urlscan.io logo urlscan.io
SecurityTrails logo

517s61.reminews.com Open in urlscan Pro
213.174.135.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3FbJZyU
Effective URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1...
Submission: On November 13 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 39 HTTP transactions. The main IP is 213.174.135.2, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 517s61.reminews.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 22nd 2021. Valid for: a year.
This is the only time 517s61.reminews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    35.156.117.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-117-131.eu-central-1.compute.amazonaws.com
www.tubigonwestcentralhighschool.com
4    2600:9000:2182:4e00:f:858:b480:93a1 (United States)

ASN16509 (AMAZON-02, US)
static-assets.strikinglycdn.com
4    2600:9000:2182:8c00:10:6852:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
user-images.strikinglycdn.com
1    104.111.245.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-139.deploy.static.akamaitechnologies.com
assets.strikingly.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    213.32.106.170 (France)

ASN16276 (OVH, FR)
PTR: ip170.ip-213-32-106.eu
www.trivalid.com
1    37.58.56.244 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
click2go.xyz
5    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
klsdee.com
9    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
517s61.reminews.com
123.selornews.com
Domain Requested by
8 123.selornews.com 517s61.reminews.com
5 klsdee.com klsdee.com
4 user-images.strikinglycdn.com www.tubigonwestcentralhighschool.com
4 static-assets.strikinglycdn.com www.tubigonwestcentralhighschool.com
3 www.trivalid.com 2 redirects www.tubigonwestcentralhighschool.com
3 www.google-analytics.com www.tubigonwestcentralhighschool.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com www.tubigonwestcentralhighschool.com
www.googletagmanager.com
1 517s61.reminews.com klsdee.com
1 click2go.xyz www.trivalid.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com www.tubigonwestcentralhighschool.com
1 ajax.googleapis.com www.tubigonwestcentralhighschool.com
1 assets.strikingly.com www.tubigonwestcentralhighschool.com
1 www.tubigonwestcentralhighschool.com
1 bit.ly 1 redirects
39 18

This site contains no links.

Subject Issuer Validity Valid
www.tubigonwestcentralhighschool.com
R3		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.strikinglycdn.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
assets.strikingly.com
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.trivalid.com
R3		 2021-09-28 -
2021-12-27		 3 months crt.sh
click2go.xyz
R3		 2021-10-30 -
2022-01-28		 3 months crt.sh
klsdee.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.reminews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-21		 a year crt.sh
*.selornews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh

This page contains 1 frames:

Frame: https://klsdee.com/afu.php?zoneid=1542726&var=1541147
Frame ID: B783756AF7BD96C15DDE2ABB6C0F76D6
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3FbJZyU HTTP 301
    https://www.tubigonwestcentralhighschool.com/ Page URL
  2. https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_so... Page URL
  3. https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_so... HTTP 302
    https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_so... HTTP 301
    https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*543944... Page URL
  4. https://klsdee.com/1541147/?var=4995&ymid=0pqqcnkmg0084 Page URL
  5. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b... Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36... Page URL

