae7446d&ishousead=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:57 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *, *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: 0

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 87BE 2 KB
3 KB 99ms
99ms Script
application/javascript 68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js
Requested by: Host: www.evilmilk.com
URL: https://www.evilmilk.com/spon/300framed.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 31d6bdfdcb5a3f436d8ce29befc80fece8aa49c2605468f485a2b43acb624bd0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 04:42:57 GMT
Last-Modified: Fri, 06 Sep 2019 19:01:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d72acf8-9fe"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2558

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8C29 0
0 29ms
28ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 17 Oct 2020 04:42:56 GMT
Date: Fri, 18 Oct 2019 04:42:56 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 22B7 0
0 35ms
34ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
Accept-Encoding: gzip, deflate, br
Cookie: KRTBCOOKIE_466=16530-de47c1d5-b800-408f-b1d7-3f9a51acda3a&KRTB&16532-de47c1d5-b800-408f-b1d7-3f9a51acda3a; PugT=1571373776; PUBMDCID=3; KRTBCOOKIE_336=5844-6352455829759365765
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106820
Expires: Sat, 19 Oct 2019 10:23:16 GMT
Date: Fri, 18 Oct 2019 04:42:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D08A 0
0 29ms
29ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
accept-encoding: gzip, deflate, br
cookie: i=cf40ee18-5021-0c20-1a80-fe8a57fa19e5|1571373776
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=cf40ee18-5021-0c20-1a80-fe8a57fa19e5|1571373776; Version=1; Expires=Sat, 17-Oct-2020 04:42:56 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571373776|mOgikimWiygu; Version=1; Expires=Sat, 02-Nov-2019 04:42:56 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 18 Oct 2019 04:42:56 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A896 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A896 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.evilmilk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Oct 2019 04:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/ Frame A896 238 KB
88 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89450
x-xss-protection: 0
server: cafe
etag: 530792698881188819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Oct 2019 04:42:56 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/ Frame B4D3 0
0 7ms
7ms Document
text/html 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191015/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191015/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/300framed.aspx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 15 Oct 2019 14:46:35 GMT
expires: Tue, 29 Oct 2019 14:46:35 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 222982
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

Cookie set afr.php
served-by.pixfuture.com/www/delivery/ Frame 739E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1594924173&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.ev...
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

0
0

123ms
122ms

Document
text/html

68.183.31.14
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host: served-by.pixfuture.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Cookie: OAGEO=NL%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=fa14d112b5c0573cb782768326dba719; _OASCCAP[34]=1; _OACBLOCK[34]=1571373777
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 18 Oct 2019 04:42:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _OACBLOCK[34]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ %5FOACBLOCK%5B34%5D=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ _OASCCAP[34]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ %5FOASCCAP%5B34%5D=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ OAID=fa14d112b5c0573cb782768326dba719; expires=Sat, 17-Oct-2020 04:42:57 GMT; Max-Age=31536000; path=/ OACBLOCK=34.1571373777; expires=Sun, 17-Nov-2019 04:42:57 GMT; Max-Age=2592000; path=/ OASCCAP=34.1; path=/
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: * *
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Encoding: gzip

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Oct 2019 04:42:57 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUlsT1b3roXZOHU0juIlYFgH4mRz29gRsUbRQ7ohud1VbYfFGeaLVdkQpiGP; expires=Wed, 11-Nov-2020 04:42:57 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A896 77 KB
28 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191015/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.evilmilk.com/spon/300framed.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 04:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1571051767941600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
expires: Fri, 18 Oct 2019 04:42:57 GMT

POST
H/1.1 204
No Content Viewed Show response
viewed.bidfluence.com/ Frame 1EAD 0
228 B 1830ms
926ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://viewed.bidfluence.com/Viewed
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:59 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content Viewed Show response
viewed.bidfluence.com/ Frame 0ECD 0
228 B 1828ms
926ms XHR
text/plain 13.89.35.253
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://viewed.bidfluence.com/Viewed
Requested by: Host: cdn.bidfluence.com
URL: https://cdn.bidfluence.com/forge.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.35.253 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.evilmilk.com/spon/pixfuture/728.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.evilmilk.com
Pragma: no-cache
Date: Fri, 18 Oct 2019 04:42:59 GMT
Cache-Control: no-store,no-cache
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 10AC 0
0 34ms
34ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 17 Oct 2020 04:42:59 GMT
Date: Fri, 18 Oct 2019 04:42:59 GMT
Connection: keep-alive

