www.1079rgvfm.com Open in urlscan Pro
54.158.23.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mix1079.net/
Effective URL:
https://www.1079rgvfm.com/
Submission: On April 27 via manual (April 27th 2020, 5:54:31 pm UTC) from US

Summary HTTP 250 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 250 HTTP transactions. The main IP is 54.158.23.216, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.1079rgvfm.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 21st 2020. Valid for: 3 months.

This is the only time www.1079rgvfm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 60	54.158.23.216 54.158.23.216	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:678	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.194.36 13.224.194.36	16509 (AMAZON-02) (AMAZON-02)
13	52.216.147.166 52.216.147.166	16509 (AMAZON-02) (AMAZON-02)
5	13.224.194.26 13.224.194.26	16509 (AMAZON-02) (AMAZON-02)
8	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
10	108.128.94.32 108.128.94.32	16509 (AMAZON-02) (AMAZON-02)
6	143.204.89.92 143.204.89.92	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
10	2600:9000:21f... 2600:9000:21f3:b000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.173.28.140 192.173.28.140	13360 (TRITONDIG...) (TRITONDIGITAL)
10	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
20	104.244.37.20 104.244.37.20	7415 (ADSAFE-1) (ADSAFE-1)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:3400:1d:3c3b:7580:93a1	16509 (AMAZON-02) (AMAZON-02)
23	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2 4	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3 9	52.211.146.59 52.211.146.59	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
250	30

60 54.158.23.216 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-23-216.compute-1.amazonaws.com

mix1079.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.1079rgvfm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:678 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e6b (United States)

ASN13335 (CLOUDFLARENET, US)

www.swellinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.194.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-36.fra2.r.cloudfront.net

widgets.listenlive.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.216.147.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.194.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-26.fra2.r.cloudfront.net

u.tentaculos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.128.94.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.89.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-92.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21f3:b000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.173.28.140 (Canada)

ASN13360 (TRITONDIGITAL, CA)

player.listenlive.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.244.37.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: daldt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3400:1d:3c3b:7580:93a1 (United States)

ASN16509 (AMAZON-02, US)

tc.dataxpand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.72 (United States) 2 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.211.146.59 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	1079rgvfm.com www.1079rgvfm.com	689 KB
40	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	458 KB
28	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	54 KB
23	twimg.com cdn.syndication.twimg.com pbs.twimg.com	571 KB
15	crwdcntrl.net 3 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	70 KB
13	amazonaws.com s3.amazonaws.com	671 KB
12	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	108 KB
11	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	455 KB
8	googletagservices.com www.googletagservices.com	154 KB
8	google.com 1 redirects www.google.com adservice.google.com	3 KB
8	mix1079.net 2 redirects mix1079.net	434 B
6	google.de www.google.de adservice.google.de	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	183 KB
6	cookiepro.com cookie-cdn.cookiepro.com	91 KB
5	tentaculos.net u.tentaculos.net	12 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	listenlive.co widgets.listenlive.co player.listenlive.co	157 KB
2	facebook.net connect.facebook.net	117 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	73 KB
1	dataxpand.com tc.dataxpand.com	624 B
1	onetrust.com geolocation.onetrust.com	529 B
1	swellinfo.com www.swellinfo.com	2 KB
250	23

	Domain	Requested by
52	www.1079rgvfm.com	www.1079rgvfm.com platform.twitter.com
22	pbs.twimg.com	www.1079rgvfm.com
20	dt.adsafeprotected.com	www.1079rgvfm.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
13	s3.amazonaws.com	www.1079rgvfm.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.1079rgvfm.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.1079rgvfm.com
10	pixel.adsafeprotected.com	u.tentaculos.net www.1079rgvfm.com
9	bcp.crwdcntrl.net	3 redirects tags.crwdcntrl.net
8	www.googletagservices.com	u.tentaculos.net securepubads.g.doubleclick.net
8	platform.twitter.com	www.1079rgvfm.com platform.twitter.com
8	mix1079.net	2 redirects www.1079rgvfm.com platform.twitter.com
6	tags.crwdcntrl.net	u.tentaculos.net tc.dataxpand.com
6	cookie-cdn.cookiepro.com	www.1079rgvfm.com cookie-cdn.cookiepro.com
5	adservice.google.com	www.googletagservices.com
5	adservice.google.de	www.googletagservices.com
5	fonts.gstatic.com	www.1079rgvfm.com
5	u.tentaculos.net	www.1079rgvfm.com
5	fonts.googleapis.com	www.1079rgvfm.com
4	syndication.twitter.com	2 redirects www.1079rgvfm.com
3	www.google.com	1 redirects www.1079rgvfm.com www.gstatic.com
3	widgets.listenlive.co	www.1079rgvfm.com widgets.listenlive.co
2	connect.facebook.net	www.1079rgvfm.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.1079rgvfm.com
2	www.googletagmanager.com	www.1079rgvfm.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	tc.dataxpand.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	player.listenlive.co	www.1079rgvfm.com
1	www.google.de	www.1079rgvfm.com
1	stats.g.doubleclick.net	1 redirects
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	www.swellinfo.com	www.1079rgvfm.com
250	34

This site contains links to these domains. Also see Links.

Domain
player.listenlive.co
mix1079.net
foxnewssouthtexas.com
www.kiddnation.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.entravision.com
public.entravision.net
www.mix1079.net
search.google.com
publicfiles.fcc.gov
1079mixfm.tumblr.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
1079rgv.com Let's Encrypt Authority X3	`2020-04-21` - `2020-07-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
cookiepro.com CloudFlare Inc ECC CA-2	`2019-08-07` - `2020-08-06`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-18` - `2020-10-09`	a year	crt.sh
*.listenlive.co Amazon	`2019-10-15` - `2020-11-15`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.tentaculos.net Go Daddy Secure Certificate Authority - G2	`2019-01-14` - `2021-03-15`	2 years	crt.sh
mix1079.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-17` - `2020-09-22`	a year	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2018-03-12` - `2020-06-14`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2019-11-01` - `2020-12-01`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
*.dataxpand.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.1079rgvfm.com/
Frame ID: 392CC302EE16C77B36B13060247836EB
Requests: 143 HTTP requests in this frame

Frame: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Frame ID: 62BC7F60065E42A7ABAF22BB36E9BE65
Requests: 16 HTTP requests in this frame

Frame: https://player.listenlive.co/54041/en/songhistory
Frame ID: 517D68B3FE510F0D56EE7C5C589B1BE6
Requests: 1 HTTP requests in this frame

Frame: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Frame ID: 9E1C2D75FD921295E15EB4ABDF4651A6
Requests: 16 HTTP requests in this frame

Frame: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Frame ID: B4AC26165336D3A23DDC0F30A8484078
Requests: 16 HTTP requests in this frame

Frame: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Frame ID: 6FB8FDE6559B05F910AF11BDC2FCC59D
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 0682F6A8F6996FF59CFD9E55C5A5F7C2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fwww.1079rgvfm.com
Frame ID: 74CB1F5C7B1FB6C78E84CA2D2E1D746C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uI8UAAAAAFNsyk2nEbiGWGNTZ9veWDZpLUnX&co=aHR0cHM6Ly93d3cuMTA3OXJndmZtLmNvbTo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=2inmol3ngxqz
Frame ID: C1BC7A3446787D4CC85A0C8FD1866C79
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Frame ID: C92001A2F3E6C2065C77A3F6B3A2BC25
Requests: 29 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 4317ED50C47851ECA2ED66853067171D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 5000A8755250E6961F86420D2F57A8C9
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Frame ID: 3535B901114ECC65C1CEA644AB35A0F1
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Frame ID: 00BE36E4451BA69AD67A22CDF0D411F3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 834EEB494FDED46EFCFCF0CBE6B03207
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 30722E823D4AAE8DBB77FC645CF1524B
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Frame ID: EB262A86F01BE9F99B22FE90851210AC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 385153E3DC4EC4BF0448E4D851826C4F
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=13671/rand=953001989/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Frame ID: C92F8942FDD895CFDB68448D31784FF8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B9D288EE36D935438B00D174B206D265
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 23B5D23E2E4D3077DF3473E525C46C85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: B49007291EB466794B61C55BB5EF16E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 18FAF937D1E9622D8A74D7FD401C4777
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 307E9861771658546656572915174AD5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 371505F38EC5DA1C529DA3EF91C47424
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 0DBABB541E05AAD641EA37F31741F4DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2A6CB9B1C293771D5A50FCCBFDDA39EA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=13671/rand=992745587/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/cmp=1/cmpto=250/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 37CA340F0DD76CA595EEA9F5400EE804
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=12765/rand=960781355/pv=y/cmp=1/cmpto=250/int=%23OpR%2350186%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: F0C34B1EBABCCC548CC2E62D64842697
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5D0FDFE12DC23F7B346F9593C46DDEC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mix1079.net/ HTTP 301
https://mix1079.net/ HTTP 301
https://www.1079rgvfm.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

250
Requests

100 %
HTTPS

60 %
IPv6

23
Domains

34
Subdomains

30
IPs

5
Countries

3890 kB
Transfer

9676 kB
Size

9
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://player.listenlive.co/54041
Title: Listen Live

Search URL Search Domain Scan URL

URL: https://mix1079.net/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://foxnewssouthtexas.com/category/covid19/%20

Search URL Search Domain Scan URL

URL: https://mix1079.net/category/news/
Title: Read our latest Stuff

Search URL Search Domain Scan URL

URL: https://www.kiddnation.com/wants-needs/

Search URL Search Domain Scan URL

URL: https://www.kiddnation.com/overachieving-teachers/

Search URL Search Domain Scan URL

URL: https://mix1079.net/contests/
Title: Contests and Giveaways!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1079mixfm
Title: Facebook 36.8k Followers

Search URL Search Domain Scan URL

URL: https://twitter.com/1079mixfm
Title: Twitter 3.5k Followers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/1079mixfm/
Title: Instagram 2.9k Followers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1079mixfm/
Title: LinkedIn 6 Followers

Search URL Search Domain Scan URL

URL: http://www.entravision.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.entravision.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://public.entravision.net/station/KVLY-FM-EEO/
Title: EEO

Search URL Search Domain Scan URL

URL: http://www.mix1079.net/advertise-here/
Title: Feedback

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJ9QJAb7-gZYYRZfsdcKs4_PI
Title: Review Us

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/kvly
Title: Public FCC File

Search URL Search Domain Scan URL

URL: https://1079mixfm.tumblr.com/
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mix1079.net/ HTTP 301
https://mix1079.net/ HTTP 301
https://www.1079rgvfm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&gjid=1998370566&_gid=917103458.1588010050&_u=YGBAgAAB~&z=1817164617 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617&slf_rd=1&random=2890549051

Request Chain 196

https://bcp.crwdcntrl.net/5/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr

Request Chain 197

https://bcp.crwdcntrl.net/5/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr

Request Chain 199

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 208

https://bcp.crwdcntrl.net/5/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr

Request Chain 217

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

250 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.1079rgvfm.com/
Redirect Chain

http://mix1079.net/
https://mix1079.net/
https://www.1079rgvfm.com/

101 KB
23 KB

1699ms
1482ms

Document
text/html

54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f7370f2cf45602f3187c2ae485038581279c93389efc8aa2466443e2d03d6b2d

Request headers

:method: GET
:authority: www.1079rgvfm.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 27 Apr 2020 17:54:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding, Referer
set-cookie: whatsup=whatsupman; expires=Tue, 27-Apr-2021 17:54:08 GMT; Max-Age=31536000
link: <https://www.1079rgvfm.com/wp-json/>; rel="https://api.w.org/" <https://www.1079rgvfm.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://www.1079rgvfm.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.1079rgvfm.com
fastcgi-cache: MISS
content-encoding: gzip

Redirect headers

status: 301
server: nginx
date: Mon, 27 Apr 2020 17:54:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.1079rgvfm.com/
set-cookie: whatsup=whatsupman; expires=Tue, 27-Apr-2021 17:54:07 GMT; Max-Age=31536000
x-redirect-by: WordPress
fastcgi-cache: MISS
vary: Accept-Encoding, Referer

GET
H2 200 Socicon.woff2
www.1079rgvfm.com/wp-content/plugins/divi-booster/core/icons/socicon/fonts/ 63 KB
63 KB 90ms
90ms Font
application/octet-stream 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff2?87visu
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/
Origin: https://www.1079rgvfm.com

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
last-modified: Sat, 21 Mar 2020 06:45:14 GMT
server: nginx
etag: "5e75b7fa-fc00"
vary: Accept-Encoding, Referer
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 64512

GET
H2 200 common-skeleton.min.css
www.1079rgvfm.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 26 KB
5 KB 179ms
174ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3699e9a8168525eb97795c72bb6315a198b4b18d9c914cc9f3a17fb2c79d1615

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:33:21 GMT
server: nginx
etag: W/"5ea241e1-677c"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.min.css
www.1079rgvfm.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
789 B 179ms
175ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:33:21 GMT
server: nginx
etag: W/"5ea241e1-662"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.1079rgvfm.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 179ms
175ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 14:18:07 GMT
server: nginx
etag: W/"5e84a29f-d0f1"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
www.1079rgvfm.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
887 B 180ms
175ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Sat, 07 Mar 2020 13:33:44 GMT
server: nginx
etag: W/"5e63a2b8-6d2"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp_head.css
www.1079rgvfm.com/wp-content/uploads/wtfdivi/ 4 KB
1 KB 180ms
175ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/uploads/wtfdivi/wp_head.css?ver=1585058259
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d1eb8139f60300bfd63ae9550f6d40b0c5c532f5797b15ca1fa1ef443caf3a0e

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 18:26:13 GMT
server: nginx
etag: W/"5ea08c45-f0d"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.1079rgvfm.com/wp-content/plugins/divi-custom-type-blog-grid// 3 KB
1 KB 180ms
176ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/divi-custom-type-blog-grid//style.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ba89406e7f5a3500a271c9b7479c351e85f57a4f51490929b0057362527b0237

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2019 20:02:27 GMT
server: nginx
etag: W/"5cdb1ed3-a32"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpfc-public.css
www.1079rgvfm.com/wp-content/plugins/gs-facebook-comments/public/css/ 98 B
296 B 180ms
176ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/gs-facebook-comments/public/css/wpfc-public.css?ver=1.5
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
last-modified: Wed, 27 Nov 2019 01:34:04 GMT
server: nginx
etag: "5dddd28c-62"
vary: Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 98
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.1079rgvfm.com/wp-content/plugins/monarch/css/ 113 KB
13 KB 267ms
263ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/monarch/css/style.css?ver=1.4.12
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 21:30:26 GMT
server: nginx
etag: W/"5c8824f2-1c56d"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
734 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 17:54:09 GMT
server: ESF
date: Mon, 27 Apr 2020 17:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 17:54:09 GMT

GET
H2 200 style.css
www.1079rgvfm.com/wp-content/themes/Divi/ 774 KB
79 KB 267ms
264ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/style.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 119f3bef7cb4772ed350f752eac7350fea20894b639dbab0f048bf4d16d39a1e

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: W/"5e7ef01e-c172f"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 32ms
17ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 17:54:09 GMT
server: ESF
date: Mon, 27 Apr 2020 17:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 17:54:09 GMT

GET
H2 200 style.css
www.1079rgvfm.com/wp-content/themes/Divi-child/ 6 KB
2 KB 267ms
264ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi-child/style.css?ver=1.1
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c0915f65d32fde84ff4ca81b0f4b662c33ba337aa2b45a9002e07af33521fb81

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 20:38:38 GMT
server: nginx
etag: W/"5dc9c6ce-18b5"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
702 B 33ms
19ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A200%2C300%2Cregular%2C500%2C600%2C700&ver=5.4

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c37246521fd589627a4b7fd6a84dccf3c4f6aecbcfafa0b7041f7096bc9a1210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 17:54:09 GMT
server: ESF
date: Mon, 27 Apr 2020 17:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 17:54:09 GMT

GET
H2 200 titan-framework-ect-css.css
www.1079rgvfm.com/wp-content/uploads/ 12 KB
2 KB 267ms
264ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/uploads/titan-framework-ect-css.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae4670726a8f39d73693f7fae3e6201cc432f61cbfd7ff0abdb0fe90cb7309fa

