www.archermalmo.com Open in urlscan Pro
104.239.145.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thesparkmachine.com/Antivirus.zip
Effective URL:
https://www.archermalmo.com/Antivirus.zip
Submission: On November 10 via api (November 10th 2020, 9:19:37 am UTC) from IL

Summary HTTP 65 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 24 domains to perform 65 HTTP transactions. The main IP is 104.239.145.164, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.archermalmo.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 16th 2020. Valid for: 3 months.

This is the only time www.archermalmo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.113.197.192 208.113.197.192	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1 9	104.239.145.164 104.239.145.164	33070 (RMH-14) (RMH-14)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	52.217.18.132 52.217.18.132	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
6	143.204.208.219 143.204.208.219	16509 (AMAZON-02) (AMAZON-02)
2	130.211.21.179 130.211.21.179	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10c... 2a02:26f0:10c:5a4::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10c... 2a02:26f0:10c:582::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.52.157 199.232.52.157	54113 (FASTLY) (FASTLY)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
6 10	52.51.60.151 52.51.60.151	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	52.72.9.12 52.72.9.12	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
65	25

1 208.113.197.192 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-emu.paulding.dreamhost.com

www.thesparkmachine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.239.145.164 (San Antonio, United States) 1 redirects

ASN33070 (RMH-14, US)

www.archermalmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba2a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.217.18.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

archermalmo2018.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.208.219 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-219.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.21.179 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 179.21.211.130.bc.googleusercontent.com

koi-3qnkjg7ux4.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.52.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.51.60.151 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.9.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-9-12.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co	5 KB
9	google-analytics.com www.google-analytics.com	20 KB
9	archermalmo.com 1 redirects www.archermalmo.com	78 KB
7	amazonaws.com archermalmo2018.s3.amazonaws.com	226 KB
6	cloudfront.net d10lpsik1i8c69.cloudfront.net	100 KB
6	typekit.net use.typekit.net p.typekit.net	56 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
2	openx.net 1 redirects us-u.openx.net	472 B
2	twitter.com analytics.twitter.com	430 B
2	facebook.com www.facebook.com	463 B
2	facebook.net connect.facebook.net	92 KB
2	licdn.com snap.licdn.com	3 KB
2	marketingautomation.services koi-3qnkjg7ux4.marketingautomation.services	5 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects ads.yahoo.com	716 B
1	perfectaudience.com tag.perfectaudience.com	4 KB
1	t.co t.co	166 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	luckyorange.net settings.luckyorange.net	2 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	jquery.com code.jquery.com	30 KB
1	thesparkmachine.com 1 redirects www.thesparkmachine.com	261 B
65	24

	Domain	Requested by
10	pixel-geo.prfct.co	6 redirects www.archermalmo.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.archermalmo.com
9	www.archermalmo.com	1 redirects www.archermalmo.com
7	archermalmo2018.s3.amazonaws.com	www.archermalmo.com
6	d10lpsik1i8c69.cloudfront.net	www.archermalmo.com d10lpsik1i8c69.cloudfront.net
4	secure.adnxs.com	3 redirects www.archermalmo.com
4	use.typekit.net	www.archermalmo.com use.typekit.net
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects www.archermalmo.com
2	analytics.twitter.com	www.archermalmo.com static.ads-twitter.com
2	www.facebook.com	www.archermalmo.com connect.facebook.net
2	connect.facebook.net	www.archermalmo.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.archermalmo.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	p.typekit.net	use.typekit.net
2	koi-3qnkjg7ux4.marketingautomation.services	www.archermalmo.com koi-3qnkjg7ux4.marketingautomation.services
1	pixel.rubiconproject.com	www.archermalmo.com
1	pixel.prfct.co	www.archermalmo.com
1	ads.yahoo.com	1 redirects
1	tag.perfectaudience.com	koi-3qnkjg7ux4.marketingautomation.services
1	t.co	www.archermalmo.com
1	static.ads-twitter.com	www.archermalmo.com
1	www.linkedin.com	1 redirects
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	www.googletagmanager.com	www.archermalmo.com
1	code.jquery.com	www.archermalmo.com
1	www.thesparkmachine.com	1 redirects
65	28

