urlscan.io logo urlscan.io
SecurityTrails logo

xsportshd.com Open in urlscan Pro
173.198.254.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://incident-prevention.com/
Effective URL: http://xsportshd.com/index-de.html
Submission: On August 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 10 countries across 47 domains to perform 102 HTTP transactions. The main IP is 173.198.254.82, located in Latham, United States and belongs to TURNKEY-INTERNET - Turnkey Internet Inc., US. The main domain is xsportshd.com.
This is the only time xsportshd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 93.184.220.42 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
2 151.101.12.217 54113 (FASTLY)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 46.105.201.240 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 158.69.252.241 16276 (OVH)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.42 20446 (HIGHWINDS3)
1 1 78.140.221.180 48096 (ITGRAD)
1 1 92.63.192.131 47981 (FOPSERVER)
1 2 5.189.252.12 202023 (LLHOST //...)
1 2 185.50.248.98 209813 (FASTCONTENT)
1 3 99.198.108.198 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 213.227.130.45 60781 (LEASEWEB-...)
1 1 52.0.152.125 14618 (AMAZON-AES)
9 173.198.254.82 40244 (TURNKEY-I...)
1 2600:9000:205... 16509 (AMAZON-02)
2 35.201.103.0 15169 (GOOGLE)
2 2 67.202.94.94 32748 (STEADFAST)
2 185.225.208.133 13213 (UK2NET-AS)
8 54.88.100.214 14618 (AMAZON-AES)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
3 54.236.210.87 14618 (AMAZON-AES)
2 2 185.33.223.200 29990 (ASN-APPNEXUS)
2 104.18.19.186 13335 (CLOUDFLAR...)
12 12 34.225.98.159 14618 (AMAZON-AES)
2 2 35.175.21.193 14618 (AMAZON-AES)
2 195.201.46.48 24940 (HETZNER-AS)
3 3 23.20.57.65 14618 (AMAZON-AES)
3 3 18.195.174.160 16509 (AMAZON-02)
3 6 95.179.146.120 20473 (AS-CHOOPA)
3 3 18.235.129.249 14618 (AMAZON-AES)
4 4 198.134.116.30 27257 (WEBAIR-IN...)
3 3 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 107.154.251.88 19551 (INCAPSULA)
1 151.139.236.192 33438 (HIGHWINDS2)
102 30
35    2606:4700:30::681c:1765 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
incident-prevention.com
4    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.com
3    93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
static.olark.com
4    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
googleads.g.doubleclick.net
www.googletagservices.com
2    151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
player.vimeo.com
1    2606:4700:30::6818:6048 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
quahotluon.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    158.69.252.241 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns561403.ip-158-69-252.net
s4.histats.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    209.197.3.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x02a.map2.ssl.hwcdn.net
cdn.coverstand.com
1    78.140.221.180 (Krasnogorsk, Russian Federation)

ASN48096 (ITGRAD, RU)
gadddem.gq
1    92.63.192.131 (Russian Federation)

ASN47981 (FOPSERVER, UA)
rolwithred.space
2    5.189.252.12 (Czech Republic)

ASN202023 (LLHOST // M247, RO)
app1930.tutonhamon4.live
2    185.50.248.98 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
realcenter-mobileapps2.com
3    99.198.108.198 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
best.prizedeal0819.info
3    107.6.174.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
up.trkgenius.com
1    213.227.130.45 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
minently.com
1    52.0.152.125 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-152-125.compute-1.amazonaws.com
ps.popcash.net
9    173.198.254.82 (Latham, United States)

ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US)
PTR: 173-198-254-82.static.as40244.net
xsportshd.com
www.xsportshd.com
mama-hd.org
vip-league.com
livestotal.net
feed4u.eu
1    2600:9000:2057:e200:d:bb42:1380:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
doo6pwib3qngu.cloudfront.net
2    35.201.103.0 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 0.103.201.35.bc.googleusercontent.com
www.greatdexchange.com
2    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
2    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
8    54.88.100.214 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-100-214.compute-1.amazonaws.com
rappenedstoric.info
1    2606:4700:30::681b:b5f7 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
widget.streamthunder.com
3    54.236.210.87 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-210-87.compute-1.amazonaws.com
dingrigoguter.pro
2    185.33.223.200 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    104.18.19.186 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
totandrepatrit.pro
12    34.225.98.159 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-225-98-159.compute-1.amazonaws.com
witalfieldt.com
2    35.175.21.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-175-21-193.compute-1.amazonaws.com
usd.odysseus-nua.com
2    195.201.46.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.46.201.195.clients.your-server.de
www.auskunft.de
3    23.20.57.65 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-20-57-65.compute-1.amazonaws.com
usd.india-abc.com
3    18.195.174.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
tracking.marketing
6    95.179.146.120 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 95.179.146.120.vultr.com
www.apple.com-shield-guard.live
www.maccleaner.space
3    18.235.129.249 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-235-129-249.compute-1.amazonaws.com
smarturl.it
4    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.realtime-bid.com
3    2606:4700:30::681b:a560 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cybertool.co
3    2606:4700:30::681f:417f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cyberprivacy.pro
1    107.154.251.88 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.251.88.ip.incapdns.net
ads.casumoaffiliates.com
1    151.139.236.192 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
campaigns.casumo.com
Apex Domain
Subdomains		 Transfer
35 incident-prevention.com
incident-prevention.com
2 MB
12 witalfieldt.com
witalfieldt.com
6 KB
8 rappenedstoric.info
rappenedstoric.info
1 KB
5 xsportshd.com
xsportshd.com
www.xsportshd.com
41 KB
4 realtime-bid.com
xml.realtime-bid.com
549 B
4 amung.us
whos.amung.us
widgets.amung.us
4 KB
4 histats.com
s10.histats.com
s4.histats.com
10 KB
3 cyberprivacy.pro
cyberprivacy.pro
3 cybertool.co
cybertool.co
821 B
3 maccleaner.space
www.maccleaner.space
3 smarturl.it
smarturl.it
2 KB
3 com-shield-guard.live
www.apple.com-shield-guard.live
1 KB
3 tracking.marketing
tracking.marketing
6 KB
3 india-abc.com
usd.india-abc.com
6 KB
3 dingrigoguter.pro
dingrigoguter.pro
2 KB
3 trkgenius.com
up.trkgenius.com
4 KB
3 prizedeal0819.info
best.prizedeal0819.info
5 KB
3 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
159 B
3 olark.com
static.olark.com
35 KB
3 googlesyndication.com