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 18:26:13 GMT
server: nginx
etag: W/"5ea08c45-302f"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 775 B
435 B 38ms
23ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monda%3A500%2C400&subset=latin%2Clatin-ext&ver=5.4

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b14ca5c3f98c0836ca28f1cbf9ad7a40453f839d80c11b2ede5aa66f522381f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 17:54:09 GMT
server: ESF
date: Mon, 27 Apr 2020 17:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 17:54:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 31ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3Ainherit%2Cinherititalic%2C400&subset=latin%2Clatin-ext&ver=5.4

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6148d31d6fc92f251a3601ddbf2310b627adcf3ec22f80c5c04ad4618326f7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 17:54:09 GMT
server: ESF
date: Mon, 27 Apr 2020 17:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Apr 2020 17:54:09 GMT

GET
H2 200 dashicons.min.css
www.1079rgvfm.com/wp-includes/css/ 46 KB
28 KB 267ms
264ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/css/dashicons.min.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 20:01:26 GMT
server: nginx
etag: W/"5ce45916-b9c6"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-featherlight.min.css
www.1079rgvfm.com/wp-content/plugins/wp-featherlight/css/ 5 KB
2 KB 267ms
264ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.2
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 13:33:38 GMT
server: nginx
etag: W/"5e946a32-13d1"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 teccc_29df64880fc9a57b2d6ac1f0df2131db.min.css
www.1079rgvfm.com/wp-content/uploads/ 58 KB
4 KB 267ms
265ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/uploads/teccc_29df64880fc9a57b2d6ac1f0df2131db.min.css?ver=6.4.9
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7f64215e2f8b42e3d2d87973df6904195818cc5f9b1cd12f9579178303e317d5

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 01:36:39 GMT
server: nginx
etag: W/"5e97b6a7-e731"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
www.1079rgvfm.com/wp-includes/js/jquery/ 95 KB
33 KB 268ms
265ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 20:01:26 GMT
server: nginx
etag: W/"5ce45916-17a69"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.1079rgvfm.com/wp-includes/js/jquery/ 10 KB
4 KB 268ms
266ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2016 13:08:20 GMT
server: nginx
etag: W/"57693c44-2748"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpfc-public.js Show response
www.1079rgvfm.com/wp-content/plugins/gs-facebook-comments/public/js/ 838 B
709 B 268ms
266ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/gs-facebook-comments/public/js/wpfc-public.js?ver=1.5
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 01:34:04 GMT
server: nginx
etag: W/"5dddd28c-346"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 es6-promise.auto.min.js Show response
www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/ 7 KB
3 KB 268ms
266ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: W/"5e7ef01e-1aa1"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha.js Show response
www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/ 2 KB
942 B 268ms
266ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: gzip
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: W/"5e7ef01e-6a0"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 11 KB
4 KB 81ms
59ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: G/X2RBBTDYd/Pr5BumVN6w==
age: 6095
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f78f2000005bba48a3200000001
x-ms-lease-status: unlocked
last-modified: Fri, 17 Apr 2020 16:41:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 17a15eab-401e-004e-14d9-1416c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 58aa683b1e0b05bb-FRA

GET
H2 200 getWidget.1532478638.js Show response
www.swellinfo.com//widget/js/ 6 KB
2 KB 110ms
52ms Script
application/javascript 2606:4700::6812:1e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swellinfo.com//widget/js/getWidget.1532478638.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4560a4a9e72ead9f48eedd468225200e9c5d8436bb35c1e708ebac0289d01c6d

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1477325
cf-polished: origSize=5693
status: 200
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 025e5f7916000005d83aa56200000001
last-modified: Wed, 25 Jul 2018 10:48:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 58aa683b59b105d8-FRA
expires: Sun, 10 May 2020 15:32:02 GMT

GET
H2 200 tdwidgets.min.js Show response
widgets.listenlive.co/1.0/ 479 KB
156 KB 188ms
8ms Script
application/javascript 13.224.194.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484e96df09f709e8553e1bbdb3be7b22b9710774c2b9cac228afee39c83d9ba7

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:34:09 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 10:21:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1583144466/atime:1583144466/md5:64bfadf9f16ff46af9fab5fbbe7d7f86/ctime:1583144468
age: 1236
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: LnY052ZEKKmtPhAk0iye79rns0fzXhjRJS9oMN85IOsEvnLPKto_ww==
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)

GET
H/1.1 200
OK Untitled-2-1.png
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 34 KB
35 KB 381ms
104ms Image
image/png 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/Untitled-2-1.png
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff32cb819778ca4ead5bfa0bf251566cc96f773ea754f4068473513a1e73e321

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Wed, 15 Apr 2020 19:38:24 GMT
Server: AmazonS3
x-amz-request-id: 3514707FC4FEA566
ETag: "28082851a76f4791fb2a7f7a84531608"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 35151
x-amz-id-2: EtBwWgvLrEz8HO49SWHj4tEGF8OfJiK3zLe0rlkkm/57c8/L3eBYsy78hioFUbRh30L0TrCG11g=
Expires: Thu, 15 Apr 2021 19:38:23 GMT

GET
H/1.1 200
OK t.js Show response
u.tentaculos.net/c8ae3b57-9fe2-11e8-bc82-0685dc1fc043/ 2 KB
2 KB 452ms
393ms Script
binary/octet-stream 13.224.194.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://u.tentaculos.net/c8ae3b57-9fe2-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca6787fdc2e2c2be6dc963f1b726568fad4020000673e407aaad7cd088a2dd79

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Jan 2019 18:30:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "02eda58d7be44613929623ed56f43f04"
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1983
X-Amz-Cf-Id: lqFmh-dSCwnp0gm4aoAF2S3_PlVoAsDYfSz1DANnilFRCB7kLs-iMw==

GET
H/1.1 200
OK jgonzalez_generic_728x90.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 29 KB
29 KB 425ms
145ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/jgonzalez_generic_728x90.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d3c56e150615c0ad5f18c5bfa15bec1327a9ee6c52fab694ab033fe5b12c69c3

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Wed, 15 Apr 2020 20:03:57 GMT
Server: AmazonS3
x-amz-request-id: DF4381F6F7727131
ETag: "6595351bb827080ee0a3b1bef1ea5696"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 29370
x-amz-id-2: UDavTXMbsxDm9VWjMGdJM9SS5UbOles5XosSwhDTT7Pl/mqMXVnIY5EtoqjWeMdCFhLxeGdQDu4=
Expires: Thu, 15 Apr 2021 20:03:56 GMT

GET
H/1.1 200
OK rgv-playlist.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 219 KB
220 KB 415ms
135ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/rgv-playlist.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 167b48b9013922730d4f06f9e05261e6e9c8dc48d5655d337ffa8f43aa780f3a

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Fri, 17 Apr 2020 21:24:16 GMT
Server: AmazonS3
x-amz-request-id: 4A0F92A5559E31F8
ETag: "c72b54813e6e1ccf3af3d89e1aec22d4"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 224587
x-amz-id-2: RnuRgN8WtGydgCuWuhjks4GlrM4Z0dfoIlfLLmrQM5Q++ujoqCdeF6YRQpMZIDbAudVXrHWVQB0=
Expires: Sat, 17 Apr 2021 21:24:15 GMT

GET
H2 404 Roxy_OTA-5.png
mix1079.net/wp-content/uploads/2020/04/ 0
0 102ms
95ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2020/04/Roxy_OTA-5.png
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 TWITTER-GIFT.gif
mix1079.net/wp-content/uploads/2020/04/ 0
0 103ms
95ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2020/04/TWITTER-GIFT.gif
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK TWITTER-GIFT.gif
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 162 KB
163 KB 441ms
153ms Image
image/gif 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/TWITTER-GIFT.gif
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 903e1e7851b32735004d60eca139129cd3053077d5cafbd21f706d731d9399b8

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Mon, 20 Apr 2020 15:02:03 GMT
Server: AmazonS3
x-amz-request-id: 27E9876F4BDF93F2
ETag: "f4889a856bbf069ddfaf164e22d72770"
Content-Type: image/gif
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 166398
x-amz-id-2: X2UdUhxB/+a3qqXpE7zlSmlui92QLxx8TtXnB3Xa3fNswayqAA0wMCZtlhDSezoL22+6OHTayUc=
Expires: Tue, 20 Apr 2021 15:02:02 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 25ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29121
x-served-by: cache-bwi5141-BWI, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 20:48:50 GMT
etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK CORONAVIRUS-1280x720.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 37 KB
37 KB 406ms
115ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/CORONAVIRUS-1280x720.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb6dfba80dfcb7cdaab810ef1f02bdde701b306bfdcbf71cdbb44177bc3dded2

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Sun, 15 Mar 2020 20:52:14 GMT
Server: AmazonS3
x-amz-request-id: 4D3B5C8050AB53E3
ETag: "deae4d327747f0088a3493ec6402f1b2"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 37446
x-amz-id-2: ulcRtw2TEz5Gyy4hBAe7qNMhWAEXZfJcQAWRm2T/4xrUh/WFOkJhXuprs9mB0vRKUAFLezg5kD0=
Expires: Mon, 15 Mar 2021 20:52:13 GMT

GET
H2 200 mix1079_stayhome-1-400x250.jpg
www.1079rgvfm.com/wp-content/uploads/2020/04/ 25 KB
25 KB 191ms
184ms Image
image/jpeg 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1079rgvfm.com/wp-content/uploads/2020/04/mix1079_stayhome-1-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 901c6795bfbc66b085d00a91386e3111c4b8495d9b4a47d40181fc980b290924

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
last-modified: Wed, 01 Apr 2020 14:25:06 GMT
server: nginx
etag: "5e84a442-627a"
vary: Accept-Encoding, Referer
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25210
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK analysis-reveals-states-consuming-most-alcohol-while-on-lockdown-400x250.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 14 KB
14 KB 415ms
123ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/analysis-reveals-states-consuming-most-alcohol-while-on-lockdown-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 396756cb280d94500ca3289dadf1fa045a54efc7406fb9fa47df9f539227531b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Sat, 28 Mar 2020 06:15:38 GMT
Server: AmazonS3
x-amz-request-id: 4CB19C3360991071
ETag: "be6a3dd2bf5ffde5438d3a4fdc4b966c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14334
x-amz-id-2: VrGuAe4shm7dLsGyicWe2r3pEYwOe6KlW9MWzVVm4CYR+hteS3JjzjxNairVjo7xhIYMfD5v1hw=
Expires: Sun, 28 Mar 2021 06:15:36 GMT

GET
H/1.1 200
OK Stay-Positive-400x250.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 16 KB
16 KB 104ms
104ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/Stay-Positive-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 047d4e99dae7f1f2fd494a03ad1a65571fba500d0e15b51cabc9005fe99d5f47

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Tue, 24 Mar 2020 14:03:06 GMT
Server: AmazonS3
x-amz-request-id: B9151F57008F3FA6
ETag: "d9e66e8e5c25c13425a66bc85385b8a1"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 16415
x-amz-id-2: ESjnQFzRe97JSgnUZuU9vHcw6AI77cYz+PK2bZuY729U8GwO8FBQbbvvHOMNm2IeleDfwARFv/Q=
Expires: Wed, 24 Mar 2021 14:03:04 GMT

GET
H/1.1 200
OK Three-Ways-to-Stay-Positive-During-the-Coronavirus-Outbreak-400x250.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 12 KB
12 KB 161ms
161ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/Three-Ways-to-Stay-Positive-During-the-Coronavirus-Outbreak-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36b14e1fa247823fa5d4cb6f73650d87ef6b75d45a7b4f1d2b5286304975e4fe

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Mon, 23 Mar 2020 15:45:35 GMT
Server: AmazonS3
x-amz-request-id: 4537C9AFE7894804
ETag: "704e668e5ead4ac07271bbaa804c87f2"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 12281
x-amz-id-2: P8iEX3t9LzrZselvfXamuOyB2oQPsOd0kFRwdMK3OW+PWHcNGwq/e2sZ8XenjKOfe3kPxME+vjU=
Expires: Tue, 23 Mar 2021 15:45:33 GMT

GET
H/1.1 200
OK headline1280-58-400x250.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 24 KB
25 KB 129ms
128ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/headline1280-58-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9f63df0f68a3a174fb0b7ec26481426500707206ffea3c90052c153d27fa7259

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Fri, 20 Mar 2020 14:57:51 GMT
Server: AmazonS3
x-amz-request-id: BEF3516BD58D7459
ETag: "1d9e921e9c2d0d10e909f2bead125688"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 24860
x-amz-id-2: W4uDZ7opOzu9l6UUVX9k+DWSV6kq6wbNI4IELGw5Zmi3OMPH4xU5fU7b1NLFeXaTijl6ahukwDU=
Expires: Sat, 20 Mar 2021 14:57:49 GMT

GET
H/1.1 200
OK headline1280-57-400x250.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 15 KB
16 KB 104ms
104ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/headline1280-57-400x250.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ce8666e71fcec815ac27c467604b433403ef6d3dc27b2a8a25f0f9f81ba9b5ca

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Wed, 18 Mar 2020 20:07:22 GMT
Server: AmazonS3
x-amz-request-id: E6B66C37B269BF0E
ETag: "c532a6535e33e3909e369fbe412abb63"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 15731
x-amz-id-2: vVeDhqEIb3efaDn+H2G8MZfWf/BfN7LYX9hH6VVldIN194R512eYFRSQUuirBtPKTJ+4OSRxDpM=
Expires: Thu, 18 Mar 2021 20:07:20 GMT

GET
H/1.1 200
OK Ricky_enrique_RTW_english-600x338.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 33 KB
33 KB 120ms
120ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/Ricky_enrique_RTW_english-600x338.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 32e3cc58e6761585f4eb6248ebe1e1ad1d72c8e3fb3bf102d6ec260891f1ccf5

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Sun, 08 Mar 2020 18:25:13 GMT
Server: AmazonS3
x-amz-request-id: 7A071732F74F4A8F
ETag: "a55f7ac49b079573761e1a3c6479a936"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 33680
x-amz-id-2: yEsg1Irn1Fl34GzodZncqNjAEb77ppAnYnSQI3506y3SnPAZzRULEyRe6s65iyaFsvWCd974H3g=
Expires: Mon, 08 Mar 2021 18:25:12 GMT

GET
H/1.1 200
OK JUANES_RTW_FB_1080x1920-600x338.jpg
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 35 KB
36 KB 98ms
98ms Image
image/jpeg 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/JUANES_RTW_FB_1080x1920-600x338.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73708e87e1997658c326e842f32c0d22fccb5b81e04a141e89aa2b9b50e27d89

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Last-Modified: Thu, 06 Feb 2020 15:15:36 GMT
Server: AmazonS3
x-amz-request-id: 378401B5DF4F99BD
ETag: "3023e446db36a5b1ac3b2b15a47be37c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 36237
x-amz-id-2: PLFRC7+11gQRh1TUCfCUhOHUmad45UwzKhi8Sxeb4vVCg177CO1zWZ/WqhVzYwp6mujQY6OaRFc=
Expires: Fri, 05 Feb 2021 15:15:35 GMT

GET
H2 200 FLUFFY-600x600.jpg
www.1079rgvfm.com/wp-content/uploads/2020/04/ 102 KB
102 KB 190ms
185ms Image
image/jpeg 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1079rgvfm.com/wp-content/uploads/2020/04/FLUFFY-600x600.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f2e3b25d45ce81f463784f0409ba98d7b7730cc8cda7ea272183e35203db3307

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
last-modified: Wed, 01 Apr 2020 16:13:09 GMT
server: nginx
etag: "5e84bd95-196ab"
vary: Accept-Encoding, Referer
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104107
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.1079rgvfm.com/wp-includes/js/ 14 KB
5 KB 191ms
186ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 14:18:07 GMT
server: nginx
etag: W/"5e84a29f-364d"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 59ms
42ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53380916-1

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12f48f421f15e935f02a28d43d3ca23afa70e7ad88e2b1fc3d47f4c8a4c1ff4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30162
x-xss-protection: 0
last-modified: Mon, 27 Apr 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Apr 2020 17:54:10 GMT