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
twitter.com
linkedin.com

Subject Issuer	Validity	Valid
www.archermalmo.com Let's Encrypt Authority X3	`2020-10-16` - `2021-01-14`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.marketingautomation.services Sectigo RSA Organization Validation Secure Server CA	`2020-03-12` - `2022-06-10`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-31` - `2021-07-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
b2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-10` - `2021-08-15`	9 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.archermalmo.com/Antivirus.zip
Frame ID: CF324F10841EDE02BAD8EC1246809065
Requests: 62 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Frame ID: 17BAE69EC99E59E4E6F76F47D8028555
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.thesparkmachine.com/Antivirus.zip HTTP 301
http://www.archermalmo.com/Antivirus.zip HTTP 301
https://www.archermalmo.com/Antivirus.zip Page URL

Detected technologies

Locomotive (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]*\/sites\/[a-z\d]{24}\/theme\/stylesheets/i

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MongoDB (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]*\/sites\/[a-z\d]{24}\/theme\/stylesheets/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]*\/sites\/[a-z\d]{24}\/theme\/stylesheets/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]*\/sites\/[a-z\d]{24}\/theme\/stylesheets/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

65
Requests

97 %
HTTPS

45 %
IPv6

24
Domains

28
Subdomains

25
IPs

7
Countries

668 kB
Transfer

1516 kB
Size

12
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/archermalmo

Search URL Search Domain Scan URL

URL: https://instagram.com/archermalmo

Search URL Search Domain Scan URL

URL: https://twitter.com/archermalmo

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/archermalmo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thesparkmachine.com/Antivirus.zip HTTP 301
http://www.archermalmo.com/Antivirus.zip HTTP 301
https://www.archermalmo.com/Antivirus.zip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1812044%26time%3D1604999960015%26url%3Dhttps%253A%252F%252Fwww.archermalmo.com%252FAntivirus.zip%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&liSync=true

Request Chain 48

https://pixel-geo.prfct.co/tagjs?a_id=141038&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=141038&source=js_tag

Request Chain 49

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202011%7C5faa5b18e33b044d860b5eec%26pid%3Dpa_Skl1q27DPwMspqXhl HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=3343059466177568379&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl

Request Chain 50

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Skl1q27DPwMspqXhl

Request Chain 51

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_Skl1q27DPwMspqXhl&sigv=1&esig=2~ac4debdb9adaf02ea132194211f7aa0dc163dd9e HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_Skl1q27DPwMspqXhl

Request Chain 52

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Skl1q27DPwMspqXhl HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Skl1q27DPwMspqXhl

Request Chain 53

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Skl1q27DPwMspqXhl

Request Chain 54

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfU2tsMXEyN0RQd01zcHFYaGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfU2tsMXEyN0RQd01zcHFYaGw&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 56

https://secure.adnxs.com/seg?t=2&add=23683663 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23683663

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request Antivirus.zip Show response
www.archermalmo.com/
Redirect Chain

http://www.thesparkmachine.com/Antivirus.zip
http://www.archermalmo.com/Antivirus.zip
https://www.archermalmo.com/Antivirus.zip

27 KB
27 KB

494ms
230ms

Document
text/html

104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

6dc78632625e72945ae79a2d7f04470098ccb90481465301b6f777e3941dac98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.archermalmo.com
:scheme: https
:path: /Antivirus.zip
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Tue, 10 Nov 2020 09:19:18 GMT
server: Apache/2.4.25 (Ubuntu)
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.archermalmo.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 10 Nov 2020 09:19:18 GMT
Server: Apache/2.4.25 (Ubuntu)
Location: https://www.archermalmo.com/Antivirus.zip
Content-Length: 334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 mop5nld.css
use.typekit.net/ 3 KB
921 B 257ms
231ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mop5nld.css

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

0f1a6489e0dfd4235a21611006b5249afff93662037f65a4b151af4648a7e055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Tue, 10 Nov 2020 09:19:19 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 722

GET
H/1.1 200
OK main.css
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/stylesheets/ 67 KB
67 KB 550ms
238ms Stylesheet
text/css 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/stylesheets/main.css?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee2ea3ac65897b4e4610411fabd060ce844536fa0a12c5d6dd12c5626a09f416

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:20 GMT
Last-Modified: Tue, 05 May 2020 19:44:08 GMT
Server: AmazonS3
x-amz-request-id: 2B432555A82DA107
ETag: "e1f09123d54b9cf0060af4f7964151b1"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 68292
x-amz-id-2: xLOXejy7jlVCb6AmsU0LG8O9T8x3g49Uy6OIRcgufViMk61PBtMc0Ea/aFc4i8OjQK2PqCWcE70=