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 9AFC
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1

0
0

202ms
201ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.evilmilk.com/spon/300framed.aspx
accept-encoding: gzip, deflate, br
cookie: i=b68a0d36-df43-0ab0-0b31-98d2e087950f|1571373779
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

status: 200
vary: Accept
set-cookie: i=b68a0d36-df43-0ab0-0b31-98d2e087950f|1571373779; Version=1; Expires=Sat, 17-Oct-2020 04:43:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1571373780|mOgikimWiygu; Version=1; Expires=Sat, 02-Nov-2019 04:43:00 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 18 Oct 2019 04:43:00 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=b68a0d36-df43-0ab0-0b31-98d2e087950f|1571373779; Version=1; Expires=Sat, 17-Oct-2020 04:42:59 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.163.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
date: Fri, 18 Oct 2019 04:42:59 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 6DB3 0
0 37ms
37ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/auc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.evilmilk.com/spon/300framed.aspx
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.evilmilk.com/spon/300framed.aspx

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=106817
Expires: Sat, 19 Oct 2019 10:23:16 GMT
Date: Fri, 18 Oct 2019 04:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.evilmilk.com/	1970-01-19 22:00:45	Name: __gads Value: ID=8dcda605c004e7f3:T=1571373773:S=ALNI_MbTUlWI6agJxlImn-iggyx4YPbd2A
www.evilmilk.com/	1970-01-19 04:29:33	Name: bf_an_qk Value: true
.evilmilk.com/	1970-01-19 13:15:09	Name: __cfduid Value: db344d4bb4f6c024625213e467949995f1571373773