Page Statistics

39
Requests

100 %
HTTPS

59 %
IPv6

16
Domains

18
Subdomains

16
IPs

5
Countries

464 kB
Transfer

1512 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3FbJZyU HTTP 301
    https://www.tubigonwestcentralhighschool.com/ Page URL
  2. https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID} Page URL
  3. https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&eyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.921435336150819&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.tubigonwestcentralhighschool.com HTTP 302
    https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&oyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.921435336150819&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.tubigonwestcentralhighschool.com&eyeg=3 HTTP 301
    https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*5439449-66710**sl_5439449-66710*23b6677759a9ef1f4f02221739d5dec0ccd6787d*{subID}*{sub_subID}&subid2=rest Page URL
  4. https://klsdee.com/1541147/?var=4995&ymid=0pqqcnkmg0084 Page URL
  5. https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b0aeecb6fe1636824797&psp=r-C_bKhQCRhGq5E_6CxHTjAl-MLQRYIE41VLOqn_CaCnJ-YWLX0JOr6tDJLH2LAaFwdGexySz-y-y8OV284o-H70ZM0LV0sZHBpmm72F2DMRZBZ4GAtNHac_GCNJ_Z0NVb6Po_-UOYg4iajjQmCSTzZdtGWpcFauXenDH8nVax8FV8vqcKsl4xJjydgseyGTRjbZn3bYBaFnNPuzZi5nSbDUGcPahB5v3Lksqn5uALlslZKLFsfxc0RXOdgrGE7NCG0YDLgvi7vLWqE22orPzbavvhg2QA0qpzrdkLy35J_Zl9kKIAgs3E4UYnSS5Utb3b82Rk_pCjhSTTIIDC3Hz-FboSEYyEYuE2XYYqHFNN0ax5wNgBHx0XAoEIwLLyj3uTHxKgbkC3Td0R0eaP-XeCL1JPwzA7GZKuNLXs1qbzK_FaXTpsPO-pBFDOvYyX1SP0_a_swpUmVkAPda-8ExXX-sUutocHZSnSLGIvsIAfHBlLmTYd5PSdrb8sMzVfvlGcrXeI8iPQjO8kzNdpL_Cnn6QllBVxNtGKVohJr8nS2lMs2vGbpb9PR7UZhKBujUd027w1OQVU6tuF4SAE3nvEEeo5F-mum217O6Qi7NBOV_7PJ-r2yrJqT-k_ri9hIXTLudSzTp2RvEFc9H5lXPmqHUZM_aFkfZYPw92rw9WGKK6vp2j1lwTZrzkJ_N7HVe&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0 Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3FbJZyU HTTP 301
  • https://www.tubigonwestcentralhighschool.com/
Request Chain 24
  • https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&eyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.921435336150819&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.tubigonwestcentralhighschool.com HTTP 302
  • https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&oyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.921435336150819&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www.tubigonwestcentralhighschool.com&eyeg=3 HTTP 301
  • https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*5439449-66710**sl_5439449-66710*23b6677759a9ef1f4f02221739d5dec0ccd6787d*{subID}*{sub_subID}&subid2=rest

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.tubigonwestcentralhighschool.com/
Redirect Chain
  • https://bit.ly/3FbJZyU
  • https://www.tubigonwestcentralhighschool.com/
123 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tubigonwestcentralhighschool.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.117.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-117-131.eu-central-1.compute.amazonaws.com
Software
openresty /
Resource Hash
33fcea68048666e34e69db529ac6851b2b2cb8b27eeba210b30a0116a3d63fde

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
openresty
Date
Sat, 13 Nov 2021 15:33:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Strikingly-Cached
current
Strikingly-Cached-Version
1625369762-6
Strikingly-Cache-Region
eu-central-1
Content-Encoding
gzip