GET
H2 200 bundle.css
www.archermalmo.com/wp-content/themes/am-2020/dist/css/ 187 KB
38 KB 141ms
140ms Stylesheet
text/css 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-content/themes/am-2020/dist/css/bundle.css

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

1e69b5aab1ec194ff4f08d8fa72bd427f91c917364cc77705ef6a59ea283f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:18 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 18:55:02 GMT
server: Apache/2.4.25 (Ubuntu)
etag: "2eca6-5b32448a528be-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 38866

GET
H2 200 efs3nru.css
use.typekit.net/ 2 KB
834 B 193ms
167ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/efs3nru.css

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

145bd09545f2d8a88e107124597e28df445e39c2b1de5931a9ccfa29e26c7c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Tue, 10 Nov 2020 09:19:19 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 634

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 28ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Origin: https://www.archermalmo.com
Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:18 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
status: 200
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1604999958.dop143.fr8.t,1604999958.cds216.fr8.hn,1604999958.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK header.js Show response
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/ 89 KB
89 KB 488ms
160ms Script
application/ecmascript 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/header.js?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c10e3a9283b2d1171298f99f392dfdbb79880ddeccb08d88060a29728ab8c5d

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:20 GMT
Last-Modified: Wed, 27 Nov 2019 17:41:09 GMT
Server: AmazonS3
x-amz-request-id: 2F5D9D15EDA27429
ETag: "272349c006648d082779de064e979f6d"
Content-Type: application/ecmascript
Accept-Ranges: bytes
Content-Length: 91058
x-amz-id-2: B5F9opL9hze1Kk04fe6ZEFOUWqG4f2I+OYCRMOkMUG+pY37hfi1xoddodGhA/PiR2rnp4P4DcbY=

GET
H2 200 style.min.css
www.archermalmo.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 233ms
232ms Stylesheet
text/css 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-includes/css/dist/block-library/style.min.css?ver=a8e4a03c963d499b23c38b7bf8a37f7f

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:18 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 21:40:11 GMT
server: Apache/2.4.25 (Ubuntu)
etag: "d293-5b2d61fe481ad-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7907

GET
H2 404 Chart.min.css
www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/ 0
0 258ms
257ms Stylesheet
text/html 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/Chart.min.css

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:18 GMT
server: Apache/2.4.25 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.archermalmo.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Chart.min.js
www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/ 0
0 320ms
319ms Script
text/html 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/Chart.min.js

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:18 GMT
server: Apache/2.4.25 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.archermalmo.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
47 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJHKM8

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8365b7dccd21ddba64cbc6b93dcbd05ba654d5d41705f20fe0b205d8102da6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48170
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Nov 2020 09:19:19 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 78ms
22ms Script
application/javascript 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 485603ca5c95fbd9a102d2a309786f8f77a2d2ff731fcf160c3d175eff8c8b5d

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:09:50 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 19:52:05 GMT
server: AmazonS3
age: 570
etag: "f504462f90440a259bb14715b69c121a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ygT9HMcctqMfPnZe83N12c1B0w9MsLct7KeXI6Rsdim1vb31yDxQ-w==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
H2 200 ss.js Show response
koi-3qnkjg7ux4.marketingautomation.services/client/ 11 KB
5 KB 226ms
123ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qnkjg7ux4.marketingautomation.services/client/ss.js?ver=2.2.1
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.21.179 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.21.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: ddcfce5ecd041fb2e684b00f0aafe68f5df4d08be5248c2f1c944a9bde8067d7

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 14:49:29 GMT
server: openresty
etag: W/"5fa956f9-2dec"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800, public
alt-svc: clear
via: 1.1 google
expires: Tue, 17 Nov 2020 09:19:20 GMT

GET
H/1.1 200
OK social-facebook.svg
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/ 826 B
1 KB 142ms
140ms Image
image/svg+xml 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/social-facebook.svg?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1116fcf1dc1bbd4bb260f2612e1dc38f737699f9958702e531d71b5efca58963

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:20 GMT
Last-Modified: Wed, 27 Nov 2019 08:50:37 GMT
Server: AmazonS3
x-amz-request-id: 3643C8F54FA2EFFA
ETag: "20c8686a4494fce9c723c5927b4cfa3e"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 826
x-amz-id-2: gVFo/GJIKAG3rKj7KHUleg6d97bPCm6E/2Vu5xjNTkfNWalb6IeDCR8Q0XIHg/G+dW+B6pGjap4=