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.evilmilk.com/(Line 32) Message: loggedinx: False
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 62) Message: screen width detected: 1585
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 63) Message: screen height detected: 1200
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 70) Message: in 728 wide
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 76) Message: loading 728, would be wide if turned on.
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 93) Message: right column detected
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 97) Message: In Tall
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 103) Message: Would be tall if not turned off.
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 117) Message: loaded 728x90 into sponmain
console-api	log	URL: https://theeighth-net.videoplayerhub.com/videoplayer.js(Line 13) Message: Video gallery initializing
console-api	log	URL: https://www.evilmilk.com/js/spon.js?d=050819(Line 47) Message: try#2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad-delivery.net
ad.bidfluence.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
bidder.rtk.io
cdn.bidfluence.com
cdn.pixfuture.com
cdn.thisiswaldo.com
cdnjs.cloudflare.com
cluster-na.cdnjquery.com
code.jquery.com
dmx.districtm.io
engine.bidfluence.com
eu-u.openx.net
eus.rubiconproject.com
evilmilk.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ipfind.co
lockerdome.com
my.evilmilk.com
pagead2.googlesyndication.com
pb.bidfluence.com
pixel.quantserve.com
pixfuture2-d.openx.net
prebid.mgid.com
report.bidfluence.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
served.bidfluence.com
server.bidfluence.com
ssc.33across.com
stackpath.bootstrapcdn.com
sync.adkernel.com
sync.rtk.io
tag.1rx.io
the-eighth-d.openx.net
theeighth-net.videoplayerhub.com
thisiswaldo.com
tpc.googlesyndication.com
use.fontawesome.com
vendorlist.consensu.org
viewed.bidfluence.com
www.evilmilk.com
www.googletagservices.com
104.109.78.125
104.16.129.5
104.16.68.69
13.225.78.17
13.89.35.253
143.204.101.39
152.195.34.229
152.195.34.232
172.104.21.249
172.104.211.45
172.217.16.162
185.33.223.100
185.64.189.112
2.18.232.130
2.18.233.180
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
208.100.17.174
23.111.9.35
2600:9000:2156:2e00:1:af78:4c0:93a1
2600:9000:21f3:e800:4:164e:ca00:93a1
2606:4700:20::6819:9307
2606:4700::6813:c397
2606:4700::6813:c697
2606:4700:e0::ac40:6622
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:818::2002
2a00:1450:4001:825::2002
34.206.108.72
34.95.120.147
38.140.99.21
52.15.219.226
52.18.117.195
54.241.204.180
68.183.31.14
69.173.144.142
77.245.58.158
8.41.222.100
91.228.74.244
01aeb180d07aa6fcca3fcf0ac6d15c8742ef59a76e44960bae051fc12674a871
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05eafcf8c6f8b3b7e20d22142609f20a373091a1df5e46f111c0ffd3d216108b
07242e8854853219c437a8b0cc7ce768a6e4a85693ff9de1e6910e764c643642
077de0cef87815df6b043125d194f1dbfa68e2d088aec640c25381e225cd240f
085e1cea2bb60aae97d238e308ce05a1be8433f1c5421283e4e582c27b91d1b7
0c2375c96b7f803c91a4419355c70fc649e3bab774118e7ba2f0cdbe27f8eaa1
1023b1fcbfa04d6d4ef5414a6e8a0846dfb449b0337c491deefc5752600d5e2d
147ed97fcf9c7feaaff4fc531d2c35dabf89eee0d8ce663e4a005c555cec66c3
14895e1b5f98c020766e44cd13b375440ad954039c9f8fb06f3a60c0310e88a4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
170e7f7ce74a0e14b8e9516b23a5c0e5707bb7d08e717b1f5b9aedd9e4733ffe
18caca1f0ad8bbd47cb7bf538b8eac4e4ebe71fa1e9f8773e8599128ff5d884b
1a58095266eb45b55188805f4507e88c0fa62d1fc111b67585e98a9f8b1c4e4e
1aa04d01d5b744465fc360362e88ebb80fbe0758750ebff18d8416c2d7906bd1
1b039185c5aacfe520f70966c8777485303d3a0eabf08678edfc1ed0cbcc9bed
1be90e00b660e7fe1638a06cbcd17f14813710985051c3972c7bc8755e50d423