GET
H2 404 jaon.css
www.1079rgvfm.com/wp-content/plugins/joan/ 0
0 91ms
90ms Stylesheet
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/joan/jaon.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 mediaelementplayer-legacy.min.css
www.1079rgvfm.com/wp-includes/js/mediaelement/ 11 KB
3 KB 99ms
89ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Nov 2019 21:26:41 GMT
server: nginx
etag: W/"5dcb2391-2ca1"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.css
www.1079rgvfm.com/wp-includes/js/mediaelement/ 4 KB
1 KB 99ms
90ms Stylesheet
text/css 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Nov 2019 21:26:41 GMT
server: nginx
etag: W/"5dcb2391-105a"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
889 B 58ms
37ms Script
text/javascript 2a00:1450:4001:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc-uI8UAAAAAFNsyk2nEbiGWGNTZ9veWDZpLUnX&ver=3.0

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e45c6c499e88025f8329abd69591c0cd2d1d85e2900d7e9f802d1562d1b1fffb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 478
x-xss-protection: 1; mode=block
expires: Mon, 27 Apr 2020 17:54:10 GMT

GET
H2 200 idle-timer.min.js Show response
www.1079rgvfm.com/wp-content/plugins/monarch/js/ 2 KB
1 KB 99ms
90ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 21:30:26 GMT
server: nginx
etag: W/"5c8824f2-9d6"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.js Show response
www.1079rgvfm.com/wp-content/plugins/monarch/js/ 26 KB
6 KB 100ms
91ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Mar 2019 21:30:26 GMT
server: nginx
etag: W/"5c8824f2-6703"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.unified.js Show response
www.1079rgvfm.com/wp-content/themes/Divi/js/ 392 KB
109 KB 104ms
94ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/js/custom.unified.js?ver=4.4.2
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 78d3853de941381f0d174d721af7979d76118890eaa15cd1bc212224ebdac112

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: W/"5e7ef01e-621bb"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 common.js Show response
www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/ 1 KB
807 B 116ms
106ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.4.2
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: W/"5e7ef01e-550"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpFeatherlight.pkgd.min.js Show response
www.1079rgvfm.com/wp-content/plugins/wp-featherlight/js/ 14 KB
5 KB 116ms
107ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.2
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 13:33:38 GMT
server: nginx
etag: W/"5e946a32-37db"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp_footer.js Show response
www.1079rgvfm.com/wp-content/uploads/wtfdivi/ 2 KB
1 KB 117ms
108ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/uploads/wtfdivi/wp_footer.js?ver=1585058259
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9205d516a143abc19c57aad8293e3b4f4cb69401cac2be59f8be47e18bc24289

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 18:26:13 GMT
server: nginx
etag: W/"5ea08c45-8c4"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 legend-superpowers.js Show response
www.1079rgvfm.com/wp-content/plugins/the-events-calendar-category-colors/src/resources/ 4 KB
2 KB 117ms
108ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/the-events-calendar-category-colors/src/resources/legend-superpowers.js?ver=6.4.9
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1138803ef7416dcf4ada6d463d1550d251852525044c2a70d7bea46a5ae570d2

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Fri, 28 Feb 2020 20:57:02 GMT
server: nginx
etag: W/"5e597e9e-e93"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.1079rgvfm.com/wp-includes/js/ 1 KB
999 B 117ms
108ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/wp-embed.min.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 14:18:07 GMT
server: nginx
etag: W/"5e84a29f-59a"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joan.js Show response
www.1079rgvfm.com/wp-content/plugins/joan/ 3 KB
1 KB 117ms
109ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/joan/joan.js?ver=1.0.0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b141a03480eef7d27930f85d68513e1342c4e971de45f023902a3a217c87c

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Mon, 20 Jan 2020 20:56:51 GMT
server: nginx
etag: W/"5e261413-bda"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
www.1079rgvfm.com/wp-includes/js/mediaelement/ 157 KB
39 KB 190ms
182ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Nov 2019 21:26:41 GMT
server: nginx
etag: W/"5dcb2391-272c5"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
www.1079rgvfm.com/wp-includes/js/mediaelement/ 1 KB
775 B 191ms
183ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Nov 2019 21:26:41 GMT
server: nginx
etag: W/"5dcb2391-4a9"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
www.1079rgvfm.com/wp-includes/js/mediaelement/ 907 B
704 B 192ms
184ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 14:18:07 GMT
server: nginx
etag: W/"5e84a29f-38b"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 425a3692-26be-4179-a08e-a78ee2cac307.json Show response
cookie-cdn.cookiepro.com/consent/425a3692-26be-4179-a08e-a78ee2cac307/ 1 KB
1 KB 67ms
52ms XHR
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/425a3692-26be-4179-a08e-a78ee2cac307/425a3692-26be-4179-a08e-a78ee2cac307.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a9770fc4812c92e10fb2a8458515b2513a433d06a41ae4c856ef23e3ab3c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: CLvc3sPHGt+H0P/GNmPkSA==
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f7a5e00000614b8b6f200000001
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 20:47:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a5b87e21-901e-00b9-43f0-193c57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 58aa683d6bc50614-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 379 KB
43 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CP2DG

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

873f2ba5e86c912d621926e4de582ea92fe9ffd639210c0adf9e323244ddd632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 44138
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:10 GMT

GET
H2 200 translation.json Show response
widgets.listenlive.co/1.0/locale/fr/ 108 B
665 B 184ms
161ms XHR
application/json 13.224.194.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.listenlive.co/1.0/locale/fr/translation.json?_=1588010050188
Requested by: Host: widgets.listenlive.co
URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66fb86e518acc652b76b589d8c750f4a5161fe71a9718e68f61068907f93793

Request headers

accept: */*
Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
status: 200
content-length: 108
last-modified: Mon, 02 Mar 2020 10:21:54 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1583144411/atime:1583144411/md5:e9fa563b8d61bb1f96461ffa9f05d5d6/ctime:1583144468
etag: "e9fa563b8d61bb1f96461ffa9f05d5d6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: 2W7yT0ALx-STeOl7vP0JCBAAH8hT-X5puNvawYH6XOi87M0gMYE_8A==

GET
H2 200 translation.json Show response
widgets.listenlive.co/1.0/locale/en/ 9 B
562 B 151ms
128ms XHR
application/json 13.224.194.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.listenlive.co/1.0/locale/en/translation.json?_=1588010050188
Requested by: Host: widgets.listenlive.co
URL: https://widgets.listenlive.co/1.0/tdwidgets.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-36.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0071a81f757af8ce22343643a56b045ae7d1b7f26d617129e4e0251e8b6ca93

Request headers

accept: */*
Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
status: 200
content-length: 9
last-modified: Mon, 02 Mar 2020 10:21:54 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1583144411/atime:1583144411/md5:0b1e24aab9885c92a5b097dd32ac03e9/ctime:1583144468
etag: "0b1e24aab9885c92a5b097dd32ac03e9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: INKesfJfmteS1SsFZPGWHuHErk_fzoapTRbw2kW0TEmC2kNPR3ok4Q==

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.1079rgvfm.com

Response headers

date: Fri, 03 Apr 2020 00:59:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 2134485
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sat, 03 Apr 2021 00:59:25 GMT

GET
H2 200 modules.ttf
www.1079rgvfm.com/wp-content/themes/Divi/core/admin/fonts/ 90 KB
91 KB 94ms
90ms Font
application/octet-stream 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/themes/Divi/style.css?ver=5.4
Origin: https://www.1079rgvfm.com

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
last-modified: Sat, 28 Mar 2020 06:35:10 GMT
server: nginx
etag: "5e7ef01e-168f0"
vary: Accept-Encoding, Referer
content-type: application/octet-stream
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 92400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 17ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.1079rgvfm.com

Response headers

date: Wed, 15 Apr 2020 23:49:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1015466
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Thu, 15 Apr 2021 23:49:44 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/ 326 KB
59 KB 36ms
36ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: q5TV2UTKwEiG982GRjoWWw==
age: 5661
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f7aad000005bba48d4200000001
x-ms-lease-status: unlocked
last-modified: Sun, 19 Jan 2020 08:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f4116ac9-001e-005f-1c05-d18c71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 58aa683de9e905bb-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 161 B
529 B 66ms
45ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b9b9c50fd14ec46d7bafe5857e5aeeb945e25a79f678f31f02d2c2761e5971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 58aa683e5e2ad6d9-FRA
cf-request-id: 025e5f7af60000d6d958bba200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CP2DG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3470
date: Mon, 27 Apr 2020 16:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 27 Apr 2020 18:56:20 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/425a3692-26be-4179-a08e-a78ee2cac307/1759614a-d7e1-46a5-905c-edf4b9add87f/ 92 KB
12 KB 61ms
60ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/425a3692-26be-4179-a08e-a78ee2cac307/1759614a-d7e1-46a5-905c-edf4b9add87f/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d80f91d70c982eeb3d462e518193ff49c4ebe0b2fcd1086b28d048070c996bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: oLwVOjB6iSV4Z8Um/tdJbg==
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f7b2a00000614b8b85200000001
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jan 2020 20:47:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8cab6970-201e-00ac-5c85-1a2be4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 58aa683ea9120614-FRA

GET
H2 200 collect
www.google-analytics.com/ 35 B
197 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1242346574&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1079rgvfm.com%2F&ul=en-us&de=UTF-8&dt=107.9%20RGV%20FM%20%7C%201-888-691-1079&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1044928408&gjid=1998370566&cid=1539618414.1588010050&tid=UA-53392111-1&_gid=917103458.1588010050&gtm=2wg4f05CP2DG&cd9=Global&cd17=0&z=683441978

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Apr 2020 22:54:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1623573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&gjid=1998370566&_gid=917103458.1588010050&_u=YGBAgAAB~&z=1817164617
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617&slf_rd=1&random=2890549051

42 B
478 B

28ms
17ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617&slf_rd=1&random=2890549051

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53392111-1&cid=1539618414.1588010050&jid=1044928408&_v=j81&z=1817164617&slf_rd=1&random=2890549051
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/assets/ 15 KB
3 KB 80ms
80ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: vs/gsO9tV0OXmh/ItWBsNA==
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f7b6d00000614b8b93200000001
x-ms-lease-status: unlocked
last-modified: Sun, 19 Jan 2020 08:09:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bd4635f0-501e-0089-1385-1a8298000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 58aa683f1a8d0614-FRA

GET
H2 200 otPcPopup.json Show response
cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/assets/ 68 KB
13 KB 53ms
53ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/assets/otPcPopup.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/old/scripttemplates/5.11.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e891f7c4f6d8bed7e8accd954579e237bce77dee93a2b8ec6179a1709dcc9f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: jRtnVDHx2as2i5IDGALjIw==
status: 200
vary: Accept-Encoding
cf-request-id: 025e5f7b6d00000614b8b94200000001
x-ms-lease-status: unlocked
last-modified: Sun, 19 Jan 2020 08:09:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a3aae0b1-201e-00ac-1f75-182be4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 58aa683f1a8f0614-FRA

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ 45 KB
13 KB 120ms
58ms Script
application/javascript 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-1x1----ROS-&placementId=c8ae3b57-9fe2-11e8-bc82-0685dc1fc043&adsafe_par
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/c8ae3b57-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c27f5817aadf61348b8933846226f88bd9b870346a4eb6b845035d47e5886d17

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13671/ 38 KB
11 KB 30ms
15ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/c8ae3b57-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 27 Apr 2020 14:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:22:31 GMT
server: AmazonS3
age: 13725
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: V9OIrQ_CTaT3XuuigL_-wmFFsMOun4s-bru2XtEThO6V03dOJiE9WQ==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
15 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: u.tentaculos.net
URL: https://u.tentaculos.net/c8ae3b57-9fe2-11e8-bc82-0685dc1fc043/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a9a53271f48b09783e1316b8c5b5314762ed654ef890cb35e840cb99012ed4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "498 / 542 of 1000 / last-modified: 1588003827"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14437
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:10 GMT

GET
H2 200 main.gr.19.8.72.js Show response
static.adsafeprotected.com/ 171 KB
56 KB 30ms
8ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.72.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-1x1----ROS-&placementId=c8ae3b57-9fe2-11e8-bc82-0685dc1fc043&adsafe_par
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 21:28:49 GMT
content-encoding: gzip
age: 419122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Apr 2020 21:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: YRyDK8wPA.IwdO9So8c30gDCgnFA3crL
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: kdWrYjAfgJGedmVgzdE-ZV6lHiXLNb3xURTI2lv6_qznyLCrRgXlJQ==

GET
H2 404 jaon.css
www.1079rgvfm.com/wp-content/plugins/joan/ 0
0 90ms
90ms Stylesheet
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/joan/jaon.css?ver=5.4
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 iframe.html Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 62BC 148 B
304 B 90ms
90ms Document
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec13e7bf171efd1c7e07341ede1e4e542a5a01c831090ad45211c4c3c208a66c

Request headers

:method: GET
:authority: www.1079rgvfm.com
:scheme: https
:path: /wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
server: nginx
date: Mon, 27 Apr 2020 17:54:10 GMT
content-type: text/html; charset=utf-8
content-length: 148
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
etag: "5b899442-94"
vary: Accept-Encoding, Referer
accept-ranges: bytes

GET
H/1.1 200
OK songhistory
player.listenlive.co/54041/en/ Frame 517D 0
0 1482ms
794ms Document
text/html 192.173.28.140
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://player.listenlive.co/54041/en/songhistory
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 192.173.28.140 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.5.9
Resource Hash

Request headers

Host: player.listenlive.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.1079rgvfm.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

Date: Mon, 27 Apr 2020 17:54:11 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.5.9
Expires: Mon, 27 Apr 2020 17:55:12 GMT
Cache-Control: public, max-age=60
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8412
nnCoection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 9E1C 148 B
304 B 90ms
89ms Document
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec13e7bf171efd1c7e07341ede1e4e542a5a01c831090ad45211c4c3c208a66c

Request headers

:method: GET
:authority: www.1079rgvfm.com
:scheme: https
:path: /wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
server: nginx
date: Mon, 27 Apr 2020 17:54:10 GMT
content-type: text/html; charset=utf-8
content-length: 148
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
etag: "5b899442-94"
vary: Accept-Encoding, Referer
accept-ranges: bytes

GET
H2 404 filler_728x90.jpg
mix1079.net/wp-content/uploads/2018/06/ 0
0 94ms
94ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2018/06/filler_728x90.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 filler_300x600.jpg
mix1079.net/wp-content/uploads/2018/06/ 0
0 94ms
94ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2018/06/filler_300x600.jpg
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v31/ 25 KB
25 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald%3A200%2C300%2Cregular%2C500%2C600%2C700&ver=5.4
Origin: https://www.1079rgvfm.com

Response headers

date: Thu, 23 Apr 2020 17:39:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:42 GMT
server: sffe
age: 346505
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25376
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:39:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 27ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 28ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ 237 KB
86 KB 27ms
14ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:10 GMT

GET
H2 200 iframe.html Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame B4AC 148 B
304 B 90ms
90ms Document
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec13e7bf171efd1c7e07341ede1e4e542a5a01c831090ad45211c4c3c208a66c

Request headers

:method: GET
:authority: www.1079rgvfm.com
:scheme: https
:path: /wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
server: nginx
date: Mon, 27 Apr 2020 17:54:10 GMT
content-type: text/html; charset=utf-8
content-length: 148
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
etag: "5b899442-94"
vary: Accept-Encoding, Referer
accept-ranges: bytes

GET
H2 200 iframe.html Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 6FB8 148 B
304 B 90ms
90ms Document
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec13e7bf171efd1c7e07341ede1e4e542a5a01c831090ad45211c4c3c208a66c

Request headers

:method: GET
:authority: www.1079rgvfm.com
:scheme: https
:path: /wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
server: nginx
date: Mon, 27 Apr 2020 17:54:10 GMT
content-type: text/html; charset=utf-8
content-length: 148
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
etag: "5b899442-94"
vary: Accept-Encoding, Referer
accept-ranges: bytes

GET
H2 404 pexels-photo-1763067.jpg
mix1079.net/wp-content/uploads/2019/05/ 0
0 94ms
94ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2019/05/pexels-photo-1763067.jpg
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 pexels-photo-1916819-1.jpg
mix1079.net/wp-content/uploads/2019/05/ 0
0 94ms
94ms Image
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mix1079.net/wp-content/uploads/2019/05/pexels-photo-1916819-1.jpg
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 monarch.ttf
www.1079rgvfm.com/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 90ms
90ms Font
application/octet-stream 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/monarch/css/style.css?ver=1.4.12
Origin: https://www.1079rgvfm.com