GET
H/1.1 200
OK social-instagram.svg
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/ 2 KB
2 KB 139ms
137ms Image
image/svg+xml 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/social-instagram.svg?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7c7b6d1b37263aa237e6ca619fafb7ccf97113eb9c31db57917705402e762921

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:20 GMT
Last-Modified: Wed, 27 Nov 2019 17:40:52 GMT
Server: AmazonS3
x-amz-request-id: 0J1H7S5HAYFH7M1J
ETag: "7662b8598e3e1adeab771dbeab8bea34"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1709
x-amz-id-2: 27rHR+AnxdP9j9ksS4ffsfiEvfwymvx/gBYfBH2RS4o9ST+Wfi21eOxNsT6BImfalmvJy3nzo+k=

GET
H/1.1 200
OK social-twitter.svg
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/ 1 KB
1 KB 293ms
153ms Image
image/svg+xml 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/social-twitter.svg?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a014324d577241dead5d76918a8293d26e76652031e74b67f38e0257655088e5

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:21 GMT
Last-Modified: Wed, 27 Nov 2019 08:50:38 GMT
Server: AmazonS3
x-amz-request-id: 68FB73D1D2B9DBBC
ETag: "b31189ae7e428d6948dacc6199f59d19"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1072
x-amz-id-2: z2HJm+PtMAyvUCxG+RBj9vA3BYmG9Se50P+dXccLRiOWnRsFFO57nJ4/44fX3RBY7DSATu0PaIM=

GET
H/1.1 200
OK social-linkedin.svg
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/ 12 KB
13 KB 271ms
129ms Image
image/svg+xml 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/images/social-linkedin.svg?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5a19d33dcb6411289e226a6eafcb5bb11b7c49ee9ed30ff8c14dee820f1c8537

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:21 GMT
Last-Modified: Wed, 27 Nov 2019 08:52:37 GMT
Server: AmazonS3
x-amz-request-id: F66C5D8429F91A68
ETag: "f4565a74514cd665a5a03dc5019178cc"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 12516
x-amz-id-2: y0ZLGdLx9QxE7JBbUppET//oZ/kacugIQuZY9vIp3I8J1QTH8FHWL6TjZFnpIKwexOLiHUjCBD4=

GET
H/1.1 200
OK footer.js Show response
archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/ 52 KB
53 KB 159ms
158ms Script
application/ecmascript 52.217.18.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/footer.js?1588708272
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ca56806a6606b3b9231c60bf7dd93a71c50083ebdd21f6d54b2c3801fd2608f

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:20 GMT
Last-Modified: Wed, 27 Nov 2019 08:53:16 GMT
Server: AmazonS3
x-amz-request-id: FA2F87D18D868AE6
ETag: "d69d0c153b00ac1660933b2f76c44524"
Content-Type: application/ecmascript
Accept-Ranges: bytes
Content-Length: 53657
x-amz-id-2: 2M5qqInZfGtYNuFrpxc/dodYC850sNkjz4KlcUuf36h5Dbj8E9QXNLqLmklwofSX5NMIfPpfQao=

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 33ms
9ms Stylesheet
text/css 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=efs3nru&ht=tk&f=28413.28417&a=9042887&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/efs3nru.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/efs3nru.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
last-modified: Wed, 02 Sep 2020 04:00:22 GMT
server: nginx
etag: "5f4f18d6-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 10ms
9ms Stylesheet
text/css 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=mop5nld&ht=tk&f=10294.10295.10296.10297&a=427699&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mop5nld.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/mop5nld.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
last-modified: Wed, 02 Sep 2020 04:00:22 GMT
server: nginx
etag: "5f4f18d6-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 wp-emoji-release.min.js Show response
www.archermalmo.com/wp-includes/js/ 14 KB
5 KB 134ms
132ms Script
application/javascript 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-includes/js/wp-emoji-release.min.js?ver=a8e4a03c963d499b23c38b7bf8a37f7f

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 21:40:32 GMT
server: Apache/2.4.25 (Ubuntu)
etag: "37a6-5b2d6211fee64-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4671

GET
H2 404 Chart.min.css
www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/ 0
0 221ms
221ms Stylesheet
text/html 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/Chart.min.css

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
server: Apache/2.4.25 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.archermalmo.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 Chart.min.js
www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/ 0
0 311ms
311ms Script
text/html 104.239.145.164
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.archermalmo.com/wp-content/themes/am-2020/node_modules/chart.js/dist/Chart.min.js