1cdc548b67a8a47b7112338a80793672300ca8a246e2e624e22a3d9c6f417f8a
1f663c6a984a2457172d7ae90d596921deae360494951c85386a93427685af1c
22063024b11565c41d8fa1f910f142657dbd87331a5dc3ef223c09cc300cdbdf
244b7d5bf8c3485b29e705c3aad49eb50a32030abf5c04d81a5fb65d19e02f6c
24ed732b701f138cafbbbf24671c7b1f353983f047bb135972f36c64ca7e0af0
28018757e9aad7b9f199922ca7f6e778bb5e90bea4c28d9a03cead8bb0869a4f
2c35ad3146982cd844183dcfdaf0e11d48b88b198d49af3c2dcaa753df654a19
2e3cf2d3e4de45c0871be9c764efeb70bec3136f02da6c0c7f271f5fede18f36
31d6bdfdcb5a3f436d8ce29befc80fece8aa49c2605468f485a2b43acb624bd0
335c28706d6fec7112516fd9e02dcacaf1bf77928e6b916b30132f034e29461b
345b1626333eb4dcf84ae29383b028b2f9611e4b71359687ee0d1d2d56cd32ad
356f79f6dfa5bba7d74e01711e409d62756268d744b453b9219c87c64418a477
39aee058da615ab95f33efbedc8a9b088557d90fd9c6b9ad809b4b9ff956d225
3ad96ebbaf4937f3f680e8c2c21ed3d870f0f00852998dc4f9464bd6d5debc63
3ed112a9306d2364b977ef5a2ea9154c990d92cc6ff2c8057c826b5bf0d13ffd
3fcb9d3400da554ddfbaafbbf77904196140aaf9ccee9ae0cea03ef05752a430
3fd496f36f165955b8c65d2d5ebc7441bf14c237c2d3499fd4ca0682b19a09a9
4267006e5c5881eb2fc112f17bc193cb65228ea496009b36d6f71ddb6bc01e36
44a9637c16efc6c22898f85eceec42ad61fdb770d3dd11696f9f8ca797e1c94c
4560abefc480c70d209a5639db85b145b4873b81e6223cf9c8772b95841bec77
463f48d0763e6d91bf6c824517af62d84df8c55a5150f766741b491ec75fb1ca
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4b1ceba8c9ba507eba857c76d626abf7edf231bd1fa8096187abaffd1cef02e0
4bf3e18508259a0312f4e0c3c5a664e1b6b067793b5e3b7cb8033ea7aa242ea2
4c5262cf65d1993c6b593e9ef6fde012383733973766b6a6bd3fa424a4205164
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5102281cd26a08de2de94bbb2d6ceec0a893ccd03c556ca7dac689a696eed5e1
52f3d2ba25ceb6a7f6983e2440b31045873835ff2f215ca6ab935d9b6c7333d4
537bedc76f4fc84ef00c13f8413bdb3f2377e7bf2ca0150871bb3966b667c6af
54505a87d6720a3a6c80418664fe0f5da9ec7f6551ffcb5d627293e16fb11ae0
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
56e362299a9c4aef9e507cc05dd4a2df3c80ac036fdeb974f60dea26f5bfcd01
59429897279d940c256bb969e15063831e50a8989cabd7919b36d8cb66321183
5a47b6155fb230382526bf56de99461dc50b11463b0012a24afebd68a7427ccd
5a91190227662b77e484acef92367d9a0f6c782bfe80a7e9258a707979a8f66c
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
6015072c7421aab840bfa3a3f3b59b9bbb300b3efad980b7b1a1fdad01259f49
6537906d99c79f2fc93594d396c311e98f7327bce1b35e51c698c11bfa12bfa2
66549bd2326c0aa6e6294dfbf8ccb6be0098398449db83f83bec943816d8784e
67c4ef48f843323d10ad812e870989a2b2e371796af95d2e096b0f79a85f054d
68286f1fcd7f534a5b6b8dbc0d2e15d4587a0dc086d84602d3dbea8b80b045ed
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
7255e981e6225c781ba431974053117bbb913103c9139245e14e0c0c406c3056
72dba35b5711e5e5715b29e857a1fd186e7a3a31ea2e91cd5722a07523e2dd80
7372698cd03ddf5407c8ea75ac1e2ea6c35298bddbbd35090454ef9cd9f5a502
750ed6cd11967393a7e2ac206e957c56df5513567f50da9f0dac8351acdf0057
77c0f12ca986aaa1a73d240f662d286d8e30f9804f0e475e7916ad085ce8aeef
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7e9c3c14373f69d6045a3c1814269a798025d7830730f80105ddb4ce994de0e0
7efe592b5a50327d58dfa18f6567de2201967b41d8d15c3360e571bf20b410e5
7f25b60f534f1b0e1a29462489d367cca03d61bc3008420540c064c09c8c8a6f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85b8bc06b70053a31f23b3cea8a06a733c1c756ee85d42414abc81a0579c6ef3
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8c77aa521da9f97a671db4c4f6db45f3fbc3fb8c77729862c005d26ffa6028d0
92a10f6248cf2f0ef7f417d8f726d92ae720855896b3343d6b44ca84c4d785f8
9683817bc66aea604079c4a424a601bd464951521314955fbce85f6969f3b5e4
97dd2ec74759f88b1cb20811c540dbefef59c742d8f451814df4d45631939dc1
9a9e67bdbdf03e544d5603422ad3b7fa38a8437534695cdae940f2a878cf0fb7
9bb771c6af05226308a38c3d3ba95dc834f5b60ba22d01f091e23aa352e7a4cf
9beb150113a5ef1e705d45036fd62c4aebb2f526248b02ea4307e923927a89b1