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
last-modified: Tue, 12 Mar 2019 21:30:26 GMT
server: nginx
etag: "5c8824f2-3af8"
vary: Accept-Encoding, Referer
content-type: application/octet-stream
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 15096
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19f51965ceb8e408bf91e1013a80aa41f7676eebcbe867515b8ae2d390a22f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pattXRx9TsfWn+sxY+54+A==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1781
etag: "1a6f9c9d21e1fa17eb10eca9806b81e1"
x-fb-debug: DCBUe2aWpHyzUKwKaC660tiPOb7lkVcYhKo2ROOQSVgyXSSoQGXXUgqez/7Kb8Qoh52quw553DcBVTjomrF4cg==
x-fb-trip-id: 1850256238
x-fb-content-md5: bb47847a934c31d14a70a0bbee3336f3
x-frame-options: DENY
date: Mon, 27 Apr 2020 17:54:10 GMT, Mon, 27 Apr 2020 17:54:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Apr 2020 18:12:04 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin: https://www.1079rgvfm.com

Response headers

date: Fri, 03 Apr 2020 05:34:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 2117965
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9180
x-xss-protection: 0
expires: Sat, 03 Apr 2021 05:34:45 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 394 KB
115 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=52958dc8d783900b2089a09363bcdc23&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa682920521ee0693993dc49398e7e7dba60620c6d78c728a506a94d90fad8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/
Origin: https://www.1079rgvfm.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uVYEFlAyziAoTJguYXKzew==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 116997
etag: "d46e12ed7584be83037f5f542c2f62ca"
x-fb-debug: epRTU/m3xD/cw1boBnALMfoeZh22zvOeM/d3hGcvfTrYGkIOobJZDSMdD1e7WQ/lXqwOBj4DALY+AWBJEnIfcg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 4633d75a5de7d277ad14c8e06a118fb2
x-frame-options: DENY
date: Mon, 27 Apr 2020 17:54:10 GMT, Mon, 27 Apr 2020 17:54:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:52:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 411 B
729 B 129ms
128ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2043527430549927&correlator=4341814591110100&output=ldjh&impl=fifs&adsid=NT&eid=21065724&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200427&iu_parts=281895236%2Cmix1079.net_1x1_US&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=4&cust_params=Viewability%3D0%26Channel%3DArts%2520%2526%2520Entertainment&cookie_enabled=1&cdm=www.1079rgvfm.com&bc=31&abxe=1&lmt=1588010050&dt=1588010050800&dlt=1588010049678&idt=1109&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=111&adks=2900184385&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=mix1079.net&loc=https%3A%2F%2Fwww.1079rgvfm.com%2F&dssz=43&icsg=4396972941344&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x9896&msz=1x-1&ga_vid=1259571616.1588010051&ga_sid=1588010051&ga_hid=1242346574&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

76263ddfddd70967f6da3df267de45ce8b6d5936d3a17bce485ada2f683d38f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 17ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 0682 81 KB
22 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Jan 2020 23:54:57 GMT
content-encoding: gzip
age: 9050354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: BhtAOrT8mVvvyEh8agOV2bL4SeoLnmXumIBUTMaUKbJ4XNnfHLAF3A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 41ms
40ms Image
image/gif 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-1x1----ROS-&placementId=c8ae3b57-9fe2-11e8-bc82-0685dc1fc043&adsafe_par&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:56ad4aaa-1b68-2cb3-21f0-9781f50a970c,c:b6J1OI,sl:outOfView,em:false,fr:true,mn:app20ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.233.1585.9192,am:a,cc:0.111.1585.9896,piv:11,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rXnOkZI+1*.927300|11|12|13|14|15|16|17,idMap:1*,pl:,rend:1,renddet:DIV.qs.sn,rmeas:1,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:227,oid:19309fca-88b0-11ea-9287-02467abe7cd0,v:19.8.72,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:10 GMT
x-server-name: app32.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 356ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=56ad4aaa-1b68-2cb3-21f0-9781f50a970c&tv={c:b6J1OK,pingTime:-8,time:228,type:l,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:228,n:0,pp:0,pm:0},slEvents:[{sl:o,t:225,wc:0.0.1600.1200,ac:0.233.1585.9192,am:a,cc:0.111.1585.9896,piv:11,obst:0,th:0,reas:l,bkn:{piv:[55~1],as:[54~1585.9192]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1*.927300|11|12|13|14|15|16|17,idMap:1*,rend:1,renddet:DIV.qs.sn,rmeas:1}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/ 299 KB
122 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc-uI8UAAAAAFNsyk2nEbiGWGNTZ9veWDZpLUnX&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 16:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 04:05:48 GMT
server: sffe
age: 608110
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 124243
x-xss-protection: 0
expires: Tue, 20 Apr 2021 16:59:00 GMT

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1801667c6d7fa63fbf309ac227a3cf53daff206c8e358464491237eefd173c2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
Origin: https://www.1079rgvfm.com

Response headers

date: Thu, 09 Apr 2020 23:13:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 1536066
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9192
x-xss-protection: 0
expires: Fri, 09 Apr 2021 23:13:05 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db1173e1b53b03d1f5bef927f915b4dfa2560468bb7b4c6d4c914f9f29d734df

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 admin-ajax.php Show response
www.1079rgvfm.com/wp-admin/ 5 B
386 B 249ms
249ms XHR
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1079rgvfm.com/wp-admin/admin-ajax.php

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-23-216.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3d0d26aeaa32e7ec4f86ce8121843bf854b3d7b8864466992c0c543259756b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.1079rgvfm.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: nginx
status: 200
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding, Referer
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 admin-ajax.php Show response
www.1079rgvfm.com/wp-admin/ 62 B
438 B 245ms
245ms XHR
text/html 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.1079rgvfm.com/wp-admin/admin-ajax.php

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-23-216.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0589c557444c6b20f61d3e6201723b9d58abe827c4b0d23888e608796c07e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.1079rgvfm.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: nginx
status: 200
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding, Referer
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame 74CB 0
0 6ms
6ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fwww.1079rgvfm.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fwww.1079rgvfm.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:47:48 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 17:54:11 GMT
x-served-by: cache-bwi5135-BWI, cache-fra19136-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js Show response
platform.twitter.com/js/ 24 KB
8 KB 14ms
13ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7864
x-served-by: cache-bwi5130-BWI, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 20:47:38 GMT
etag: "e137faa829d69782b030b8ae591989d1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.d228dcf3573461f298b082c9a5c0a42c.js Show response
platform.twitter.com/js/ 21 KB
7 KB 13ms
13ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.d228dcf3573461f298b082c9a5c0a42c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 72945876902af2cd35e37c7dc27c9a1ece0e3f3185100c36f5e55e468182467a

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 6656
x-served-by: cache-bwi5123-BWI, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 20:47:38 GMT
etag: "cd03198280cd4775cf9715d3c461a225+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 d2a4x00.js Show response
tc.dataxpand.com/tc/ 255 B
624 B 80ms
22ms Script
text/javascript 2600:9000:2156:3400:1d:3c3b:7580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tc.dataxpand.com/tc/d2a4x00.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CP2DG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:3400:1d:3c3b:7580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44596c32c4a9f8de15f6f758262b7d892e792c359a6c57016e670620bd6cc7f6

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: SDj7URV_kHYA1ZGG3RlP86GFO1VyKV34
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jul 2019 13:20:46 GMT
server: AmazonS3
age: 244
etag: "6f0debac6d04eff3e459c02db7671ccf"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Mon, 27 Apr 2020 17:50:08 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 255
x-amz-cf-id: nimmu6575_vRSLdZ4_0xoWQKU9Xb0PwQGDotIgi_tleC-o1hwGLQSQ==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 243ms
118ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=56ad4aaa-1b68-2cb3-21f0-9781f50a970c&tv={c:b6J1SF,pingTime:-2,time:471,type:a,im:{sf:0,pom:1,prf:{beA:3625,beZ:3627,mfA:3795,cmA:3796,inA:3796,inZ:3802,prA:3802,prZ:3815,si:3852,poA:3854,poZ:3865,cmZ:3865,mfZ:3865,loA:4012,loZ:4013,ltA:4096,ltZ:4096,idA:3865,idZ:3906}},env:{cca:false,gca:true,gca2:true},clog:[{piv:11,vs:o,r:l,w:1585,h:9192,t:225},{piv:21,h:4552,t:351}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:471,n:0,pp:0,pm:0},slEvents:[{sl:o,t:225,wc:0.0.1600.1200,ac:0.233.1585.4552,am:a,cc:0.111.1585.5251,piv:21,obst:0,th:0,reas:l,bkn:{piv:[298~1],as:[177~1585.9192,120~1585.4552]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1*.927300|11|12|13|14|15|16|17,idMap:1*,rend:1,renddet:DIV.qs.sn,rmeas:1,slid:[et-main-area,page-container],sinceFw:241,readyFired:true}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 iframe-v2.js Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 62BC 3 KB
1 KB 91ms
91ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 122bfd90110948af0015618901a943934b0f6e5a60f0f5742f4d965c66607269

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
server: nginx
etag: W/"5b899442-a56"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe-v2.js Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 9E1C 3 KB
1 KB 91ms
91ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 122bfd90110948af0015618901a943934b0f6e5a60f0f5742f4d965c66607269

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
server: nginx
etag: W/"5b899442-a56"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe-v2.js Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame B4AC 3 KB
1 KB 91ms
91ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 122bfd90110948af0015618901a943934b0f6e5a60f0f5742f4d965c66607269

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
server: nginx
etag: W/"5b899442-a56"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe-v2.js Show response
www.1079rgvfm.com/wp-content/plugins/adzerk/ Frame 6FB8 3 KB
1 KB 92ms
92ms Script
application/javascript 54.158.23.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.23.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-23-216.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 122bfd90110948af0015618901a943934b0f6e5a60f0f5742f4d965c66607269

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
last-modified: Fri, 31 Aug 2018 19:17:22 GMT
server: nginx
etag: W/"5b899442-a56"
vary: Accept-Encoding, Accept-Encoding, Referer
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame C1BC 0
0 17ms
17ms Document
text/html 2a00:1450:4001:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uI8UAAAAAFNsyk2nEbiGWGNTZ9veWDZpLUnX&co=aHR0cHM6Ly93d3cuMTA3OXJndmZtLmNvbTo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=2inmol3ngxqz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fzq4oYBUtLvnCuhmVjj3Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lc-uI8UAAAAAFNsyk2nEbiGWGNTZ9veWDZpLUnX&co=aHR0cHM6Ly93d3cuMTA3OXJndmZtLmNvbTo0NDM.&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=2inmol3ngxqz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
content-security-policy: script-src 'report-sample' 'nonce-Fzq4oYBUtLvnCuhmVjj3Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 27 Apr 2020 17:54:11 GMT
expires: Mon, 27 Apr 2020 17:54:11 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1102
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 152 KB
9 KB 250ms
226ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_1079RGVFM_old&dnt=false&domain=www.1079rgvfm.com&lang=en&screen_name=1079RGVFM&suppress_response_codes=true&t=1764455&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

c29a5528fdb3a2ab62773073c7ac61274b2cdeb3a324e1a50f1ec86de1ebdc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 9082
x-xss-protection: 0
x-response-time: 203
last-modified: Mon, 27 Apr 2020 17:54:11 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
expires: Mon, 27 Apr 2020 17:59:11 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: f01d2e2f1431c2a991b3cfc65f3467c9
timing-allow-origin: *
x-transaction: 00149a3700a73592
access-contol-allow-origin: platform.twitter.com

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
338 B 116ms
115ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1588010051225%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Mon, 27 Apr 2020 17:54:11 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 641d7a1d6eb66db812e85272170c6d09
x-transaction: 009319ab0056db4c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/12765/ 38 KB
11 KB 11ms
7ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12765/cc_af.js
Requested by: Host: tc.dataxpand.com
URL: https://tc.dataxpand.com/tc/d2a4x00.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0388f8144a4d08719c15ad57ad3c22094170bb990432ba0146857172bcf75a36

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 14:05:36 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 04:22:15 GMT
server: AmazonS3
age: 13716
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7DQuUtwRZpsdpS_Ys9rbFVE8OwmTNbtQJH3O5eQwGp6Wm1jvjIa1Dg==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H/1.1 200
OK t.js Show response
u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/ Frame 62BC 2 KB
2 KB 366ms
366ms Script
binary/octet-stream 13.224.194.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b9fb3141db09393e37111ceb14386c4bc88abb78c3f7adc56eb0985225610c

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:12 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Jan 2019 18:51:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "72222bbf3938104cf519e0f7dc12116e"
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2001
X-Amz-Cf-Id: 2P2KajO23bWLtJrSMefOsiQwhZzSBf-AWMx5oWkoUFz7ad-SkcB-Rw==

GET
H/1.1 200
OK t.js Show response
u.tentaculos.net/18160560-9fd4-11e8-bc82-0685dc1fc043/ Frame 9E1C 2 KB
2 KB 436ms
424ms Script
binary/octet-stream 13.224.194.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://u.tentaculos.net/18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e293e9b4346e2824c5902b3579fe391431c61d8ea1a76d8bac2425b6838dd059

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:12 GMT
Via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Jan 2019 18:44:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "65d9f3c050acf5957dec8bca6c86c9de"
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2007
X-Amz-Cf-Id: ET0UariXy8L7Xv7D-x0fAXXQNsv4g6QaV2VCya9FYXsiBLeJDrD9nw==

GET
H/1.1 200
OK t.js Show response
u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/ Frame B4AC 2 KB
2 KB 365ms
350ms Script
binary/octet-stream 13.224.194.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99b9fb3141db09393e37111ceb14386c4bc88abb78c3f7adc56eb0985225610c

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:12 GMT
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Jan 2019 18:51:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "72222bbf3938104cf519e0f7dc12116e"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2001
X-Amz-Cf-Id: OzbVMpRXVX5MiZ6CGootxOZF5pRJjTN92NkULqPMmpy0uMEtU1tAUQ==

GET
H/1.1 200
OK t.js Show response
u.tentaculos.net/61651c18-9fe2-11e8-bc82-0685dc1fc043/ Frame 6FB8 2 KB
2 KB 390ms
375ms Script
binary/octet-stream 13.224.194.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://u.tentaculos.net/61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-26.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94f9ea43b760c2c30737e1afedf54fc5c640aac171f5fb9d81b52937baf1a0ef

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:12 GMT
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
Last-Modified: Thu, 31 Jan 2019 18:49:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "51a6ed6aa566ecd4b13dc0fdc9aa5b91"
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2009
X-Amz-Cf-Id: JdhoTmvlQEE7vtIMLHMlW8Np1PuzzL5Py7VaRMga-UwaJu9rsCyXXA==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 118ms
117ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=56ad4aaa-1b68-2cb3-21f0-9781f50a970c&tv={c:b6J1XK,pingTime:-10,time:786,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220202020222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1588010051476||a1bfb49c9c1040fda7d88b2f322ad42e||675c74d5f114ba25a49fb0f4cb02f70f||5c89787c42ba5f8a5e1af839cc07418b||8c6fb9d3ed8af5c6e5075ec094655331||13e50b434bc3c820cc1ca3fdd0effc99||900825fa10670221a09fb3370e6265b4||dd57ea8cff4c43e55523decf279b6de5||1576000828}
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ Frame C920 52 KB
12 KB 8ms
7ms Stylesheet
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5136-BWI, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 20:47:34 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 7ms
7ms Image
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5136-BWI, cache-fra19136-FRA
last-modified: Tue, 07 Apr 2020 20:47:34 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 9479Sg99_normal.jpg
pbs.twimg.com/profile_images/940627062804508672/ Frame C920 2 KB
2 KB 11ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/940627062804508672/9479Sg99_normal.jpg

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

8aed601ee913d9d1cadda920693d3cd47336420a53291c563ddba3cd000d3dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 27360
x-cache: HIT
status: 200
content-length: 2187
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/4 profile_images/940627062804508672
last-modified: Tue, 12 Dec 2017 16:57:02 GMT
server: ECS (fcn/41A6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f43caba78ed4946f34d001ec2eecee6a
accept-ranges: bytes