pagead2.googlesyndication.com
197 KB
2 auskunft.de
www.auskunft.de
2 odysseus-nua.com
usd.odysseus-nua.com
1 KB
2 totandrepatrit.pro
totandrepatrit.pro
704 B
2 adnxs.com
secure.adnxs.com
2 KB
2 greatdexchange.com
www.greatdexchange.com
260 B
2 realcenter-mobileapps2.com
realcenter-mobileapps2.com
923 B
2 tutonhamon4.live
app1930.tutonhamon4.live
784 B
2 google-analytics.com
www.google-analytics.com
18 KB
2 vimeo.com
player.vimeo.com
2 google.com
adservice.google.com
www.google.com
350 B
2 google.de
adservice.google.de
www.google.de
280 B
1 feed4u.eu
feed4u.eu
1 casumo.com
campaigns.casumo.com
1 casumoaffiliates.com
ads.casumoaffiliates.com
2 KB
1 livestotal.net
livestotal.net
1 vip-league.com
vip-league.com
1 mama-hd.org
mama-hd.org
1 streamthunder.com
widget.streamthunder.com
1 cloudfront.net
doo6pwib3qngu.cloudfront.net
62 KB
1 popcash.net
ps.popcash.net Failed
208 B
1 minently.com
minently.com
4 KB
1 rolwithred.space
rolwithred.space
332 B
1 gadddem.gq
gadddem.gq
621 B
1 coverstand.com
cdn.coverstand.com
67 KB
1 googletagmanager.com
www.googletagmanager.com
26 KB
1 quahotluon.com
quahotluon.com
396 B
1 googletagservices.com
www.googletagservices.com
28 KB
102 47
Domain Requested by
35 incident-prevention.com incident-prevention.com
12 witalfieldt.com 12 redirects
8 rappenedstoric.info xsportshd.com
doo6pwib3qngu.cloudfront.net
4 xml.realtime-bid.com 4 redirects
4 xsportshd.com minently.com
xsportshd.com
3 cyberprivacy.pro xsportshd.com
3 cybertool.co 3 redirects
3 www.maccleaner.space xsportshd.com
3 smarturl.it 3 redirects
3 www.apple.com-shield-guard.live 3 redirects
3 tracking.marketing 3 redirects
3 usd.india-abc.com 3 redirects
3 dingrigoguter.pro doo6pwib3qngu.cloudfront.net
3 up.trkgenius.com 1 redirects best.prizedeal0819.info
up.trkgenius.com
3 best.prizedeal0819.info 1 redirects realcenter-mobileapps2.com
best.prizedeal0819.info
3 static.olark.com incident-prevention.com
static.olark.com
3 pagead2.googlesyndication.com incident-prevention.com
pagead2.googlesyndication.com
2 www.auskunft.de xsportshd.com
2 usd.odysseus-nua.com 2 redirects
2 totandrepatrit.pro xsportshd.com
doo6pwib3qngu.cloudfront.net
2 secure.adnxs.com 2 redirects
2 widgets.amung.us xsportshd.com
2 whos.amung.us 2 redirects
2 www.greatdexchange.com xsportshd.com
2 realcenter-mobileapps2.com 1 redirects app1930.tutonhamon4.live
2 app1930.tutonhamon4.live 1 redirects incident-prevention.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 s4.histats.com s10.histats.com
2 s10.histats.com incident-prevention.com
xsportshd.com
2 player.vimeo.com incident-prevention.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 feed4u.eu xsportshd.com
1 campaigns.casumo.com xsportshd.com
1 ads.casumoaffiliates.com 1 redirects
1 livestotal.net xsportshd.com
1 vip-league.com xsportshd.com
1 mama-hd.org xsportshd.com
1 widget.streamthunder.com xsportshd.com
1 www.xsportshd.com xsportshd.com
1 doo6pwib3qngu.cloudfront.net xsportshd.com
1 ps.popcash.net minently.com
1 minently.com
1 rolwithred.space 1 redirects
1 gadddem.gq 1 redirects
1 cdn.coverstand.com incident-prevention.com
1 www.google.de incident-prevention.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com incident-prevention.com
1 quahotluon.com incident-prevention.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
102 53