Redirect headers

server
nginx
date
Sat, 13 Nov 2021 15:33:16 GMT
content-type
text/html; charset=utf-8
content-length
132
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://www.tubigonwestcentralhighschool.com/
referrer-policy
unsafe-url
via
1.1 google
alt-svc
clear
main_v4.6c71f5c9ab033c77c8e3.bundle.css
static-assets.strikinglycdn.com/themes/s5-theme/ 		770 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-assets.strikinglycdn.com/themes/s5-theme/main_v4.6c71f5c9ab033c77c8e3.bundle.css
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4e00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2235f05c9c592abd9a4ba9d0f0e5325433fb5a85059d24a0a1b84ea9317fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 12:32:24 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 12:09:04 GMT
server
AmazonS3
age
97252
etag
"cd4a1b26c94018d09ed9d2c613981870"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
100691
x-amz-cf-id
U8olhN43nl_p9EmQx56LT7WHcUDj-1gqpFBfvN9YAaWwYdvL6nC8ZQ==
detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
static-assets.strikinglycdn.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.strikinglycdn.com/detectIE-c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4.js
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4e00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 00:56:51 GMT
content-encoding
gzip
last-modified
Tue, 26 Feb 2019 04:11:38 GMT
server
AmazonS3
age
9556586
etag
"1a1ccb664791dd666f6f567c685dcc6c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
1094
x-amz-cf-id
XYl5-6Kdpo3F2fHJCYFNX8A3guxeuggK7BZGa4fD2wQ0YLaUROU0hQ==
566563_762729.png
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_630,w_1200,f_auto,q_auto/5924652/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_630,w_1200,f_auto,q_auto/5924652/566563_762729.png
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8c00:10:6852:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6d5ca741a1d4cadbad98a671538f6d4096a02020e6a819d52c0f328107f0c51f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 06:31:13 GMT
via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront), 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server
CloudFront
age
32523
x-amzn-requestid
a132b813-6850-4b0f-a4dc-229adaf537db
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-618f5bb1-4c49f8a437a4d88145d61fb7;Sampled=0
x-amz-cf-pop
FRA60-P2, DUS51-C1
x-amz-apigw-id
IutDvFrUtjMFVJg=
content-length
11660
x-amz-cf-id
_BpVnEMMSk-vU1ayy327EllTSaXl0ZRvaNu83qgqwLzCuevH3bmtdg==
242726_254790.png
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/5924652/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_300,w_300,f_auto,q_auto/5924652/242726_254790.png
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8c00:10:6852:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4d8c9bdf258e4c0504c1bb3d54cd99fbafecc2a2da24f7512839ddb2267b2e65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 07:10:28 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront), 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server
CloudFront
age
30167
x-amzn-requestid
37b60331-4521-4a0d-b754-0cb7db9bcc39
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-618f64e4-02fc18454fbf31d34f1ee195;Sampled=0
x-amz-cf-pop
FRA50-C1, DUS51-C1
x-amz-apigw-id
IuyzyFCYtjMFwbQ=
content-length
1848
x-amz-cf-id
2YUZRTawt6TlMHyofyp8ODTDC-S7rC9EfeCWhr0bLKaZz_KgSmHvKw==
power.png
assets.strikingly.com/assets/themes/fresh/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.strikingly.com/assets/themes/fresh/power.png
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.245.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-245-139.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ad9f840fa90da74aad029819ea85e943efe43569ef67a8529add1986037eeb42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 13 Nov 2021 15:33:16 GMT
Last-Modified
Wed, 18 Jan 2017 11:17:56 GMT
Server
AmazonS3
x-amz-request-id
8A6943E03C09664B
ETag
"5c50869bcd293c95045b8989e53c4533"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
x-amz-id-2
S1Jl+C8aKys9m7bo9VGm2QLvbCITaTOSk9KHH2QfqZBgQ4Llsqegj12hwrjXOuTAehphn/TG/8I=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 16:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
32964
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 08 Nov 2022 16:21:59 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic|Roboto:300,700,300italic,700italic|Montserrat:400,700&subset=latin,latin-ext
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a6a6f9447fdc6f71ac00728848e52626d73669db88c87783d858d3586927fc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 15:33:16 GMT
server
ESF
date
Sat, 13 Nov 2021 15:33:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Nov 2021 15:33:16 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-211556887-1
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bde41d803923feae27a21cbbcdf87903c94bfc6e97eac1ed7246a1ae268b6d20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
37092
x-xss-protection
0
expires
Sat, 13 Nov 2021 15:33:16 GMT
i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js
static-assets.strikinglycdn.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.strikinglycdn.com/i18n-2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97.js
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4e00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 00:08:49 GMT
content-encoding
gzip
last-modified
Fri, 23 Mar 2018 11:54:19 GMT
server
AmazonS3
age
9559468
etag
"5e2b612b4864ba143b59cfef4959b1d1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3527
x-amz-cf-id
xauRl-bUg9NxSxttaTloXCAQJDURPuPf1zXSCGEGC62aaw2SU6V64Q==
125833_724983.png
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_1/5924652/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_1/5924652/125833_724983.png
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8c00:10:6852:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3262998b8da6548f364076846894505855d091640d026c85d95f5f355dde9f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 15:34:37 GMT
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront), 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server