GET
H2 200 iE7mOG2Q_normal.jpg
pbs.twimg.com/profile_images/1223128222281297921/ Frame C920 2 KB
2 KB 26ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1223128222281297921/iE7mOG2Q_normal.jpg

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

0e86692191745c2579d89d61391dce166ef43c3613fff4c82e04831c2a2e5261

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 348166
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/4 profile_images/1223128222281297921
last-modified: Fri, 31 Jan 2020 06:15:47 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c05390b5eb0678b65a3a30f1be0099e8
accept-ranges: bytes

GET
H2 200 3CN-F5_R_normal.jpg
pbs.twimg.com/profile_images/1249695907349659652/ Frame C920 2 KB
2 KB 26ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1249695907349659652/3CN-F5_R_normal.jpg

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

175e6575ecbfd0402573ef19c5d0c8c2409ee98d74a10c37e44c849fadbcc542

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 2339
x-response-time: 140
surrogate-key: profile_images profile_images/bucket/1 profile_images/1249695907349659652
last-modified: Mon, 13 Apr 2020 13:46:17 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9cb84b93a77eaf66739c45ad4cb2a1a4
accept-ranges: bytes

GET
H2 200 EWGF1AIUcAAhTEY
pbs.twimg.com/media/ Frame C920 139 KB
139 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EWGF1AIUcAAhTEY?format=png&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

22965419d80b66706f184cb5e62ff6bc6b0aab00181f519ed05e8cbcd3c43855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 141996
x-response-time: 185
surrogate-key: media media/bucket/3 media/1252429317000163328
last-modified: Tue, 21 Apr 2020 02:47:52 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d5d80b37b6babe8b9b8f2a3bb01375f8
accept-ranges: bytes

GET
H2 200 EUhlRfQWoAAEnZX
pbs.twimg.com/media/ Frame C920 24 KB
25 KB 26ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUhlRfQWoAAEnZX?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

1c0aa16cdb0aa07688d09b79f32ca447850dfd467ecc59011830f1255526af35

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 24945
x-response-time: 410
surrogate-key: media media/bucket/4 media/1245356648090214400
last-modified: Wed, 01 Apr 2020 14:23:37 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba6561c9b98014d85fb696ac9804f681
accept-ranges: bytes

GET
H2 200 EUD3WM0WkAAhHD1
pbs.twimg.com/media/ Frame C920 15 KB
16 KB 26ms
24ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUD3WM0WkAAhHD1?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DB) /

Resource Hash

e2bda6bcad9952c0bd86da0355fbd58ff8f03db11b973495f327096fbaa28ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 15844
x-response-time: 155
surrogate-key: media media/bucket/9 media/1243265457924247552
last-modified: Thu, 26 Mar 2020 19:53:58 GMT
server: ECS (fcn/40DB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9d6c45ab09cafb53afd0262affe43762
accept-ranges: bytes

GET
H2 200 EUDnXwhXYAEaiai
pbs.twimg.com/media/ Frame C920 31 KB
31 KB 16ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EUDnXwhXYAEaiai?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

bbe8afd56c7dc5fb5853ca849f453403c67dcf7ee8fc94c0912951e0204174ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 31973
x-response-time: 228
surrogate-key: media media/bucket/6 media/1243247892502110209
last-modified: Thu, 26 Mar 2020 18:44:10 GMT
server: ECS (fcn/40B2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2e795227466a90cf2ecea3dbabd9597c
accept-ranges: bytes

GET
H2 200 ET_est0WsAgUqb7
pbs.twimg.com/media/ Frame C920 33 KB
33 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET_est0WsAgUqb7?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

fd4800d17a2b6b6d822d1eb1e563417e31e66a0ae4bdd5a80684e3adbbc58771

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422678
x-cache: HIT
status: 200
content-length: 33613
x-response-time: 173
surrogate-key: media media/bucket/5 media/1242956881972342792
last-modified: Wed, 25 Mar 2020 23:27:48 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e12a64ebc3710d2dfdb78d481fd7eb5f
accept-ranges: bytes

GET
H2 200 ET99sFSXsAIJrfA
pbs.twimg.com/media/ Frame C920 27 KB
28 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET99sFSXsAIJrfA?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

8dedf4ee762ea98d85e0d6b8fd9b1daf3f02e11093a777bb9d3b9d25f3ac6c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 28068
x-response-time: 243
surrogate-key: media media/bucket/7 media/1242850218464489474
last-modified: Wed, 25 Mar 2020 16:23:57 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 15f338c022377f04b5a55f86a11464e8
accept-ranges: bytes

GET
H2 200 ET6eR8OXsAcGo24
pbs.twimg.com/media/ Frame C920 24 KB
25 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET6eR8OXsAcGo24?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

b736b5d47a388f988442b47707417b796d491756754946f642d0780d644c6fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 24893
x-response-time: 162
surrogate-key: media media/bucket/1 media/1242604578262200327
last-modified: Wed, 25 Mar 2020 00:07:52 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e78fec6430e543161406ce182ab7b3d
accept-ranges: bytes

GET
H2 200 ET4ItfZXsAcwjNX
pbs.twimg.com/media/ Frame C920 21 KB
21 KB 11ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ET4ItfZXsAcwjNX?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

81c875fbbf381eb8ff35ea311707ad2a550f6c9f362be3bf082a2641ab1b4a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 21453
x-response-time: 343
surrogate-key: media media/bucket/3 media/1242440124815880199
last-modified: Tue, 24 Mar 2020 13:14:23 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d506c0f0d86d00e948f5d80e405e3260
accept-ranges: bytes

GET
H2 200 ETvl8aQWoAEeitG
pbs.twimg.com/media/ Frame C920 23 KB
23 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETvl8aQWoAEeitG?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

b00ff6d1fe636836e1354d660d4f60cd4a3537fabc8d26d754b7b6ee814a1d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 23244
x-response-time: 162
surrogate-key: media media/bucket/7 media/1241838948273528833
last-modified: Sun, 22 Mar 2020 21:25:32 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1131c78e49d9ffe5b287c247c70e632c
accept-ranges: bytes

GET
H2 200 ETrqsZeWsAALwdW
pbs.twimg.com/media/ Frame C920 21 KB
22 KB 4456ms
4455ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETrqsZeWsAALwdW?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

83709e0ae247518635a3cd17612af81bbaa5214e5b40d7f2fae6cb160da22bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:15 GMT
x-content-type-options: nosniff
age: 422681
x-cache: HIT
status: 200
content-length: 21769
x-response-time: 166
surrogate-key: media media/bucket/6 media/1241562695767339008
last-modified: Sun, 22 Mar 2020 03:07:48 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 98db5ab973a202d8b816136de035da1e
accept-ranges: bytes

GET
H2 200 ETj8RSnWkAEuUq9
pbs.twimg.com/media/ Frame C920 18 KB
18 KB 11ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETj8RSnWkAEuUq9?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

1e94a459d9e7e60550f1c82c9c0268ccc6d210cf2e110c7bfcc64b2f7c8f7ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 18755
x-response-time: 370
surrogate-key: media media/bucket/5 media/1241019071325442049
last-modified: Fri, 20 Mar 2020 15:07:38 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9b2bc97dffcdc26a02de5a589f411cea
accept-ranges: bytes

GET
H2 200 EThnioEXYAAskP8
pbs.twimg.com/media/ Frame C920 13 KB
13 KB 11ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EThnioEXYAAskP8?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

b1b79cc8445a451e53a89ae80d7b033b44b58a99882a7993a80af4c533d7836f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 13270
x-response-time: 155
surrogate-key: media media/bucket/1 media/1240855541909512192
last-modified: Fri, 20 Mar 2020 04:17:49 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6f4c1da972036d1f1561db07633a6424
accept-ranges: bytes

GET
H2 200 ETe6kWtWkAAawo0
pbs.twimg.com/media/ Frame C920 40 KB
41 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETe6kWtWkAAawo0?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

7e13260218dc0aca7d41cc60f433983aa865247ca8f6d3495542ad80da9be7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 41376
x-response-time: 237
surrogate-key: media media/bucket/6 media/1240665356097720320
last-modified: Thu, 19 Mar 2020 15:42:05 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae24f12be621fee3a66b9bad5fba842e
accept-ranges: bytes

GET
H2 200 ao6Ayc1v0xyoS5Wo
pbs.twimg.com/ext_tw_video_thumb/1240419870912778245/pu/img/ Frame C920 17 KB
17 KB 12ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1240419870912778245/pu/img/ao6Ayc1v0xyoS5Wo?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

44c1a1906f8b24c75068a384cfa81463d7024232052b5950bf570ed158df0635

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 17677
x-response-time: 151
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/1 ext_tw_video_thumb/1240419870912778245
last-modified: Wed, 18 Mar 2020 23:26:37 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fe2b4e595fe2675ce9d45769e376eeab
accept-ranges: bytes

GET
H2 200 ETbZSsJXkAA3LQx
pbs.twimg.com/media/ Frame C920 19 KB
19 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETbZSsJXkAA3LQx?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

dc571c84a61edecbdf3b1f203ca3d683bb826353f55b129f7bae999e4cf43d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 19746
x-response-time: 163
surrogate-key: media media/bucket/4 media/1240417662498476032
last-modified: Wed, 18 Mar 2020 23:17:51 GMT
server: ECS (fcn/4185)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f99df31165982c3a4c86bb719dba6eaf
accept-ranges: bytes

GET
H2 200 ETZoNoSXgAI55mT
pbs.twimg.com/media/ Frame C920 28 KB
28 KB 12ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETZoNoSXgAI55mT?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

f27fb180a9e0acf9e84d10fdce6b9562fae52e9c6ed606fd858fd11c03d4a3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 28989
x-response-time: 207
surrogate-key: media media/bucket/1 media/1240293330749194242
last-modified: Wed, 18 Mar 2020 15:03:48 GMT
server: ECS (fcn/4190)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9301264dbb0031399935d11614acd8fa
accept-ranges: bytes

GET
H2 200 ETVxoBdXkAImGPT
pbs.twimg.com/media/ Frame C920 16 KB
17 KB 12ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETVxoBdXkAImGPT?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

72c6a2fd0eb060fc015a42777a3b878b5ae6f197cc4abbeb4c09f565a27f8845

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 16833
x-response-time: 151
surrogate-key: media media/bucket/9 media/1240022204810760194
last-modified: Tue, 17 Mar 2020 21:06:26 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3444de78ad0d1a36cb62851e0760d944
accept-ranges: bytes

GET
H2 200 ETU3-_pXQAQ1WrZ
pbs.twimg.com/media/ Frame C920 19 KB
19 KB 17ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETU3-_pXQAQ1WrZ?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

524d3583513203255268e3b45e02b780ec942cc84ee6fee7ef206f8eb1edb69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 19628
x-response-time: 184
surrogate-key: media media/bucket/3 media/1239958827786780676
last-modified: Tue, 17 Mar 2020 16:54:36 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 32425e918e95fd2fd3f0f0c61e4fc95d
accept-ranges: bytes

GET
H2 200 ETUrkzHXgAUrd12
pbs.twimg.com/media/ Frame C920 20 KB
20 KB 11ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ETUrkzHXgAUrd12?format=jpg&name=360x360

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

5e725b97229ae48b766e57f8b085b0e2ecc358f93911505ca87647c163f83be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
x-content-type-options: nosniff
age: 422677
x-cache: HIT
status: 200
content-length: 20771
x-response-time: 180
surrogate-key: media media/bucket/8 media/1239945183606833157
last-modified: Tue, 17 Mar 2020 16:00:23 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fd39c48f6dc6f29d082fbb460f536a7a
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame C920 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C920 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C920 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C920 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C920 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C920 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame B4AC 45 KB
13 KB 32ms
32ms Script
application/javascript 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d9d08b01f6611011278c0779746b1d6794ce85f9370cae8177a9f71fcd34475b

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-server-name: app29.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13671/ Frame B4AC 38 KB
11 KB 8ms
7ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 14:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:22:31 GMT
server: AmazonS3
age: 13726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: D8p0rWAjL5WHXfYzjkcFZW-3ruq87fs9iUQiWWzcB9_UE1C0xhtsmA==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B4AC 43 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a9a53271f48b09783e1316b8c5b5314762ed654ef890cb35e840cb99012ed4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "498 / 892 of 1000 / last-modified: 1588003827"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14437
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 62BC 45 KB
13 KB 32ms
31ms Script
application/javascript 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 40e8c0f7ef71520ab9b041aaaba89211d1020814f15b1fdf289587f9a6a335d8

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-server-name: app35.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13671/ Frame 62BC 38 KB
11 KB 9ms
8ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 14:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:22:31 GMT
server: AmazonS3
age: 13726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nwbVqtGml-Gs9CLTacGHK5KdhTYjGXbO9YEHKxwE_TZr4zNEGZyQjw==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 62BC 43 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: u.tentaculos.net
URL: https://u.tentaculos.net/0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a9a53271f48b09783e1316b8c5b5314762ed654ef890cb35e840cb99012ed4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "498 / 682 of 1000 / last-modified: 1588003827"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14437
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6FB8 45 KB
13 KB 34ms
33ms Script
application/javascript 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-320x50hi----ROS-&placementId=61651c18-9fe2-11e8-bc82-0685dc1fc043&adsafe_par
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b9218c760f8200ab67d8ca733da760170ba7b3347fb32f6b489a35c5aa4fc43

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-server-name: app38.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13671/ Frame 6FB8 38 KB
11 KB 9ms
9ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 14:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:22:31 GMT
server: AmazonS3
age: 13726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zcz2-DDGqktoBFJD8viUYWWWQ8bxCY3WNOhHFOw99lbhJ-1GCJMAdg==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6FB8 43 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: u.tentaculos.net
URL: https://u.tentaculos.net/61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dce62b2347430db2aa34331b35c53ed3ecd9f0c8a1dbca768bba5afd4da422fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "498 / 331 of 1000 / last-modified: 1588003935"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14437
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 main.gr.19.8.72.js Show response
static.adsafeprotected.com/ Frame B4AC 171 KB
56 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.72.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 21:28:49 GMT
content-encoding: gzip
age: 419123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Apr 2020 21:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: YRyDK8wPA.IwdO9So8c30gDCgnFA3crL
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: DWrWJQxcbaEq_WzXzMkCSUEwOE7NRBNY8mZS26PtTyKZMbbKNxp-Yg==

GET
H2 200 main.gr.19.8.72.js Show response
static.adsafeprotected.com/ Frame 62BC 171 KB
56 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.72.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 21:28:49 GMT
content-encoding: gzip
age: 419123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Apr 2020 21:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: YRyDK8wPA.IwdO9So8c30gDCgnFA3crL
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: ZDu1jLp59VGBYp0FCgN7xlli3naAH0PiKrLokBVsTVAe6LJNsqmQxQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B4AC 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B4AC 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B4AC 237 KB
85 KB 14ms
14ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 62BC 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 62BC 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 62BC 237 KB
85 KB 19ms
19ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 4317 81 KB
22 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Jan 2020 23:54:57 GMT
content-encoding: gzip
age: 9050355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: UELl8ZYvEU0Vyy5MxUagev8M5i8361imncbhRAgYnRieasI29bks4g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 45ms
45ms Image
image/gif 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2F&adsafe_type=abeq&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D0dc6caf8-9fd3-11e8-bc82-0685dc1fc043%2Ft.js&adsafe_type=df&adsafe_jsinfo=,id:c1361f99-80b1-9075-3f48-bb49dc61930c,c:b6J21l,sl:outOfView,em:true,fr:true,mn:app29ie,pt:1-5-15,wc:0.0.1600.1200,ac:429.4680.728.90,am:i,cc:429.4680.728.90,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rXnOlfp+11|12|13|14|15|16*.927300|17|18|19|1a|1b|1c,idMap:16*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:37,oid:19c90f9d-88b0-11ea-bb86-029678ec52b8,v:19.8.72,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 main.gr.19.8.72.js Show response
static.adsafeprotected.com/ Frame 6FB8 171 KB
56 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.72.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-320x50hi----ROS-&placementId=61651c18-9fe2-11e8-bc82-0685dc1fc043&adsafe_par
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 21:28:49 GMT
content-encoding: gzip
age: 419123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Apr 2020 21:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: YRyDK8wPA.IwdO9So8c30gDCgnFA3crL
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: J85jiY8G6CSiHV274wR4MseiG5IRi1GrERJzyHZRiEM_ohp8RoTY8Q==