This site contains links to these domains. Also see Links.

Domain
www.streamthunder.com
tipshunter.net
Subject Issuer Validity Valid
sni38613.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-24 -
2020-03-01		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
s2.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-05-01 -
2020-11-18		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA		 2018-08-24 -
2020-04-02		 2 years crt.sh
sni203225.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-15 -
2020-02-21		 6 months crt.sh
histats.com
Let's Encrypt Authority X3		 2019-07-14 -
2019-10-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
cdn.coverstand.com
COMODO RSA Domain Validation Secure Server CA		 2018-01-24 -
2021-04-07		 3 years crt.sh
best.prizedeal0819.info
Let's Encrypt Authority X3		 2019-08-14 -
2019-11-12		 3 months crt.sh
up.trkgenius.com
Let's Encrypt Authority X3		 2019-07-21 -
2019-10-19		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-07-12 -
2019-10-10		 3 months crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
sni242033.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-22 -
2020-02-28		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-08 -
2020-08-07		 a year crt.sh
*.auskunft.de
Trustico RSA DV CA		 2018-02-28 -
2019-09-16		 2 years crt.sh
campaigns.casumo.com
DigiCert SHA2 Secure Server CA		 2019-03-08 -
2020-04-17		 a year crt.sh

This page contains 27 frames:

Primary Page: http://xsportshd.com/index-de.html
Frame ID: F0F089C75067B6B8892131E863CF066C
Requests: 81 HTTP requests in this frame

Frame: https://incident-prevention.com/redirect.php?url=aHR0cDovL29ubGluZS5pbmNpZGVudC1wcmV2ZW50aW9uLmNvbS9wdWJsaXNoL2dldENvdmVyLnBocD9wb3B1cD10cnVlJmlzej0yNTEmbT0xOTM4OQ==
Frame ID: 4A7296566D09323C64244681E2FC6268
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/show_ads_impl.js
Frame ID: 510A58AE83AC873F8ECFBD1BC01C4AB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190826/r20190131/zrt_lookup.html
Frame ID: F622D1AA98463E8DAD25083C20B2420C
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 057928573E37C0CA840D25DBDE685FE1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909232145069428&output=html&adk=1812271804&adf=3025194257&lmt=1567011110&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fincident-prevention.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567011111319&bpp=13&bdt=239&fdt=86&idt=87&shv=r20190826&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2527967927400&frm=20&pv=2&ga_vid=386679646.1567011111&ga_sid=1567011111&ga_hid=400161558&ga_fc=0&iag=0&icsg=1048554&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21063908&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3142610666&ifi=0&uci=0.hib2p95kz7sl&fsb=1&dtd=104
Frame ID: A9950FF8260DEE873D1DC65E56988487
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/342078767
Frame ID: 9D26A86C49BD1AE1E18406C895F8D124
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/348632445
Frame ID: AA8AA536BF304FCEF5D911955E0AA0F8
Requests: 1 HTTP requests in this frame

Frame: https://widget.streamthunder.com/?d=1&s=1&sp=1&fs=12px&tt=none&fc=333333&tc=333333&bc=FFFFFF&bhc=F3F3F3&thc=333333&pd=10px&brc=CCCCCC&brr=2px&mr=1px&tm=333333&tmb=FFFFFF&wb=EBEBEB&bcc=FFFFFF&bsh=0px&rdb=EBEBEB&rdc=333333
Frame ID: DC087DEE4587D356706BF1A103A26F28
Requests: 1 HTTP requests in this frame

Frame: http://xsportshd.com/popxx.html
Frame ID: A710B56BA895C5D27D8F54B49EF5F2F2
Requests: 2 HTTP requests in this frame

Frame: http://dingrigoguter.pro/cWV6blAQBxkDbxBYGEglAwlHS2I3QEgoNB4KTB4nGAdJHz4WEFQNPB4QHggiHgsOQD4UEV9cFhgyFAZmElcNWxYJNCw7KUU3MgVlEwQvBhwgMxZWFRYOGS85ASM+FidFJjknBzMSIx4RIxEsKRMwBiheFjorEgUFNyM8VhgjNCs7BwUAPRYzPj9KFjMzHQ1fFUEGMCgEAj88PyMSKCgFCCc3EVkCIwYZKDo8MDwGGjsEPlsAKTMCS2I3NhEeMjAxCQwVCVUjIAECNiwCaCg9LwYUMzErIxgJXDAPFRY9PwlpVFc8PTseBjJdaTo2HRoaECASIgELKwg6E1wzPTwISC4pBhkSLhI/NjMkEVoVCSgyPQcWQEgsBEEnGAoVBSgsAmUAMDgrMjYhGTsIQSAMCGABLjIZBQktLFcSKSFKChcjAj4NYUAsKxloCCYSOzUyPUMlADQ3IwoVGTArKCQeNCw8EyYINAoDNCgcIShFBzs/BlRXPD06CSIiXGEmNi84Gz1VLCoCQFAJOgJFNCw6aTg2LycfEFVLLQIdMw49BRkuOTplOjEvIx8QHQIjATBDEB0/HxVHGz8lNyACJBsWAw8
Frame ID: 6954E903A7DA653D737F4D7E738B7BE7
Requests: 1 HTTP requests in this frame