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.239.145.164 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache/2.4.25 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
server: Apache/2.4.25 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.archermalmo.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHKM8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 211
date: Tue, 10 Nov 2020 09:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 10 Nov 2020 11:15:48 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJHKM8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=53609
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
2 KB 216ms
179ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&s=181670

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6a9a1f876ca0380de1aaeb2ac7ebf1416cbaaefd93a92d0eaf80a4e07ad3295

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 06530ceda900000b33099a1000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tV3amHGC2zOhep%2BshtAj%2FRaX8MNUEUWBBllbST7%2FpxVYSI%2FlV7ui857UOJGKz%2Fyy9pXN%2B%2F%2BNl9kx9zZKmkSQeWqtNN%2B%2FBBRQ%2BhQdpWBPLbWuY1qDCMCiPbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.archermalmo.com
access-control-allow-credentials: true
cf-ray: 5efeb0f5dff40b33-AMS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 l
use.typekit.net/af/1da05b/0000000000000000000132df/27/ 26 KB
26 KB 28ms
5ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mop5nld.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 603aa544344c1fea12a9be6eb942a128d1bbfeade4b5e3e7b93470584b5b9610

Request headers

Origin: https://www.archermalmo.com
Referer: https://use.typekit.net/mop5nld.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
server: nginx
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26856

GET
H2 200 l
use.typekit.net/af/8f4e31/0000000000000000000132e3/27/ 27 KB
27 KB 29ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mop5nld.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 5fae1ef4feb16fb6778240d5a565de844e9574dff3b5c608bc90216e39cd622d

Request headers

Origin: https://www.archermalmo.com
Referer: https://use.typekit.net/mop5nld.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:19 GMT
server: nginx
etag: "79f9defc7632bc87dc40a06c82c11882a3000992"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27724

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 09:19:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=75104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1001 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 08:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2713
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 10 Nov 2020 09:34:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-6095438-14&cid=211904804.1604999960&jid=1123965791&gjid=183305100&_gid=369665518.1604999960&_u=aGBAgEAjAAAAAE~&z=257561230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 Nov 2020 09:19:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.archermalmo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=pageview&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=1123965791&gjid=183305100&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=246786

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=pageview&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjAAAAAE~&jid=&gjid=&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=1703608352

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1812044%26time%3D1604999960015%26url%3Dhttps%253A%252F%252Fwww.archermalmo.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&liSync=true

0
40 B

151ms
151ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&liSync=true
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: bYEs1PUaRhbwWw+xESsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: FRJ1zvUaRhaAgVmeECsAAA==
pragma: no-cache
x-li-pop: afd-prod-eda6
x-msedge-ref: Ref A: F7F207ED66B64F32942F6C11FE825163 Ref B: FRAEDGE1221 Ref C: 2020-11-10T09:19:20Z
x-frame-options: sameorigin
date: Tue, 10 Nov 2020 09:19:19 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1812044&time=1604999960015&url=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 15ms
14ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=992054083&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2FAntivirus.zip&_u=aGDAAEAjAAAAAG~&jid=1314106769&gjid=994877689&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&_r=1&gtm=2wgas1WJHKM8&z=1053797511

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Nov 2020 09:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.archermalmo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=90%25&el=%2FAntivirus.zip&_u=aGDAAEAjAAAAAG~&jid=&gjid=&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=904968955

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2FAntivirus.zip&_u=aGDAAEAjAAAAAG~&jid=&gjid=&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=297818011

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
8ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2FAntivirus.zip&_u=aGDAAEAjAAAAAG~&jid=&gjid=&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=594198163

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
8ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=992054083&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Archer%20Malmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2FAntivirus.zip&_u=aGDAAEAjAAAAAG~&jid=&gjid=&cid=211904804.1604999960&tid=UA-6095438-14&_gid=369665518.1604999960&gtm=2wgas1WJHKM8&z=2101043873

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 10:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82777
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: iRoIYg8Z4zbgU4pFiBM3r9ElUtZcBjCUcF9WkV8fS5+mamIzahKxnjDBSv3KpZxr0FO6K1I7HOa8ZXqbQSrO3Q==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 10 Nov 2020 09:19:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 30ms
30ms Script
application/javascript 199.232.52.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.52.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
age: 42403
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-man4141-MAN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1604999960.083307,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 94ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-6095438-14&cid=211904804.1604999960&jid=1314106769&gjid=994877689&_gid=369665518.1604999960&_u=aGDAAEAjAAAAAG~&z=1408764749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 Nov 2020 09:19:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.archermalmo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643781339724539 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643781339724539?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce83ccd3980011f50e4f514655c604c13410ad726f44e2dc04c43d323ece3806