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 5000 81 KB
22 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Jan 2020 23:54:57 GMT
content-encoding: gzip
age: 9050355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: _Mpc8C0c4FUf9hVB37BG9jzj-dbG1NxRMENNxj79BZcIIRvJLqa31A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-728x90----ROS-&placementId=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043&adsafe_par&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2F&adsafe_type=abeq&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D0dc6caf8-9fd3-11e8-bc82-0685dc1fc043%2Ft.js&adsafe_type=df&adsafe_jsinfo=,id:47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd,c:b6J21L,sl:inView,em:true,fr:true,mn:app35ie,pt:1-5-15,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rXnOlfr+11|12|13*.927300|14|15|161|17|18|19|1a|1b|1c,idMap:13*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:61,oid:19c90ee7-88b0-11ea-8b6a-02f4ca7e124a,v:19.8.72,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9E1C 45 KB
13 KB 34ms
33ms Script
application/javascript 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-300x600----ROS-&placementId=18160560-9fd4-11e8-bc82-0685dc1fc043&adsafe_par
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 392bdcaa3ead92f8991fa0471b29b0b45d3c89f9588635eeed3dce46a850299a

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-server-name: app27.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13671/ Frame 9E1C 38 KB
11 KB 17ms
16ms Script
application/json 143.204.89.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Requested by: Host: u.tentaculos.net
URL: https://u.tentaculos.net/18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-92.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 14:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 05:22:31 GMT
server: AmazonS3
age: 13726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Yao8dY3tqSn2jPn2hImiJhdvvaxBqYIuS6cMoOkDuuoimyv-7k1Dlg==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9E1C 43 KB
14 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: u.tentaculos.net
URL: https://u.tentaculos.net/18160560-9fd4-11e8-bc82-0685dc1fc043/t.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a9a53271f48b09783e1316b8c5b5314762ed654ef890cb35e840cb99012ed4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "498 / 226 of 1000 / last-modified: 1588003827"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14437
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 118ms
118ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J22i,pingTime:0,time:93,type:pf,clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:93,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[39~100],as:[39~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOlfr+11|12|13*.927300|14|15|161|17|18|19|1a|1b|1c,idMap:13*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 119ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=c1361f99-80b1-9075-3f48-bb49dc61930c&tv={c:b6J22m,pingTime:-2,time:99,type:a,im:{sf:0,pom:1,prf:{beA:951,beZ:952,mfA:980,cmA:980,inA:980,inZ:982,prA:982,prZ:985,si:988,poA:988,poZ:994,cmZ:994,mfZ:994,loA:1019,loZ:1021,ltA:1050,ltZ:1050}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{cca:false,gca:true,gca2:true},clog:[{piv:0,vs:o,r:l,w:728,h:90,t:36}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:99,n:0,pp:0,pm:0},slEvents:[{sl:o,t:36,wc:0.0.1600.1200,ac:429.4680.728.90,am:i,cc:429.4680.728.90,piv:0,obst:0,th:0,reas:l,bkn:{piv:[69~0],as:[69~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1.927300|11|12|13.927300|14|15|16*.927300|17|18|19|1a|1b|1c,idMap:16*,rend:0,renddet:DIV,rmeas:0,slid:[et-boc,post-51537,main-content,et-main-area,page-container],sinceFw:62,readyFired:true}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B4AC 14 KB
9 KB 260ms
260ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2604026278415944&correlator=3092134962869845&output=ldjh&impl=fifs&adsid=NT&eid=21064712&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200427&iu_parts=281895236%2Cmix1079.net_728x90_US&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=4&cust_params=Viewability%3D0%26Channel%3DArts%2520%2526%2520Entertainment&cookie=ID%3Dd277bb398266f45c%3AT%3D1588010050%3AS%3DALNI_MbGrczz5hJp9SpuXSfmkkUT_6OP4Q&cdm=www.1079rgvfm.com&bc=31&abxe=1&lmt=1535743042&dt=1588010051772&dlt=1588010050854&idt=913&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=4680&adks=2061876677&ucis=a2of785wma8t&ifi=1&ifk=1909847003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=mix1079.net&loc=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D0dc6caf8-9fd3-11e8-bc82-0685dc1fc043%2Ft.js&top=www.1079rgvfm.com&dssz=13&icsg=43778&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1177982914.1588010052&ga_sid=1588010052&ga_hid=543901848&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

70ea083c612a4c2c3a3d00c992df18ce71aff23917a271021ee0f8ec606baf4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B4AC 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 62BC 15 KB
9 KB 481ms
480ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4375938110385814&correlator=4198650613639141&output=ldjh&impl=fifs&adsid=NT&eid=21064713%2C21065931&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200427&iu_parts=281895236%2Cmix1079.net_728x90_US&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=4&cust_params=Viewability%3D0%26Channel%3DArts%2520%2526%2520Entertainment&cookie=ID%3Dd277bb398266f45c%3AT%3D1588010050%3AS%3DALNI_MbGrczz5hJp9SpuXSfmkkUT_6OP4Q&cdm=www.1079rgvfm.com&bc=31&abxe=1&lmt=1535743042&dt=1588010051783&dlt=1588010050849&idt=929&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=122&adks=2061876677&ucis=rc6do44pkcnx&ifi=1&ifk=1909847003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=mix1079.net&loc=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D0dc6caf8-9fd3-11e8-bc82-0685dc1fc043%2Ft.js&top=www.1079rgvfm.com&dssz=13&icsg=43778&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1243789588.1588010052&ga_sid=1588010052&ga_hid=748556892&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1d15f9253ccd0b593b3473f249258bdde0af233f6f03ba49288a112c7cef0bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8758
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 62BC 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6FB8 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6FB8 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6FB8 237 KB
85 KB 16ms
15ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 119ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J231,pingTime:-2,time:138,type:a,im:{sf:0,pom:1,prf:{beA:969,beZ:970,mfA:1022,cmA:1022,inA:1022,inZ:1024,prA:1024,prZ:1027,si:1030,poA:1030,poZ:1034,cmZ:1034,mfZ:1034,loA:1063,loZ:1064,ltA:1106,ltZ:1106}},sca:{dfp:{df:4,sz:728.90,dom:div}},env:{cca:false,gca:true,gca2:true},clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:138,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[84~100],as:[84~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1.927300|11|12|13*.927300|14|15|16.927300|161|17|18|19|1a|1b|1c,idMap:13*,rend:0,renddet:DIV,rmeas:0,slid:[et-main-area,page-container],sinceFw:76,readyFired:true}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%238... Frame 3535
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%...
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%2...

0
0

45ms
44ms

Document
text/html

52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:11 GMT
content-type: text/html;charset=UTF-8
content-length: 2153
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.14.155
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TLODHDA9%2BLIVVXG51kM%2FxkZGTbMvSoDY79CEn%2BGxJ586wqcPf2EOox5YfEcFhj73NFDzDD2g6k9jDD2x8%2BWMObl53dkYezDSFovnXrEBmPvX34UrgYAQ0hLuQ%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jzAADTAzsEXdADPYQFSAJADXTAyE%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

status: 302
date: Mon, 27 Apr 2020 17:54:11 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=919316280/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.14.155
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%238... Frame 00BE
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%...
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%2...

0
0

110ms
109ms

Document
text/html

52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:12 GMT
content-type: text/html;charset=UTF-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.81
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

status: 302
date: Mon, 27 Apr 2020 17:54:11 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=700060739/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.20.212
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2 200 main.gr.19.8.72.js Show response
static.adsafeprotected.com/ Frame 9E1C 171 KB
56 KB 29ms
7ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.72.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-300x600----ROS-&placementId=18160560-9fd4-11e8-bc82-0685dc1fc043&adsafe_par
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 21:28:49 GMT
content-encoding: gzip
age: 419123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Apr 2020 21:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: YRyDK8wPA.IwdO9So8c30gDCgnFA3crL
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: bYVNLYkEorxhb_oCq73VznxXnIYkCWN6oGkAM-l3KJ5IvobMNoW0kA==

GET
H2

200

jot.html
platform.twitter.com/ Frame 834E
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.1079rgvfm.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:48:49 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 17:54:11 GMT
x-served-by: cache-bwi5132-BWI, cache-fra19136-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 27 Apr 2020 17:54:11 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 27 Apr 2020 17:54:11 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 641d7a1d6eb66db812e85272170c6d09
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 122
x-transaction: 00e2d5a2005d7d80
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 3072 81 KB
22 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Jan 2020 23:54:57 GMT
content-encoding: gzip
age: 9050355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: F1zMJ7zhLVFreYM-fO0NNsxf7gzWpWO2zmtGF0ahSjRO2ljOYAHWZw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 36ms
36ms Image
image/gif 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-320x50hi----ROS-&placementId=61651c18-9fe2-11e8-bc82-0685dc1fc043&adsafe_par&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2F&adsafe_type=abeq&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D61651c18-9fe2-11e8-bc82-0685dc1fc043%2Ft.js&adsafe_type=df&adsafe_jsinfo=,id:6104b704-9d9c-83f1-e0f9-0b92177b4fe7,c:b6J247,sl:outOfView,em:true,fr:true,mn:app38ie,pt:1-5-15,wc:0.0.1600.1200,ac:643.4790.300.150,am:i,cc:643.4790.300.150,piv:0,obst:0,th:0,reas:l,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rXnOlg6+11|12|131|132|14|15|161|162|17*.927300|18|19|1a|1b|1c|1d1,idMap:17*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:165,oid:19cd2e6b-88b0-11ea-8517-02d962664366,v:19.8.72,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
x-server-name: app31.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9E1C 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9E1C 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.1079rgvfm.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9E1C 237 KB
85 KB 15ms
15ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:11 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6FB8 328 B
457 B 186ms
185ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3631245829561059&correlator=1498574201785344&output=ldjh&impl=fifs&adsid=NT&eid=21065959%2C21062833%2C21064367%2C21065203&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200427&iu_parts=281895236%2Cmix1079.net_320x50hi_US&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&eri=4&cust_params=Viewability%3D0%26Channel%3DArts%2520%2526%2520Entertainment&cookie=ID%3Dd277bb398266f45c%3AT%3D1588010050%3AS%3DALNI_MbGrczz5hJp9SpuXSfmkkUT_6OP4Q&cdm=www.1079rgvfm.com&bc=31&abxe=1&lmt=1535743042&dt=1588010051897&dlt=1588010050855&idt=1037&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=150&oid=3&adxs=643&adys=4790&adks=3705701900&ucis=o3ifrx49zgsy&ifi=1&ifk=3559658657&u_tz=120&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=mix1079.net&loc=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D61651c18-9fe2-11e8-bc82-0685dc1fc043%2Ft.js&top=www.1079rgvfm.com&dssz=13&icsg=43778&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50&msz=320x-1&ga_vid=1977690735.1588010052&ga_sid=1588010052&ga_hid=159851090&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9e287a10e726d2d43f7fcec29238d4ea2df40536878c325100ea0f3446c33dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6FB8 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 119ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=6104b704-9d9c-83f1-e0f9-0b92177b4fe7&tv={c:b6J24D,pingTime:-2,time:197,type:a,im:{sf:0,pom:1,prf:{beA:994,beZ:996,mfA:1147,cmA:1148,inA:1148,inZ:1149,prA:1149,prZ:1157,si:1159,poA:1159,poZ:1163,cmZ:1163,mfZ:1163,loA:1172,loZ:1173,ltA:1191,ltZ:1191}},sca:{dfp:{df:4,sz:300.50,dom:div}},env:{cca:false,gca:true,gca2:true},clog:[{piv:0,vs:o,r:l,w:300,h:150,t:165}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:197,n:0,pp:0,pm:0},slEvents:[{sl:o,t:165,wc:0.0.1600.1200,ac:643.4790.300.150,am:i,cc:643.4790.300.150,piv:0,obst:0,th:0,reas:l,bkn:{piv:[43~0],as:[42~300.150]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15|16.927300|161|162|17*.927300|18|19|1a|1b|1c|1d1,idMap:17*,rend:0,renddet:DIV,rmeas:0,slid:[et-main-area,page-container],sinceFw:32,readyFired:true}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:11 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%238... Frame EB26
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%...
https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%2...

0
0

156ms
155ms

Document
text/html

52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:12 GMT
content-type: text/html;charset=UTF-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.17.77
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

status: 302
date: Mon, 27 Apr 2020 17:54:11 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=13671/rand=898333246/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.43
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 3851 81 KB
22 KB 19ms
18ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Jan 2020 23:54:57 GMT
content-encoding: gzip
age: 9050355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 5vVcHXykatEvo40gTsHvNMKp15Uc4Et83NID4yhq4jIAGIrsOVvjpQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 38ms
37ms Image
image/gif 108.128.94.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=927300&advId=PulpoNetwork&campId=PulpoNetwork&pubId=Mix1079.net&chanId=US-300x600----ROS-&placementId=18160560-9fd4-11e8-bc82-0685dc1fc043&adsafe_par&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2F&adsafe_type=abeq&adsafe_url=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D18160560-9fd4-11e8-bc82-0685dc1fc043%2Ft.js&adsafe_type=df&adsafe_jsinfo=,id:748a9459-86cd-b650-7b75-4e7da046acc7,c:b6J25x,sl:inView,em:true,fr:true,mn:app27ie,pt:1-5-15,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,fm:rXnOli5+11|12|131|132|14|15*.927300|161|162|171|172|18|19|1a|1b|1c|1d1,idMap:15*,pl:,rend:0,renddet:DIV,rmeas:0,es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:130,oid:19d9b117-88b0-11ea-b867-0aa8be4d4e44,v:19.8.72,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.94.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-94-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:11 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9E1C 14 KB
9 KB 383ms
383ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2273336760770351&correlator=93070773317132&output=ldjh&impl=fifs&adsid=NT&eid=21065401&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200427&iu_parts=281895236%2Cmix1079.net_300x600_US&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=4&cust_params=Viewability%3D0%26Channel%3DArts%2520%2526%2520Entertainment&cookie=ID%3Dd277bb398266f45c%3AT%3D1588010050%3AS%3DALNI_MbGrczz5hJp9SpuXSfmkkUT_6OP4Q&cdm=www.1079rgvfm.com&bc=31&abxe=1&lmt=1535743042&dt=1588010051970&dlt=1588010050850&idt=1115&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=600&oid=3&adxs=803&adys=354&adks=2736963091&ucis=dje5vlge7936&ifi=1&ifk=3315848174&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=mix1079.net&loc=https%3A%2F%2Fwww.1079rgvfm.com%2Fwp-content%2Fplugins%2Fadzerk%2Fiframe.html%3Fu%3D18160560-9fd4-11e8-bc82-0685dc1fc043%2Ft.js&top=www.1079rgvfm.com&dssz=13&icsg=43778&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1293920631.1588010052&ga_sid=1588010052&ga_hid=1547715465&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7ea940dc985a2150c2a23868c7216c6eddfa822725ec174bff3fba55197fc8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8432
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.1079rgvfm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9E1C 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=13671/rand=953001989/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%... Frame C92F 0
0 77ms
76ms Document
text/html 52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=13671/rand=953001989/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=13671/rand=953001989/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/int=%23OpR%2385619%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content/int=%23OpR%2385620%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins/int=%23OpR%2385621%23www.1079rgvfm.com%20%3A%20Site%20Section%20%3A%20wp-content%20%3A%20plugins%20%3A%20adzerk/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=f1ede5acc392a2260faf9a054ac6a2a9; _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TLODHDA9%2BLIVVXG51kM%2FxkZGTbMvSoDY79CEn%2BGxJ586wqcPf2EOox5YfEcFhj73NFDzDD2g6k9jDD2x8%2BWMObl53dkYezDSFovnXrEBmPvX34UrgYAQ0hLuQ%3D%3D"; _cc_aud="ABR4nGNgYGCIWy7jzAADTAzsEXdADPYQFSAJADXTAyE%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:12 GMT
content-type: text/html;charset=UTF-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.10.83
set-cookie: _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 117ms
117ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J25S,pingTime:0,time:151,type:pf,im:{pBlk:134,pLoad:149},clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:151,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[27~100],as:[27~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOli5+11|12|131|132|14|15*.927300|161|162|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 118ms
117ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J260,pingTime:-2,time:159,type:a,im:{sf:0,pom:1,prf:{beA:1132,beZ:1133,mfA:1255,cmA:1255,inA:1255,inZ:1256,prA:1256,prZ:1260,si:1262,poA:1262,bl:1266,poZ:1266,cmZ:1266,mfZ:1266,loA:1283,loZ:1284,ltA:1290,ltZ:1291}},sca:{dfp:{df:4,sz:300.600,dom:div}},env:{cca:false,gca:true,gca2:true},clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:159,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[35~100],as:[35~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:0,renddet:DIV,rmeas:0,slid:[et-boc,post-51537,main-content,et-main-area,page-container],sinceFw:29,readyFired:true}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
171 B 131ms
131ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.1079rgvfm.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3A1079RGVFM%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1588010052020%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a2aa63b%3A1586240908307%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22element%22%3A%22notice%22%2C%22section%22%3A%22header%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Mon, 27 Apr 2020 17:54:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 641d7a1d6eb66db812e85272170c6d09
x-transaction: 00dd1dcd00e95853
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

jot.html
platform.twitter.com/ Frame B9D2
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