CloudFront
age
86319
x-amzn-requestid
384fabd1-fb43-4ab1-b747-2dd66d3db810
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-618e898d-3a4d37e30a11e0ba6be15735;Sampled=0
x-amz-cf-pop
FRA60-P2, DUS51-C1
x-amz-apigw-id
IspuHHKpNjMF2MA=
content-length
2484
x-amz-cf-id
-EvBQ7XWNVF1XbgU_7styFfRVglkRW8KvJTQ0_Tmo2ABx00viVe_ng==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic|Roboto:300,700,300italic,700italic|Montserrat:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tubigonwestcentralhighschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:55:14 GMT
x-content-type-options
nosniff
age
135482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 01:55:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic|Roboto:300,700,300italic,700italic|Montserrat:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tubigonwestcentralhighschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 02:40:20 GMT
x-content-type-options
nosniff
age
219176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 02:40:20 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic,700italic|Roboto:300,700,300italic,700italic|Montserrat:400,700&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.tubigonwestcentralhighschool.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 12:11:32 GMT
x-content-type-options
nosniff
age
184904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 12:11:32 GMT
jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js
static-assets.strikinglycdn.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-assets.strikinglycdn.com/jquery-f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4.js
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4e00:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 12:11:43 GMT
content-encoding
gzip
last-modified
Fri, 23 Mar 2018 11:54:19 GMT
server
AmazonS3
age
9688894
etag
"6575b8af74dcd925b6f6ce17c2b6e807"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
33038
x-amz-cf-id
-rEmKwek5xfSodQP3yIzlbc0zRQHbxseRZUhuGP_4MNz7Hfd4DQLKg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5530
date
Sat, 13 Nov 2021 14:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sat, 13 Nov 2021 16:01:06 GMT
125833_724983.png
user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/5924652/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.strikinglycdn.com/res/hrscywv4p/image/upload/c_limit,fl_lossy,h_1500,w_2000,f_auto,q_auto/5924652/125833_724983.png
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:8c00:10:6852:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
20ee24dd802090d6ad4ced05a34af83d137074140896cf5ff4526991c54c6a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 07:10:28 GMT
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront), 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
server
CloudFront
age
30167
x-amzn-requestid
34905074-391c-46de-bfe4-5f1e11c517dd
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
x-amzn-trace-id
Root=1-618f64e4-27c32003485d0e947f54fa35;Sampled=0
x-amz-cf-pop
FRA60-P2, DUS51-C1
x-amz-apigw-id
IuyzyHjKtjMFjsg=
content-length
22904
x-amz-cf-id
WyrP7SRkRDnB2K4W4JucEvFtHrfkuxBHDK2eWUdLCKQ58z3Sye4-Ug==
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-169172212-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-211556887-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fd2b6916d8bc48026e5fd83323ccb1b291a6b861d9febbbae422c658022ab4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36132
x-xss-protection
0
last-modified
Sat, 13 Nov 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Nov 2021 15:33:16 GMT
collect
www.google-analytics.com/j/ 		1 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1021902387&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tubigonwestcentralhighschool.com%2F&ul=en-us&de=UTF-8&dt=KissDate%20Copy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABGAAAAC~&jid=90029442&gjid=1045944591&cid=1607579645.1636817596&tid=UA-169172212-1&_gid=2063440143.1636817596&_r=1&gtm=2ouba1&z=2080205604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tubigonwestcentralhighschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 15:33:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tubigonwestcentralhighschool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1021902387&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tubigonwestcentralhighschool.com%2F&ul=en-us&de=UTF-8&dt=KissDate%20Copy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABGAAAAC~&jid=366074160&gjid=1137553752&cid=1607579645.1636817596&tid=UA-211556887-1&_gid=2063440143.1636817596&_r=1&gtm=2ouba1&z=859899494
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tubigonwestcentralhighschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 15:33:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tubigonwestcentralhighschool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-211556887-1&cid=1607579645.1636817596&jid=366074160&gjid=1137553752&_gid=2063440143.1636817596&_u=aEDAAUABGAAAAC~&z=1224492093
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tubigonwestcentralhighschool.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 13 Nov 2021 15:33:16 GMT
content-type
text/plain
access-control-allow-origin
https://www.tubigonwestcentralhighschool.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-211556887-1&cid=1607579645.1636817596&jid=366074160&_u=aEDAAUABGAAAAC~&z=201661966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 15:33:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-211556887-1&cid=1607579645.1636817596&jid=366074160&_u=aEDAAUABGAAAAC~&z=201661966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Nov 2021 15:33:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.trivalid.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
Requested by
Host: www.tubigonwestcentralhighschool.com
URL: https://www.tubigonwestcentralhighschool.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.106.170 , France, ASN16276 (OVH, FR),
Reverse DNS
ip170.ip-213-32-106.eu
Software
/
Resource Hash
288007edd082db40b9a861fbee02a42eaa3b7806639d63840d37cb733c5b26aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.tubigonwestcentralhighschool.com/