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: cz5HzklJBwdy7VeKV1+QbBN4PSzWMhgbP/MVbpohT1PknUrtmEURI5hLXl4ys521eMxdYVjekXZ/EZfGzPAgHw==
x-fb-trip-id: 664085054
date: Tue, 10 Nov 2020 09:19:20 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
166 B 126ms
126ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o31yz&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Tue, 10 Nov 2020 09:19:20 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 047b4a6d9bcfa9fe8580a034a7f84a5a
x-transaction: 004943ab00033a1b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 17BA 286 KB
92 KB 77ms
30ms Script
application/javascript 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9cc69093eb458759b4fc04f41883e324293e8e2bfeafbab6246c5284d1bc0c5

Request headers

Origin: https://www.archermalmo.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 20:37:46 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 132095
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
etag: W/"d79a1aa1a3a7733819e346e91f36fab4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: gO1Gp5P9Yc9LRIsAY8Xlv99EVIl_HSQibZQzXqKlUqoEVTHF7BctEQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643781339724539&ev=PageView&dl=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&rl=&if=false&ts=1604999960188&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1604999960187.2002586611&it=1604999960098&coo=false&rqm=GET

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Nov 2020 09:19:20 GMT

GET
H2 200 koi Show response
koi-3qnkjg7ux4.marketingautomation.services/ 148 B
598 B 180ms
180ms Script
application/javascript 130.211.21.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qnkjg7ux4.marketingautomation.services/koi?rf=&hn=www.archermalmo.com&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1604999960161&tk=null&ac=KOI-45WROFF2QQ&ts=1604999960&pt=0&pl=0&loc=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip&tp=page&ti=Page%20not%20found%20-%20Archer%20Malmo

Requested by

Host: koi-3qnkjg7ux4.marketingautomation.services
URL: https://koi-3qnkjg7ux4.marketingautomation.services/client/ss.js?ver=2.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.21.179 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

179.21.211.130.bc.googleusercontent.com

Software

openresty /

Resource Hash

aab1f2189ce49b7aefb47074d17c8cd43bac014c05e51b42d747569ebc7505e9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
p3p: CP='This is not a P3P policy! See http://sharpspring.com/privacy for more info.'
status: 200
pod-hostname: koi-656d494b75-4pkn7
alt-svc: clear
x-xss-protection: 1; mode=block
pragma: no-cache
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Nov 2020 09:19:20 GMT
server: openresty
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5f5a5464233b2c2e980016ed.js Show response
tag.perfectaudience.com/serve/ 10 KB
4 KB 272ms
210ms Script
text/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5f5a5464233b2c2e980016ed.js

Requested by

Host: koi-3qnkjg7ux4.marketingautomation.services
URL: https://koi-3qnkjg7ux4.marketingautomation.services/client/ss.js?ver=2.2.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

21bbc9e6cc88d6074102ae6bb3ff4ee41a8df53be55f5334716aa8ae77a77bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 3549
x-served-by: cache-hhn4036-HHN
server: Cowboy
x-timer: S1604999961.542988,VS0,VE189
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 vegur, 1.1 varnish
cache-control: max-age=1800
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 /
www.facebook.com/tr/ 0
86 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGvSV4lSzTBRRivfW

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 10 Nov 2020 09:19:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.archermalmo.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=141038&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=141038&source=js_tag

125 B
454 B

31ms
31ms

Script
text/javascript

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=141038&source=js_tag
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2efbe56fc49d0413eed926f31ceac84235ff56b95539ec35443e12acd23fcc08

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=141038&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202011%7C5faa5b18e33b044d860b5eec%26pid%3Dpa_Skl1q27DPwMspqXhl
https://pixel-geo.prfct.co/usermap/?xid=3343059466177568379&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl

43 B
256 B

31ms
30ms

Image
image/gif

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=3343059466177568379&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 09:19:21 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.49:80
AN-X-Request-Uuid: 6edb6f73-b359-4c00-9c6f-324edce6c322
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=3343059466177568379&sid=202011|5faa5b18e33b044d860b5eec&pid=pa_Skl1q27DPwMspqXhl
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Skl1q27DPwMspqXhl

43 B
312 B

133ms
133ms

Image
image/gif

104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Skl1q27DPwMspqXhl

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Tue, 10 Nov 2020 09:19:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: acd79e6b02cb73e28baf1c3afd3313e2
x-transaction: 00be169400ca7fda
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Skl1q27DPwMspqXhl
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_Skl1q27DPwMspqXhl&sigv=1&esig=2~ac4debdb9adaf02ea132194211f7aa0dc163dd9e
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_Skl1q27DPwMspqXhl