9ms
8ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.1079rgvfm.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 07 Apr 2020 20:48:49 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 27 Apr 2020 17:54:12 GMT
x-served-by: cache-bwi5132-BWI, cache-fra19136-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 27 Apr 2020 17:54:12 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 27 Apr 2020 17:54:12 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 641d7a1d6eb66db812e85272170c6d09
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 114
x-transaction: 000991c100686d24
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 23B5 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 26 Apr 2020 13:23:11 GMT
expires: Mon, 26 Apr 2021 13:23:11 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 102661
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4AC 74 KB
27 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587573036175118"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27875
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B4AC 7 KB
6 KB 32ms
19ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a65d2ca74612718c9f991f8615711c02810c2063278e33ada3ddc257945f404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5178
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 171ms
170ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J27u,time:251,type:e,im:{pWait:4},es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:251,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[127~100],as:[127~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:0,renddet:DIV,rmeas:0}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6FB8 7 KB
5 KB 21ms
18ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce019064fb44831cab7567f8e33c965056e57ba7f6d510137126c5d1a2c0ff0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5243
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B4AC 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FB8 14 KB
5 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame B490 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 27 Apr 2020 16:52:15 GMT
expires: Tue, 27 Apr 2021 16:52:15 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3717
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 18FA 0
0 11ms
7ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 27 Apr 2020 16:52:15 GMT
expires: Tue, 27 Apr 2021 16:52:15 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3717
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 307E 0
0 9ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 26 Apr 2020 13:23:11 GMT
expires: Mon, 26 Apr 2021 13:23:11 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 102661
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62BC 74 KB
27 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587573036175118"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27875
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62BC 7 KB
5 KB 78ms
76ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdf2b2e36dd05a677dfb752ee73a18c3867e64c7907e8030891d4634eb9aca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 164ms
164ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=c1361f99-80b1-9075-3f48-bb49dc61930c&tv={c:b6J2aS,time:627,type:e,im:{pci:{tdr:503}},es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:627,n:0,pp:0,pm:0},slEvents:[{sl:o,t:36,wc:0.0.1600.1200,ac:429.4680.728.90,am:i,cc:429.4680.728.90,piv:0,obst:0,th:0,reas:l,bkn:{piv:[597~0],as:[597~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:147,fm:rXnOkZI+1.927300|11|12|13.927300|14|15.927300|16*.927300|17.927300|18|19|1a|1b|1c,idMap:16*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62BC 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3715 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 26 Apr 2020 13:23:11 GMT
expires: Mon, 26 Apr 2021 13:23:11 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 102661
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E1C 74 KB
27 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587573036175118"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27875
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9E1C 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5602f9f166505c519a3351bf4de1cf78d369ed2e94f891c598a5385c6db6712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 0DBA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 27 Apr 2020 16:52:15 GMT
expires: Tue, 27 Apr 2021 16:52:15 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3717
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E1C 14 KB
5 KB 90ms
17ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2A6C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 27 Apr 2020 16:52:15 GMT
expires: Tue, 27 Apr 2021 16:52:15 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3717
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 148ms
148ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J2eg,time:671,type:e,im:{pci:{tdr:502}},es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:671,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[547~100],as:[547~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:176,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 122ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J2ir,pingTime:1,time:1094,type:p,im:{pci:{tdr:1028}},clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1094,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1040~100],as:[1040~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:182,fm:rXnOkZI+1.927300|11|12|13*.927300|14|15.927300|16.927300|161|17.927300|18|19|1a|1b|1c,idMap:13*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 120ms
117ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J2is,pingTime:1,time:1095,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1095,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1041~100],as:[1041~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:182,fm:rXnOkZI+1.927300|11|12|13*.927300|14|15.927300|16.927300|161|17.927300|18|19|1a|1b|1c,idMap:13*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:publ1,cmr:t}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 121ms
118ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J2it,pingTime:1,time:1096,type:c,clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1096,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.122.728.90,am:i,cc:429.122.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[1042~100],as:[1042~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:182,fm:rXnOkZI+1.927300|11|12|13*.927300|14|15.927300|16.927300|161|17.927300|18|19|1a|1b|1c,idMap:13*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:grpm1,cmr:t}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:12 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4AC 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=2604026278415944&bg=!y8ilyNBYMr9GVIKDgL4CAAAB2lIAAABwmQF4EPHz3p_zxhldQJD85huqEtPiIrPbIdv164ic8Jhg89Q1t5U_MKstm8PTxxyLxKUAS9MjQDl8la6NKp339_jeB_-cOwWwDsrq99WQUpANbVSSuVDgIHg6WeZu-y3VxoNDwDZI3swEcF4M_zbgdlEcEGvRM98sK1EAFbFwoLR0lKkabDt4_g7ykenj_sgxnedA6qClQwtB94bcmuwsIH8faW2ul8SAQCKE6rbKaIAJbatkCTLFlh93sA94B68856dj8odNGLtdA36cKo-PWMQHo0QSKFzTqcjDm8ro8c4Jqs-V7peICOujxPJgKYieeQE9tu35xElykp07TBQ6Hzu_sv98bYHOQI9Osf1m4VeRv3Xzw37EuU2YOuIO5-Q1-XtMlHXy3HNacHhNKl40YV3KmXqSD2NiR_osYac3-S7B71K7FjlDHsl6wyKR8EfzJ_WHMB4DRH2uT2g6Ha0oaJxEQQOuRkl7D1PtWP08MFPNp6hwo9jKj2lusw

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 120ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J2m1,pingTime:1,time:1152,type:p,clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1152,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1028~100],as:[1028~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:152,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:13 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 118ms
117ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J2m2,pingTime:1,time:1153,type:c,clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1153,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1029~100],as:[1029~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:152,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:publ1,cmr:t}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:13 GMT
X-Server-Name: dt38dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 119ms
118ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J2m2,pingTime:1,time:1153,type:c,clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1153,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.354.300.600,am:i,cc:803.354.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[1029~100],as:[1029~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:152,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1,metricId:grpm1,cmr:t}&br=u
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:13 GMT
X-Server-Name: dt19dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FB8 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=3631245829561059&bg=!JiWlJT1YxCkvzJchBa8CAAACHVIAAABYmQF4b96_lGqYGRrOnVzv8_ZkBMY92T2PS3sOFhFv0oagPXb-rY7m34Bhp1k2x-NrVgxNHjqhu4K1Oq1JEktsKquGwL8stgzlp7cDSuS7NaJ4O_VFPE3E3VmFQsJjIqEnQ43WSmUf03oxZ-SNpVWN5c7me-A8W0C0ZMFzrYYDyA5_WJceaulq8bol7hgdTgO0upKtgawMILWxZygO_3ufS41_HlK3fQm81Y1lz_y7Q3OEY6h3IHfzrW8CGWK5SEIk6RwIM66lkRgSVhYa_9zzHDQJontcKPnAweWYdJz2T8SDJdBYBsySUhkmnfN0olEJ28nxmxCBHTuCsUtlvJcs8GDjj55JPRZtNE57lrMubLFWxEHTc297drwFCXNC2TeLX5xbU8kXva3BUla5ibMbKA1eTgVbvdcw4NtRC9uSiMwGb1QNUeI0b6k25RGJJqaxXXbJkHnyfuAfFQGg0Un7DVZM4EZEvlkidJsx3rAUQarI90o5eietXDe2_A

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=61651c18-9fe2-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62BC 0
58 B 19ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=4375938110385814&bg=!S0ilSFBYoJM3mZhLNgUCAAABfVIAAAA9mQF4Ml9TzqrvNCzio8-vjPbrlHTFifNnAEDxnHm0H2VPecYOcnMPFwJ8o_MZj_UkBNc0LwcT_dDwmqsuWgjrMolT_pX1LswnZmAQVHLZXjFXf5r2B-wwhUVW4YYSe98JE5OT-_dfWqUUxknFmV1y8uC96iScuQkX1X3Tfipdh71YmEX409TBAwzam2cMriSRfwn3Ub8E9obrgNZ32QsaweW1ZYy9Sc76HkpZ6nL-ywoUmKkjGknVeKNGS1YSvhR8C9RWJfggrFkSSoDaYbUEnfp8bgctQ_kUYeqAiIanZPPNBstVnO3VJmpG36sETi27a9sdjaaI6bPynIAmfpdc8LYn7iONYdRVO88QUAQmsUth2ZCyKR_NBBoYUyNlWs_p6wCQRYG26iv4GwCdr5HaysGg8066_WvfMLIfqa6G9h-3e4Km1Qho0Xu7XJUQFzs2xZI3OUaD2MPWHsau2GdV8qUahNffsFzbqcbpR8uE3tEyzidC-PT6aD6UXg

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=0dc6caf8-9fd3-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E1C 0
49 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=2273336760770351&bg=!i4iliJBYfFueWKYjDWQCAAABCVIAAAA1mQF4Q5nzB3LrlFNOq8kJ_2-pqo2Rln6ZRIHgIU2_hxqPw48YRDQUzBcDNJVYaglcy-nMTrPbrz6AUzMHDXBciZyfWICuirgiIF7TIYyiIqZ1UAkOXZTDMzO1rLGJnixqb6DwihSxwVWRSoQZ_IRWbaIomj1OdreDha3_aoUfWR5yZAlPwUxucV-tFNoSSQrPx9e_QE_-rkMoO3zxeCARyHJRMcy5By4vjVZuGqeofrPQTegMsDAE33Malmb9F4khQes9CsPGNggDfuCpZJd6a029cfNWHWKMZ__PUhj3MdCFr14iduDWV_f3rHXXbPb0tuJQMOR12el8n9Szdr_oPzV0H9TbElOvZaaqpJR7L3qs_MeRS_o5FHuULO-u-JU3LllSmIylxSyVmaU7lr9ANGMJc1w3IbH7-33ZZStEnlSWKmlmV9krLRcsFOJXD0B48POq4cB4WnLP-VzbAXc0Q8XhiLh0Jr5N3Od29hBuOx1dP6YpXOXj56J7Pw

Requested by

Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe.html?u=18160560-9fd4-11e8-bc82-0685dc1fc043/t.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=13671/rand=992745587/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/cmp=1/cmpto=250/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/ Frame 37CA 0
0 67ms
67ms Document
text/html 52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=13671/rand=992745587/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/cmp=1/cmpto=250/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13671/cc.js?ns=_cc13671
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=13671/rand=992745587/pv=y/seg=iab_primary_category%20%3A%20Arts%20%26%20Entertainment/cmp=1/cmpto=250/int=%23OpR%2385618%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=f1ede5acc392a2260faf9a054ac6a2a9; _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D"; _cc_aud="ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:13 GMT
content-type: text/html;charset=UTF-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.0.8
set-cookie: _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TKu%2F%2F7%2F%2F8%2FPAAN8G%2BZelWF8nsXwn5GRYfKtK6ow9osjV%2BHsV0jsZ0js6SfUYcwLi%2BewwNjnjh5ihrEfTO1hhLE%2FfraEMS8%2FvyMLYx9G0nrp1CM2GHv%2F8qNwNQA3tU%2FF";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jygADTAzsEXdADPYQFSAJADYFAyM%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16335b785f0dbe89734c689ee4122e6bfe130aadcf5a49d9e9b65ea79b09fc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Apr 2020 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5268
x-xss-protection: 0

GET
H2 200 rt=ifr
bcp.crwdcntrl.net/5/c=12765/rand=960781355/pv=y/cmp=1/cmpto=250/int=%23OpR%2350186%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/ Frame F0C3 0
0 76ms
76ms Document
text/html 52.211.146.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12765/rand=960781355/pv=y/cmp=1/cmpto=250/int=%23OpR%2350186%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12765/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.146.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-146-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=12765/rand=960781355/pv=y/cmp=1/cmpto=250/int=%23OpR%2350186%23www.1079rgvfm.com%20%3A%20Total%20Site%20Traffic/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=f1ede5acc392a2260faf9a054ac6a2a9; _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D"; _cc_aud="ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
date: Mon, 27 Apr 2020 17:54:13 GMT
content-type: text/html;charset=UTF-8
content-length: 1173
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.14.155
set-cookie: _cc_id=f1ede5acc392a2260faf9a054ac6a2a9;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TKu%2F%2F7%2F%2F8%2FPAAP8kx5cU2W8m8zwn5GRYcPcqzKMz7PA7Mm3rqjC2C%2BOXIWzXyGxnyGxp59QZ4IwoYZdWDyHBVXk3NFDzKgiD6b2MKKKfPxsiSpw%2BfkdWVSRwxgGXzr1iA1VZP%2Fyo2i6ACajaMc%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIWy7jygADLAzsEXdADDbhYBDFHqICFg%2BPBBIAaX4EQQ%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 22-Jan-2021 17:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 27 Apr 2020 17:54:13 GMT

GET
H/1.1 200
OK Untitled-2-1.png
s3.amazonaws.com/1079mixfm/wp-content/uploads/ 34 KB
35 KB 154ms
154ms Image
image/png 52.216.147.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/1079mixfm/wp-content/uploads/Untitled-2-1.png
Requested by: Host: www.1079rgvfm.com
URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.147.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff32cb819778ca4ead5bfa0bf251566cc96f773ea754f4068473513a1e73e321