Response headers

Date
Sat, 13 Nov 2021 15:33:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-transform
1
click2go.xyz/go/4995/
Redirect Chain
  • https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&eyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.9214353...
  • https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}&oyeg=6f2f51b979a129497beb1550cb5254e6&eyer=0.9214353...
  • https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*5439449-66710**sl_5439449-66710*23b6677759a9ef1f4f02221739d5dec0ccd6787d*{subID}*{sub_subID}&subid2=rest
272 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*5439449-66710**sl_5439449-66710*23b6677759a9ef1f4f02221739d5dec0ccd6787d*{subID}*{sub_subID}&subid2=rest
Requested by
Host: www.trivalid.com
URL: https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.58.56.244 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash
01d393a2af6fe1b68b35ff9c1e6556e989ebe0a09f8e3b19bac2e40ed9faca91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.trivalid.com/?sl=5439449-66710&data1=Track1&data2=Track2&tag={External_ID_from_traffic_source}&website={subID}&placement={sub_subID}

Response headers

Server
nginx
Date
Sat, 13 Nov 2021 15:33:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
272
Connection
close
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Content-Encoding
identity
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Sat, 13 Nov 2021 15:33:17 GMT
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Pragma
no-cache

Redirect headers

Date
Sat, 13 Nov 2021 15:33:17 GMT
Content-Type
text/html
Content-Length
555
Connection
keep-alive
Cache-Control
no-transform no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://click2go.xyz/go/4995/1?subid1=43100619f4da0e8df413ca9c8dbc1395284701113-202111-flb*5439449-66710**sl_5439449-66710*23b6677759a9ef1f4f02221739d5dec0ccd6787d*{subID}*{sub_subID}&subid2=rest
/
klsdee.com/1541147/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/1541147/?var=4995&ymid=0pqqcnkmg0084
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a83c70657e8f6737013b78a5a3c8337c2bb5f43297ff5f503c60a22624a32ca1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 13 Nov 2021 15:33:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
klsdee.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/submit.min.js?2.0
Requested by
Host: klsdee.com
URL: https://klsdee.com/1541147/?var=4995&ymid=0pqqcnkmg0084
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 15:10:21 GMT
server
nginx
etag
W/"618a8f5d-7ea4"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