43 B
460 B

403ms
99ms

Image
image/gif

52.72.9.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_Skl1q27DPwMspqXhl
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.9.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-9-12.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Tue, 10 Nov 2020 09:19:21 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
status: 302
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_Skl1q27DPwMspqXhl
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Skl1q27DPwMspqXhl
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Skl1q27DPwMspqXhl

43 B
180 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Skl1q27DPwMspqXhl
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Nov 2020 09:19:21 GMT
via: 1.1 google
server: OXGW/16.197.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 10 Nov 2020 09:19:21 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Skl1q27DPwMspqXhl
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Skl1q27DPwMspqXhl

0
239 B

113ms
28ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Skl1q27DPwMspqXhl
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Skl1q27DPwMspqXhl
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfU2tsMXEyN0RQd01zcHFYaGw
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfU2tsMXEyN0RQd01zcHFYaGw&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

33ms
32ms

Image
image/gif

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 10 Nov 2020 09:19:21 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 181ms
116ms Image
image/gif 52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=23683663&source=js_tag&a_id=141038
Requested by: Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-60-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=23683663
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23683663

43 B
1 KB

41ms
40ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23683663

Requested by

Host: www.archermalmo.com
URL: https://www.archermalmo.com/Antivirus.zip

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 09:19:21 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid: f2a76c4a-72ca-4fba-88d3-6e0256c810cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 09:19:21 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: 06876f63-7ec3-4861-8eac-ee64024fa0fa
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D23683663
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
118 B 146ms
145ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o31yz&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 09:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Tue, 10 Nov 2020 09:19:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: acd79e6b02cb73e28baf1c3afd3313e2
x-transaction: 00ff3a6800a70f93
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 25ms
24ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:52:08 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 566834
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: 0EWyCpRJMOlGKI2ia2scPbRGl8DezRgiXH7WvdCOnbN9iYyWWOZD1A==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 25ms
24ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:52:08 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 566834
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: Xekg-bJZc28m5wUNCV1OVjgqr4a5Xzjq1UQb3XZQuFmRMp9eKN2cDw==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
619 B 25ms
24ms Image
image/png 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:52:08 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 566834
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: doNVoXtXErF_DojmgulDAqcHjumgp8rdyMMd8_QFOl8vZqhISeBAhw==

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 22ms
22ms Stylesheet
text/css 143.204.208.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=34f6965
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.219 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-219.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Referer: https://www.archermalmo.com/Antivirus.zip
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 19:52:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 19:52:04 GMT
server: AmazonS3
age: 566834
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: G8XdGyxbH8joLuD_gyUgi9nNbOjTx_DSj4s2piZfOID9U03mjIhvRw==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
BLOB 200
OK e8a75d79-6f1f-40db-9f3e-2a6e5d45649f
https://www.archermalmo.com/ Frame 17BA 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.archermalmo.com/e8a75d79-6f1f-40db-9f3e-2a6e5d45649f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 5b19bef3-1918-4480-8128-3a1aaced3fc9
https://www.archermalmo.com/ Frame 17BA 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.archermalmo.com/5b19bef3-1918-4480-8128-3a1aaced3fc9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31224

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.archermalmo.com/	1970-01-19 22:35:35	Name: _lo_v Value: 1
.archermalmo.com/	1970-01-19 13:50:00	Name: _lorid Value: 181670-1604999960087-3d3be41de85ef3c9
.archermalmo.com/	1970-01-19 18:09:11	Name: __lotl Value: https%3A%2F%2Fwww.archermalmo.com%2FAntivirus.zip
.archermalmo.com/	1970-01-19 15:59:35	Name: _fbp Value: fb.1.1604999960187.2002586611
.archermalmo.com/	1970-01-20 07:21:11	Name: _lo_uid Value: 181670-1604999960087-0238928b31d72355
.archermalmo.com/	1970-01-20 07:21:11	Name: _ga Value: GA1.2.211904804.1604999960
.archermalmo.com/	1970-01-19 13:50:00	Name: _gat_UA-6095438-14 Value: 1
.archermalmo.com/	1970-01-19 13:50:00	Name: _dc_gtm_UA-6095438-14 Value: 1
www.archermalmo.com/	1970-01-28 16:49:59	Name: __ss_tk Value: 202011%7C5faa5b18e33b044d860b5eec
www.archermalmo.com/	1970-01-19 13:50:03	Name: __ss_referrer Value: https%3A//www.archermalmo.com/Antivirus.zip
.archermalmo.com/	1970-01-19 13:51:26	Name: _gid Value: GA1.2.369665518.1604999960
www.archermalmo.com/	1970-01-19 13:51:26	Name: __ss Value: 1604999960161