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 Apr 2020 17:54:14 GMT
Last-Modified: Wed, 15 Apr 2020 19:38:24 GMT
Server: AmazonS3
x-amz-request-id: B1D3BD3C6F035561
ETag: "28082851a76f4791fb2a7f7a84531608"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 35151
x-amz-id-2: QQPc0yhTfnpNx7mxH0yt7TkRLhx2BrfYamZqWphOl1AGkAsOKrWPKAZdazidxMYUycWrK/MppH8=
Expires: Thu, 15 Apr 2021 19:38:23 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5D0F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.1079rgvfm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.1079rgvfm.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 27 Apr 2020 16:52:15 GMT
expires: Tue, 27 Apr 2021 16:52:15 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3718
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=2043527430549927&bg=!ycqlytJYZ5qLPMii2gQCAAAAv1IAAAAQmQFd-i9LwdT0k37IASxWEHu3A5cUwvND3hLfiqgN7vTuIzqn9MReYTAKhxAhVZsEuYON-1E5ZAAeWfpcZuSTCVAzmgEpd4SvXMV3LjqOf1HAGGapDHEDVKHfjEY_ezGQESu_0WcMxgSvSj6jnJcVM4Rh4M_QOv6feVA9Dx294u84McJtvU5iI7XZF5fzFSIzu_hFpiVFpz9J961a-kt0d_FZhAhnU5JXkyRKh0DQVmP7xqvN2eZ4sElz8MoxuorLMZF7ZNzZQKZETjipvZpqpKPorMToybNsbxIakkh9hK2HD4WJRkiwHD66Ml9324CaGU2rWj2r12IK04U0rXUHl0RBQmDE6NNsZLxOcP5on78V6LGYc5NecyKg3swkjovdzh6uRu-ovvE-lQUFdwWyYlV3S9MfDCNYWSFf1dwefmP6ZevHdoPivufTahiJcrPeWh4BJBJnW0aFgUlgRrfLhw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Apr 2020 17:54:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 119ms
119ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=47fc03ed-1f29-20f1-a9fc-3b2b3fed97cd&tv={c:b6J3kX,pingTime:5,time:5094,type:p,clog:[{piv:100,vs:i,r:,w:728,h:90,t:60}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5094,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:60,wc:0.0.1600.1200,ac:429.96.728.90,am:i,cc:429.96.728.90,piv:100,obst:0,th:0,reas:,bkn:{piv:[5040~100],as:[5040~728.90]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:127,fm:rXnOkZI+1.927300|11|12|13*.927300|14|15.927300|16.927300|161|17.927300|18|19|1a|1b|1c,idMap:13*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:16 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 122ms
121ms Image
image/gif 104.244.37.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=927300&asId=748a9459-86cd-b650-7b75-4e7da046acc7&tv={c:b6J3ox,pingTime:5,time:5152,type:p,clog:[{piv:100,vs:i,r:,w:300,h:600,t:130}],es:0,sc:1,ha:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5152,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:130,wc:0.0.1600.1200,ac:803.328.300.600,am:i,cc:803.328.300.600,piv:100,obst:0,th:0,reas:,bkn:{piv:[5028~100],as:[5028~300.600]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:124,fm:rXnOkZI+1.927300|11|12|13.927300|131|132|14|15*.927300|16.927300|161|162|17.927300|171|172|18|19|1a|1b|1c|1d1,idMap:15*,rend:1,renddet:XIFRAME.qs.dr,rmeas:1}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.37.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: daldt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.1079rgvfm.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Apr 2020 17:54:17 GMT
X-Server-Name: dt20dal.dal.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:28:26	Name: IDE Value: AHWqTUn08ogBOTRKrIvLtiPZ7ciA8MwZRVgIPqj2wz6qbcP6VurAZd0Avq5sKcJ3
.crwdcntrl.net/	1970-01-19 15:35:38	Name: _cc_aud Value: "ABR4nGNgYGCIWy7jwgADTAzsEXdADPYQFSAJADXsAyI%3D"
.crwdcntrl.net/	1970-01-19 15:35:38	Name: _cc_cc Value: "ACZ4nGNQSDNMTUk1TUxONrY0SjQyMjNIS0yzTDQwNUlMNks0SrRkAIK45TIu%2F4GAnwEG%2BF4cuarK%2BDyL4T8jI8OGuVdlYOxXSOLPkNiTb12Bs6efUIcxLyyewwJjnzt6iBnGfjC1hxHG%2FvjZEsa8%2FPyOLIx9GEnrpVOP2GDs%2FcuPwtUAAEWUT8U%3D"
.crwdcntrl.net/	1970-01-19 15:35:34	Name: _cc_id Value: f1ede5acc392a2260faf9a054ac6a2a9
.listenlive.co/	1970-01-19 09:08:16	Name: _gid Value: GA1.2.750239341.1588010053
.listenlive.co/	1970-01-20 02:38:02	Name: _ga Value: GA1.2.1688891966.1588010053
.crwdcntrl.net/	1970-01-19 15:35:34	Name: _cc_dc Value: 1
.1079rgvfm.com/	1970-01-20 02:38:02	Name: __gads Value: ID=d277bb398266f45c:T=1588010050:S=ALNI_MbGrczz5hJp9SpuXSfmkkUT_6OP4Q
www.1079rgvfm.com/	1970-02-17 11:34:04	Name: ga-disable-UA-53380916-1 Value: true

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.1079rgvfm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.001953125ms
console-api	log	URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js(Line 90) Message: here
console-api	log	URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js(Line 90) Message: here
console-api	log	URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js(Line 90) Message: here
console-api	log	URL: https://www.1079rgvfm.com/wp-content/plugins/adzerk/iframe-v2.js(Line 90) Message: here

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.syndication.twimg.com
connect.facebook.net
cookie-cdn.cookiepro.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
mix1079.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel.adsafeprotected.com
platform.twitter.com
player.listenlive.co
s3.amazonaws.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
tags.crwdcntrl.net
tc.dataxpand.com
tpc.googlesyndication.com
u.tentaculos.net
widgets.listenlive.co
www.1079rgvfm.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.swellinfo.com
104.244.37.20
104.244.42.72
108.128.94.32
13.224.194.26
13.224.194.36
143.204.89.92
151.101.12.157
172.217.16.130
192.173.28.140
2600:9000:2156:3400:1d:3c3b:7580:93a1
2600:9000:21f3:b000:8:48e:53c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:10::6814:b944
2606:4700::6812:1e6b
2606:4700::6812:678
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:815::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2004
2a00:1450:400c:c08::9c
2a03:2880:f02d:12:face:b00c:0:3
52.211.146.59
52.216.147.166
54.158.23.216
0388f8144a4d08719c15ad57ad3c22094170bb990432ba0146857172bcf75a36
047d4e99dae7f1f2fd494a03ad1a65571fba500d0e15b51cabc9005fe99d5f47
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0b0b141a03480eef7d27930f85d68513e1342c4e971de45f023902a3a217c87c
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0e86692191745c2579d89d61391dce166ef43c3613fff4c82e04831c2a2e5261
1138803ef7416dcf4ada6d463d1550d251852525044c2a70d7bea46a5ae570d2
119f3bef7cb4772ed350f752eac7350fea20894b639dbab0f048bf4d16d39a1e
122bfd90110948af0015618901a943934b0f6e5a60f0f5742f4d965c66607269
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
12f48f421f15e935f02a28d43d3ca23afa70e7ad88e2b1fc3d47f4c8a4c1ff4d
16335b785f0dbe89734c689ee4122e6bfe130aadcf5a49d9e9b65ea79b09fc62
167b48b9013922730d4f06f9e05261e6e9c8dc48d5655d337ffa8f43aa780f3a
175e6575ecbfd0402573ef19c5d0c8c2409ee98d74a10c37e44c849fadbcc542
1801667c6d7fa63fbf309ac227a3cf53daff206c8e358464491237eefd173c2c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
19f51965ceb8e408bf91e1013a80aa41f7676eebcbe867515b8ae2d390a22f75
1b14ca5c3f98c0836ca28f1cbf9ad7a40453f839d80c11b2ede5aa66f522381f
1c0aa16cdb0aa07688d09b79f32ca447850dfd467ecc59011830f1255526af35
1d15f9253ccd0b593b3473f249258bdde0af233f6f03ba49288a112c7cef0bce
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e94a459d9e7e60550f1c82c9c0268ccc6d210cf2e110c7bfcc64b2f7c8f7ecc
22965419d80b66706f184cb5e62ff6bc6b0aab00181f519ed05e8cbcd3c43855
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386
2a9a53271f48b09783e1316b8c5b5314762ed654ef890cb35e840cb99012ed4f
2b9218c760f8200ab67d8ca733da760170ba7b3347fb32f6b489a35c5aa4fc43
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
32e3cc58e6761585f4eb6248ebe1e1ad1d72c8e3fb3bf102d6ec260891f1ccf5
3699e9a8168525eb97795c72bb6315a198b4b18d9c914cc9f3a17fb2c79d1615
36b14e1fa247823fa5d4cb6f73650d87ef6b75d45a7b4f1d2b5286304975e4fe
392bdcaa3ead92f8991fa0471b29b0b45d3c89f9588635eeed3dce46a850299a
396756cb280d94500ca3289dadf1fa045a54efc7406fb9fa47df9f539227531b
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3c049ea432cb3c95043ef58d76b7635592b2a4cd8e0fb6ef5b4bd5cbef573923
3d0d26aeaa32e7ec4f86ce8121843bf854b3d7b8864466992c0c543259756b2b
40e8c0f7ef71520ab9b041aaaba89211d1020814f15b1fdf289587f9a6a335d8
44596c32c4a9f8de15f6f758262b7d892e792c359a6c57016e670620bd6cc7f6
44c1a1906f8b24c75068a384cfa81463d7024232052b5950bf570ed158df0635
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4560a4a9e72ead9f48eedd468225200e9c5d8436bb35c1e708ebac0289d01c6d
484e96df09f709e8553e1bbdb3be7b22b9710774c2b9cac228afee39c83d9ba7
48b9b9c50fd14ec46d7bafe5857e5aeeb945e25a79f678f31f02d2c2761e5971
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
524d3583513203255268e3b45e02b780ec942cc84ee6fee7ef206f8eb1edb69b
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5728a589f3d4d4ec3e6a1e312bdc1d27953d74917ec57baaf55f97b0b19df462
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5bdf2b2e36dd05a677dfb752ee73a18c3867e64c7907e8030891d4634eb9aca1
5e725b97229ae48b766e57f8b085b0e2ecc358f93911505ca87647c163f83be9
6148d31d6fc92f251a3601ddbf2310b627adcf3ec22f80c5c04ad4618326f7d8
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
70ea083c612a4c2c3a3d00c992df18ce71aff23917a271021ee0f8ec606baf4d
72945876902af2cd35e37c7dc27c9a1ece0e3f3185100c36f5e55e468182467a
72c6a2fd0eb060fc015a42777a3b878b5ae6f197cc4abbeb4c09f565a27f8845
73708e87e1997658c326e842f32c0d22fccb5b81e04a141e89aa2b9b50e27d89
76263ddfddd70967f6da3df267de45ce8b6d5936d3a17bce485ada2f683d38f4
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
78d3853de941381f0d174d721af7979d76118890eaa15cd1bc212224ebdac112
7a65d2ca74612718c9f991f8615711c02810c2063278e33ada3ddc257945f404
7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156
7e13260218dc0aca7d41cc60f433983aa865247ca8f6d3495542ad80da9be7a8
7ea940dc985a2150c2a23868c7216c6eddfa822725ec174bff3fba55197fc8cd
7f64215e2f8b42e3d2d87973df6904195818cc5f9b1cd12f9579178303e317d5
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
81c875fbbf381eb8ff35ea311707ad2a550f6c9f362be3bf082a2641ab1b4a93
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83709e0ae247518635a3cd17612af81bbaa5214e5b40d7f2fae6cb160da22bb8
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
873f2ba5e86c912d621926e4de582ea92fe9ffd639210c0adf9e323244ddd632
89a9770fc4812c92e10fb2a8458515b2513a433d06a41ae4c856ef23e3ab3c9f
8aed601ee913d9d1cadda920693d3cd47336420a53291c563ddba3cd000d3dea
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8dedf4ee762ea98d85e0d6b8fd9b1daf3f02e11093a777bb9d3b9d25f3ac6c91
8e00ebebe053ff93e139bab1a80ced2517b33572ab374ae641e0e1cfed58d8e0
901c6795bfbc66b085d00a91386e3111c4b8495d9b4a47d40181fc980b290924
903e1e7851b32735004d60eca139129cd3053077d5cafbd21f706d731d9399b8
9205d516a143abc19c57aad8293e3b4f4cb69401cac2be59f8be47e18bc24289
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
94f9ea43b760c2c30737e1afedf54fc5c640aac171f5fb9d81b52937baf1a0ef
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
99b9fb3141db09393e37111ceb14386c4bc88abb78c3f7adc56eb0985225610c
9e287a10e726d2d43f7fcec29238d4ea2df40536878c325100ea0f3446c33dac
9f63df0f68a3a174fb0b7ec26481426500707206ffea3c90052c153d27fa7259
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
aa682920521ee0693993dc49398e7e7dba60620c6d78c728a506a94d90fad8cb
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
ae4670726a8f39d73693f7fae3e6201cc432f61cbfd7ff0abdb0fe90cb7309fa
b00ff6d1fe636836e1354d660d4f60cd4a3537fabc8d26d754b7b6ee814a1d37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b79cc8445a451e53a89ae80d7b033b44b58a99882a7993a80af4c533d7836f
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
b736b5d47a388f988442b47707417b796d491756754946f642d0780d644c6fc4
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba89406e7f5a3500a271c9b7479c351e85f57a4f51490929b0057362527b0237
bbe8afd56c7dc5fb5853ca849f453403c67dcf7ee8fc94c0912951e0204174ad
c0071a81f757af8ce22343643a56b045ae7d1b7f26d617129e4e0251e8b6ca93
c01d825e8f03f4125b38f630b84c7a88201c319b4f94e5a6a787cd86b89543f0
c0589c557444c6b20f61d3e6201723b9d58abe827c4b0d23888e608796c07e87
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c0915f65d32fde84ff4ca81b0f4b662c33ba337aa2b45a9002e07af33521fb81
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2
c27f5817aadf61348b8933846226f88bd9b870346a4eb6b845035d47e5886d17
c29a5528fdb3a2ab62773073c7ac61274b2cdeb3a324e1a50f1ec86de1ebdc13
c37246521fd589627a4b7fd6a84dccf3c4f6aecbcfafa0b7041f7096bc9a1210
ca6787fdc2e2c2be6dc963f1b726568fad4020000673e407aaad7cd088a2dd79
cb6dfba80dfcb7cdaab810ef1f02bdde701b306bfdcbf71cdbb44177bc3dded2
ce019064fb44831cab7567f8e33c965056e57ba7f6d510137126c5d1a2c0ff0a
ce8666e71fcec815ac27c467604b433403ef6d3dc27b2a8a25f0f9f81ba9b5ca
d02934f0a5b722dbd076dda86e34373e037158a672a8a10409bcbdb5a9040b42
d1eb8139f60300bfd63ae9550f6d40b0c5c532f5797b15ca1fa1ef443caf3a0e
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d3c56e150615c0ad5f18c5bfa15bec1327a9ee6c52fab694ab033fe5b12c69c3
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d66fb86e518acc652b76b589d8c750f4a5161fe71a9718e68f61068907f93793
d80f91d70c982eeb3d462e518193ff49c4ebe0b2fcd1086b28d048070c996bf6
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d9d08b01f6611011278c0779746b1d6794ce85f9370cae8177a9f71fcd34475b
db1173e1b53b03d1f5bef927f915b4dfa2560468bb7b4c6d4c914f9f29d734df
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc571c84a61edecbdf3b1f203ca3d683bb826353f55b129f7bae999e4cf43d35
dce62b2347430db2aa34331b35c53ed3ecd9f0c8a1dbca768bba5afd4da422fd
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e293e9b4346e2824c5902b3579fe391431c61d8ea1a76d8bac2425b6838dd059
e2bda6bcad9952c0bd86da0355fbd58ff8f03db11b973495f327096fbaa28ec6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e45c6c499e88025f8329abd69591c0cd2d1d85e2900d7e9f802d1562d1b1fffb
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
e891f7c4f6d8bed7e8accd954579e237bce77dee93a2b8ec6179a1709dcc9f9b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec13e7bf171efd1c7e07341ede1e4e542a5a01c831090ad45211c4c3c208a66c
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2
f27fb180a9e0acf9e84d10fdce6b9562fae52e9c6ed606fd858fd11c03d4a3f8
f2e3b25d45ce81f463784f0409ba98d7b7730cc8cda7ea272183e35203db3307
f5602f9f166505c519a3351bf4de1cf78d369ed2e94f891c598a5385c6db6712
f7370f2cf45602f3187c2ae485038581279c93389efc8aa2466443e2d03d6b2d
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f83f0a496bb1a9b75bd7ddaa59c751f3a12bca4e6c4876da35f2a888d26f54a8
fd4800d17a2b6b6d822d1eb1e563417e31e66a0ae4bdd5a80684e3adbbc58771
ff32cb819778ca4ead5bfa0bf251566cc96f773ea754f4068473513a1e73e321

www.1079rgvfm.com Open in urlscan Pro 54.158.23.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

100 %HTTPS

60 %IPv6

23 Domains

34 Subdomains

30 IPs

5 Countries

3890 kBTransfer

9676 kBSize

9 Cookies

20 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.1079rgvfm.com Open in urlscan Pro
54.158.23.216 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

100 %
HTTPS

60 %
IPv6

23
Domains

34
Subdomains

30
IPs

5
Countries

3890 kB
Transfer

9676 kB
Size

9
Cookies

250 HTTP transactions
9 data transactions