klsdee.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b0aeecb6fe1636824797&psp=r-C_bKhQCRhGq5E_6CxHTjAl-MLQRYIE41VLOqn_CaCnJ-YWLX0JOr6tDJLH2LAaFwdGexySz-y-y8OV284o-H70ZM0LV0sZHBpmm72F2DMRZBZ4GAtNHac_GCNJ_Z0NVb6Po_-UOYg4iajjQmCSTzZdtGWpcFauXenDH8nVax8FV8vqcKsl4xJjydgseyGTRjbZn3bYBaFnNPuzZi5nSbDUGcPahB5v3Lksqn5uALlslZKLFsfxc0RXOdgrGE7NCG0YDLgvi7vLWqE22orPzbavvhg2QA0qpzrdkLy35J_Zl9kKIAgs3E4UYnSS5Utb3b82Rk_pCjhSTTIIDC3Hz-FboSEYyEYuE2XYYqHFNN0ax5wNgBHx0XAoEIwLLyj3uTHxKgbkC3Td0R0eaP-XeCL1JPwzA7GZKuNLXs1qbzK_FaXTpsPO-pBFDOvYyX1SP0_a_swpUmVkAPda-8ExXX-sUutocHZSnSLGIvsIAfHBlLmTYd5PSdrb8sMzVfvlGcrXeI8iPQjO8kzNdpL_Cnn6QllBVxNtGKVohJr8nS2lMs2vGbpb9PR7UZhKBujUd027w1OQVU6tuF4SAE3nvEEeo5F-mum217O6Qi7NBOV_7PJ-r2yrJqT-k_ri9hIXTLudSzTp2RvEFc9H5lXPmqHUZM_aFkfZYPw92rw9WGKK6vp2j1lwTZrzkJ_N7HVe&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Requested by
Host: klsdee.com
URL: https://klsdee.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a6dbc47fbeb1d84ec7c5b2fe9fbaa78f9734145225fa5aa0e7274c036f0b8f6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 13 Nov 2021 15:33:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
Primary Request index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b0aeecb6fe1636824797&psp=r-C_bKhQCRhGq5E_6CxHTjAl-MLQRYIE41VLOqn_CaCnJ-YWLX0JOr6tDJLH2LAaFwdGexySz-y-y8OV284o-H70ZM0LV0sZHBpmm72F2DMRZBZ4GAtNHac_GCNJ_Z0NVb6Po_-UOYg4iajjQmCSTzZdtGWpcFauXenDH8nVax8FV8vqcKsl4xJjydgseyGTRjbZn3bYBaFnNPuzZi5nSbDUGcPahB5v3Lksqn5uALlslZKLFsfxc0RXOdgrGE7NCG0YDLgvi7vLWqE22orPzbavvhg2QA0qpzrdkLy35J_Zl9kKIAgs3E4UYnSS5Utb3b82Rk_pCjhSTTIIDC3Hz-FboSEYyEYuE2XYYqHFNN0ax5wNgBHx0XAoEIwLLyj3uTHxKgbkC3Td0R0eaP-XeCL1JPwzA7GZKuNLXs1qbzK_FaXTpsPO-pBFDOvYyX1SP0_a_swpUmVkAPda-8ExXX-sUutocHZSnSLGIvsIAfHBlLmTYd5PSdrb8sMzVfvlGcrXeI8iPQjO8kzNdpL_Cnn6QllBVxNtGKVohJr8nS2lMs2vGbpb9PR7UZhKBujUd027w1OQVU6tuF4SAE3nvEEeo5F-mum217O6Qi7NBOV_7PJ-r2yrJqT-k_ri9hIXTLudSzTp2RvEFc9H5lXPmqHUZM_aFkfZYPw92rw9WGKK6vp2j1lwTZrzkJ_N7HVe&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
tx95e2a7ba7c464270ba905-00617824f2
x-openstack-request-id
tx95e2a7ba7c464270ba905-00617824f2
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Mon, 15 Nov 2021 15:33:17 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
klsdee.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/dupa.gif?z=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b0aeecb6fe1636824797&psp=r-C_bKhQCRhGq5E_6CxHTjAl-MLQRYIE41VLOqn_CaCnJ-YWLX0JOr6tDJLH2LAaFwdGexySz-y-y8OV284o-H70ZM0LV0sZHBpmm72F2DMRZBZ4GAtNHac_GCNJ_Z0NVb6Po_-UOYg4iajjQmCSTzZdtGWpcFauXenDH8nVax8FV8vqcKsl4xJjydgseyGTRjbZn3bYBaFnNPuzZi5nSbDUGcPahB5v3Lksqn5uALlslZKLFsfxc0RXOdgrGE7NCG0YDLgvi7vLWqE22orPzbavvhg2QA0qpzrdkLy35J_Zl9kKIAgs3E4UYnSS5Utb3b82Rk_pCjhSTTIIDC3Hz-FboSEYyEYuE2XYYqHFNN0ax5wNgBHx0XAoEIwLLyj3uTHxKgbkC3Td0R0eaP-XeCL1JPwzA7GZKuNLXs1qbzK_FaXTpsPO-pBFDOvYyX1SP0_a_swpUmVkAPda-8ExXX-sUutocHZSnSLGIvsIAfHBlLmTYd5PSdrb8sMzVfvlGcrXeI8iPQjO8kzNdpL_Cnn6QllBVxNtGKVohJr8nS2lMs2vGbpb9PR7UZhKBujUd027w1OQVU6tuF4SAE3nvEEeo5F-mum217O6Qi7NBOV_7PJ-r2yrJqT-k_ri9hIXTLudSzTp2RvEFc9H5lXPmqHUZM_aFkfZYPw92rw9WGKK6vp2j1lwTZrzkJ_N7HVe