9f60f7c4431b5dd862cfe25d80217a79667e7fb303a15df3ab89db51c1290277
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f9ed48fbbc5d3c929ddfcf03d09cc1c64042ea49613fca1adbf818468a98d
a1d4073f865044bc14eb43a05f359e10666ab57f8493e0e56f516af75c1b3c3e
a4591efe78791083d025feb840f1fa737d0cd245d0f07206a6325400ea55eb82
a615dd75f48b965fb4fa38f92c20c88ba93163d3e4da54c6eed3720374204131
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
ac9108a7811bc51479676ba86393bf735bf4ca42a05f780fd04184514b90703c
b3f8fd60851ea25465da509b7406bcff926f3eeddffa7769fbea9b485ef84ad8
b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f
b721fdafa934c01607783d679274acfab966b70b1171413b0c7facb82c4fe86e
b8f3c28580447dd9f7dc64b2da3391e8935f7d8587ea7a9c3608200aa170d2ce
ba3e53d4c3a0b818d6bb2ac2e02837a1bf78d2f7fda275835604d5cd02e8d62e
bb9c1a8b154186d5e9c43aed0c01fc47535e49eb9c40364197b172162452465d
bf22d33ad9ba33a825e26a0b39e24740016bb403eb2aeb136688e768bbd0bf2f
bf74b96f1def0d6fd6514daf7bcecee2f11f372ade2f88846a5e92f02199b9f3
bff40abf6f9668fb625ff78c47bcb04eb20055cac9c38728ee9f5aa2fc584db0
c3604d185536e051df3a811f49532143e854d194f83d1a680183561f30bf67bf
ca60b95c7dac3fac4f1807927017b3e2e43479e88644f54dad87a94ca32f82c2
cb7ee65b6053ee9d35489afae01c6252c5b54c09ac70c19418c4a2a01f33edb0
cc516e2380c0c511c04a564d5d4a1195c7e4008ec62ae97095030fdf086cb048
cc6e5bfe26c6d5fba05cda365b41ed9057bbbe4618d691181b9585d87d29fba4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10bd0615dc062df63043b66fe5e2e24faf7120fabd7612e7ac99a2ee8e1fc0d
d12bf7931d767a8186e3165d6f113cabfdf5516fad4f8cca1724bc10d9a54653
d293633e94d92cd639cf8f8dcc6755e77160483c5659c947bf6507bb74c0237f
d512a0fcbd4209e648e9d88a2d9c9aa35bdeea709a0c88365d3bf9256bf88c31
d977fc32dd4bdb0479604abf078f1045b0e922666313f2f42cd71ce7835e0061
db9efaae7a33f9cba05990682e8248af4989fb73193ec0fe5ca452daba443bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57553b4ed44f16e729526e2bfb909e08cc3b443e02e898df0aa1d932bef3473
e6b648b884bcbabc707e364bfbac710ac1683ce3174ce2e7ff20f4269e6a6647
e8ef35e263fc1492446ce0c2ea5dc7af50bc1a316f07b38f08b2a369f6fcde8e
e94e61a96ef3d1e9cd56eb759084399039e93cba0ab599414b644559f3c57c6b
eb9f48b258b376d8065aa55ec115af3340e45307396994fbf3a3ead1dbb7ce14
ed8bbb98180485879916bb9bde37485d08595ced77423f7980caad34f1b8d87b
f123fae1ceff20dea7ee2ff8895276a22cddecc8e0ef503b5e95419e76909a54
f12406cfa8eff599fd6ca73ce88d27000e96a0038fa995a020f0faa6e850e4a9
f3af750dd21fe9a42195a87bb53cdee715bf01ab0f489130534d92271c676401
f425f66d90f1150499b36ab47b56fa6fb1a68136e4f42befca20a920ff85306b
f4c6b15833c6cd5e017ddfe52c52270abcd582be9a7027eb5dbf34bc3d03aa86
f570d9c308d60541fc74ec7274a969d6890fa16f6c6f9b8612aad3f1ff7e3d47
f5fd5281329b78b0587c30689389947b70cf5c3fcfb692a05eb59387d397dd2a
f6a32741d5cad4e3a0eeb9c115073bef55cd3639108e9d90f7cc9626d1112b3b
f7b78e97f8445d885b65a3591db98243797cedebb5abce9e70ebe93b4c4cdacc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8800772f0dd827877029d9d634a170a156ff82b6b6bdf251b62c750b73cfe93
f9385ecf19d3c9a47b063498b5444d251cbe7528ee7af46698c9e25627fb8acc
f9a10fda30bd5303e4c61aa7b688d4a0635c23f071547fa46c9cd8deba27c231
fc87736767a55c9bc7e4d4ff2cd91fecb45f48d43ab17ef20b1e51e75d101ed8
fdcdd7cdb2e8438966b51c69ba0b1258ea36987d86e5f3afc79655a1fcbb6de9
fdf3b5ca512139b90ea3c4ae1d47a8e14a85de2f02112a351b65a1fc4cf422b5

www.evilmilk.com Open in urlscan Pro 2606:4700:e0::ac40:6622 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

100 %HTTPS

33 %IPv6

33 Domains

52 Subdomains

43 IPs

6 Countries

1618 kBTransfer

4240 kBSize

3 Cookies

23 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.evilmilk.com Open in urlscan Pro
2606:4700:e0::ac40:6622 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

52
Subdomains

43
IPs

6
Countries

1618 kB
Transfer

4240 kB
Size

3
Cookies

219 HTTP transactions
1 data transactions