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/header.js?1588708272(Line 3) Message: header.js
console-api	log	URL: https://archermalmo2018.s3.amazonaws.com/sites/5a73b9dd512628000400ad74/theme/javascripts/header.js?1588708272(Line 3) Message: header.js

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
analytics.twitter.com
archermalmo2018.s3.amazonaws.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
koi-3qnkjg7ux4.marketingautomation.services
p.typekit.net
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
px.ads.linkedin.com
secure.adnxs.com
settings.luckyorange.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.perfectaudience.com
us-u.openx.net
use.typekit.net
www.archermalmo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.thesparkmachine.com
104.239.145.164
104.244.42.67
104.244.42.69
104.26.11.16
130.211.21.179
143.204.208.219
151.101.114.217
199.232.52.157
2001:4de0:ac19::1:b:1b
208.113.197.192
216.58.212.130
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2002
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9a
2a02:26f0:10c:582::25ea
2a02:26f0:10c:5a4::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
34.98.64.218
37.252.172.249
52.217.18.132
52.51.60.151
52.72.9.12
69.173.144.138
0f1a6489e0dfd4235a21611006b5249afff93662037f65a4b151af4648a7e055
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1116fcf1dc1bbd4bb260f2612e1dc38f737699f9958702e531d71b5efca58963
145bd09545f2d8a88e107124597e28df445e39c2b1de5931a9ccfa29e26c7c1a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e69b5aab1ec194ff4f08d8fa72bd427f91c917364cc77705ef6a59ea283f7d4
21bbc9e6cc88d6074102ae6bb3ff4ee41a8df53be55f5334716aa8ae77a77bd4
2ca56806a6606b3b9231c60bf7dd93a71c50083ebdd21f6d54b2c3801fd2608f
2efbe56fc49d0413eed926f31ceac84235ff56b95539ec35443e12acd23fcc08
3c10e3a9283b2d1171298f99f392dfdbb79880ddeccb08d88060a29728ab8c5d
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
485603ca5c95fbd9a102d2a309786f8f77a2d2ff731fcf160c3d175eff8c8b5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a19d33dcb6411289e226a6eafcb5bb11b7c49ee9ed30ff8c14dee820f1c8537
5fae1ef4feb16fb6778240d5a565de844e9574dff3b5c608bc90216e39cd622d
603aa544344c1fea12a9be6eb942a128d1bbfeade4b5e3e7b93470584b5b9610
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dc78632625e72945ae79a2d7f04470098ccb90481465301b6f777e3941dac98
7c7b6d1b37263aa237e6ca619fafb7ccf97113eb9c31db57917705402e762921
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
a014324d577241dead5d76918a8293d26e76652031e74b67f38e0257655088e5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
aab1f2189ce49b7aefb47074d17c8cd43bac014c05e51b42d747569ebc7505e9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ce83ccd3980011f50e4f514655c604c13410ad726f44e2dc04c43d323ece3806
d6a9a1f876ca0380de1aaeb2ac7ebf1416cbaaefd93a92d0eaf80a4e07ad3295
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
ddcfce5ecd041fb2e684b00f0aafe68f5df4d08be5248c2f1c944a9bde8067d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8365b7dccd21ddba64cbc6b93dcbd05ba654d5d41705f20fe0b205d8102da6a
e9cc69093eb458759b4fc04f41883e324293e8e2bfeafbab6246c5284d1bc0c5
ee2ea3ac65897b4e4610411fabd060ce844536fa0a12c5d6dd12c5626a09f416
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

www.archermalmo.com Open in urlscan Pro 104.239.145.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

97 %HTTPS

45 %IPv6

24 Domains

28 Subdomains

25 IPs

7 Countries

668 kBTransfer

1516 kBSize

12 Cookies

4 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.archermalmo.com Open in urlscan Pro
104.239.145.164 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

97 %
HTTPS

45 %
IPv6

24
Domains

28
Subdomains

25
IPs

7
Countries

668 kB
Transfer

1516 kB
Size

12
Cookies

65 HTTP transactions
0 data transactions