Requested by
Host: klsdee.com
URL: https://klsdee.com/?r=dir&zoneid=1541147&var=4995&ymid=0pqqcnkmg0084&pb=4a2cd046caa43105394607b0aeecb6fe1636824797&psp=r-C_bKhQCRhGq5E_6CxHTjAl-MLQRYIE41VLOqn_CaCnJ-YWLX0JOr6tDJLH2LAaFwdGexySz-y-y8OV284o-H70ZM0LV0sZHBpmm72F2DMRZBZ4GAtNHac_GCNJ_Z0NVb6Po_-UOYg4iajjQmCSTzZdtGWpcFauXenDH8nVax8FV8vqcKsl4xJjydgseyGTRjbZn3bYBaFnNPuzZi5nSbDUGcPahB5v3Lksqn5uALlslZKLFsfxc0RXOdgrGE7NCG0YDLgvi7vLWqE22orPzbavvhg2QA0qpzrdkLy35J_Zl9kKIAgs3E4UYnSS5Utb3b82Rk_pCjhSTTIIDC3Hz-FboSEYyEYuE2XYYqHFNN0ax5wNgBHx0XAoEIwLLyj3uTHxKgbkC3Td0R0eaP-XeCL1JPwzA7GZKuNLXs1qbzK_FaXTpsPO-pBFDOvYyX1SP0_a_swpUmVkAPda-8ExXX-sUutocHZSnSLGIvsIAfHBlLmTYd5PSdrb8sMzVfvlGcrXeI8iPQjO8kzNdpL_Cnn6QllBVxNtGKVohJr8nS2lMs2vGbpb9PR7UZhKBujUd027w1OQVU6tuF4SAE3nvEEeo5F-mum217O6Qi7NBOV_7PJ-r2yrJqT-k_ri9hIXTLudSzTp2RvEFc9H5lXPmqHUZM_aFkfZYPw92rw9WGKK6vp2j1lwTZrzkJ_N7HVe&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx45667f6be8864078b3957-00617824f2
x-trans-id
tx45667f6be8864078b3957-00617824f2
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx81f22f14e186498fb2d30-00617824ed
x-trans-id
tx81f22f14e186498fb2d30-00617824ed
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx6d4bdf38ed294a06952e7-00617824ed
x-trans-id
tx6d4bdf38ed294a06952e7-00617824ed
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx23270d8fa8fd4747bc402-00617824f2
x-trans-id
tx23270d8fa8fd4747bc402-00617824f2
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx2597f78f517d44a496f88-00617824f4
x-trans-id
tx2597f78f517d44a496f88-00617824f4
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx4122a99b2bd6449981271-00617824f2
x-trans-id
tx4122a99b2bd6449981271-00617824f2
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
txbdc27e62ccc84bf6a840c-00617824f4
x-trans-id
txbdc27e62ccc84bf6a840c-00617824f4
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1785930&ymid=2111131033913a063fb36248dd8e607abf25&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=de&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 15:33:17 GMT
x-openstack-request-id
tx8d2f2d339e5247829512b-00617824f0
x-trans-id
tx8d2f2d339e5247829512b-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Mon, 15 Nov 2021 15:33:17 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
klsdee.com/ 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://klsdee.com/afu.php?zoneid=1542726&var=1541147
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 13 Nov 2021 15:33:17 GMT
content-type
text/plain; charset=utf-8
content-length
0
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

10 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: ladfxg-ffc289f364e44d177f-000
.tubigonwestcentralhighschool.com/ Name: _ga
Value: GA1.2.1607579645.1636817596
.tubigonwestcentralhighschool.com/ Name: _gid
Value: GA1.2.2063440143.1636817596
.tubigonwestcentralhighschool.com/ Name: _gat_gtag_UA_169172212_1
Value: 1
.tubigonwestcentralhighschool.com/ Name: _gat_gtag_UA_211556887_1
Value: 1
click2go.xyz/ Name: mobitck
Value: 1
klsdee.com/ Name: UID
Value: 21111310332da58d8090a648ff9997444e80
klsdee.com/ Name: OXCCLK
Value: ABPemAAAAAAAAAAB
klsdee.com/ Name: OXPCLK
Value: AAHg4AAAAAAAAAAB
klsdee.com/ Name: ppucnt
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://www.tubigonwestcentralhighschool.com/(Line 12)
Message:
<link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123.selornews.com
517s61.reminews.com
ajax.googleapis.com
assets.strikingly.com
bit.ly
click2go.xyz
fonts.googleapis.com
fonts.gstatic.com
klsdee.com
static-assets.strikinglycdn.com
stats.g.doubleclick.net
user-images.strikinglycdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.trivalid.com
www.tubigonwestcentralhighschool.com
104.111.245.139
109.206.162.83
213.174.135.2
213.32.106.170
2600:9000:2182:4e00:f:858:b480:93a1
2600:9000:2182:8c00:10:6852:2c80:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
35.156.117.131
37.58.56.244
67.199.248.10
01d393a2af6fe1b68b35ff9c1e6556e989ebe0a09f8e3b19bac2e40ed9faca91
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
20ee24dd802090d6ad4ced05a34af83d137074140896cf5ff4526991c54c6a1b
288007edd082db40b9a861fbee02a42eaa3b7806639d63840d37cb733c5b26aa
2a6a6f9447fdc6f71ac00728848e52626d73669db88c87783d858d3586927fc0
2ace11ac644d0b40fb8b7cb65e9dd1e553022750e0254118dacbe1fe50735e97
3262998b8da6548f364076846894505855d091640d026c85d95f5f355dde9f0e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33fcea68048666e34e69db529ac6851b2b2cb8b27eeba210b30a0116a3d63fde
41dc6570daf0ba08a35f91d2bc4cbb5ccaeac6e4b7a264af79e1d7b32d06a3ce
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9
4d8c9bdf258e4c0504c1bb3d54cd99fbafecc2a2da24f7512839ddb2267b2e65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5ca741a1d4cadbad98a671538f6d4096a02020e6a819d52c0f328107f0c51f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9fd2b6916d8bc48026e5fd83323ccb1b291a6b861d9febbbae422c658022ab4c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6dbc47fbeb1d84ec7c5b2fe9fbaa78f9734145225fa5aa0e7274c036f0b8f6b
a83c70657e8f6737013b78a5a3c8337c2bb5f43297ff5f503c60a22624a32ca1
ad9f840fa90da74aad029819ea85e943efe43569ef67a8529add1986037eeb42
ae2235f05c9c592abd9a4ba9d0f0e5325433fb5a85059d24a0a1b84ea9317fcf
bde41d803923feae27a21cbbcdf87903c94bfc6e97eac1ed7246a1ae268b6d20
c385c24313ef0e9e4e7a1e131bf5e59f0fbd468f9f9ef44fd6739ae84ef0c0a4
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e2137d267f77818d966e03df031337a38003039d43f15029422ddd171e14c4