Frame: http://dingrigoguter.pro/aFBTSFYJMjAlaQltMW4jGjxubWQudWEOMgc/ZTghATJgOTgPJX0rOgclNy4kBz4nZjgNJHZ6ECYKFRoZDCoaABkREQEMBClpGCM5LgZhHmI5EQULBgJgChAUOiADDC5QHhAwc1oWFyYDGABgIz0pFRovGCodAx44ITkVJCEsMQQvBTARNzgwWRYHCRIyKgIwBzkaEA01LChnPBoQCjcAFTk8FSRvKxkAcR0wJyA9HBAkNgoOLmgeGTIjChQ8ECk7JH0aEAIxCz8pOBEOJioKJDAFKRYCcR8pHgsLHi5oAXluLh5hPBApNyAmN1gFEAAeLmgBPxg9E2BlbywyBQ5vCWAGCxQ7AXZ6FC9hMBwbOycwHy4qKDUMEyAGYQYxOhEBCgwGZTUfBx83GjAlMAY7LCQ6ARoBBjsFAA5nMjsYGhw6FCk8OD03ER0YEQkVEAcDKDJ4AFgFYQoxOigrEA9bKBwAED45N3kfKQYQKyAtBh4fBj8kFSwQLj42Hj0qBT0BYTs3JxkMBjgQHjEMJBh4NSoGBxJzWhYCLyY6MgskESkWYzAdAwUVHhIydWEOEx8CC248Gz89OGsaGx0YLlkpFAU9XwNh
Frame ID: 7C8E363DD94FD9477D90A3918191D973
Requests: 1 HTTP requests in this frame

Frame: http://mama-hd.org/bundesliga.html
Frame ID: F8E1D61B6EF694D898FD70836AEEA1D5
Requests: 1 HTTP requests in this frame

Frame: http://vip-league.com/football-streaming.html
Frame ID: DF014CF38C8A1B07DE254FA6B456EA4B
Requests: 1 HTTP requests in this frame

Frame: http://xsportshd.com/add.html
Frame ID: 6A4978AC6B0C4C0D107E0097E2943700
Requests: 1 HTTP requests in this frame

Frame: http://livestotal.net/pop.html
Frame ID: 03D771229D547B18F4DD174BD686C573
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 451F2DBFA6BFB08D738F932CBE868D31
Requests: 1 HTTP requests in this frame

Frame: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
Frame ID: 5AD7233ABB0C3CF1DB0ADE166C12713B
Requests: 1 HTTP requests in this frame

Frame: http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Frame ID: D1AA9C7C889C8225D681940C9C38C906
Requests: 1 HTTP requests in this frame

Frame: https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Frame ID: 998B89D0CCBACC496DD9AE45AB51F686
Requests: 1 HTTP requests in this frame

Frame: https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
Frame ID: 9868FF2E98E800A07AF08554EBBE9B9C
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.casumo.com/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
Frame ID: 5443DC77B1206A916A549027DCAFBEEB
Requests: 1 HTTP requests in this frame

Frame: https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Frame ID: 61BD2897C78C10510A6667A7EE0FE42D
Requests: 1 HTTP requests in this frame

Frame: http://feed4u.eu/link.html
Frame ID: 8F0970A581C19A1B218C5A5525FD0C7B
Requests: 1 HTTP requests in this frame

Frame: https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Frame ID: 88798F8DFB1F4692A58BC12B3406533D
Requests: 1 HTTP requests in this frame

Frame: http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Frame ID: 01BD1040C81021B8C6C9D002B3332C1B
Requests: 1 HTTP requests in this frame

Frame: http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Frame ID: DE2ADE14B6F1B6145AF61AFD36D9C23D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://incident-prevention.com/ Page URL
  2. http://gadddem.gq/index/?5731550755135 HTTP 302
    http://rolwithred.space/?u=h2xkd0x&o=lxkgnum&t=808 HTTP 302
    http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Page URL
  3. http://app1930.tutonhamon4.live/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7... HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e633... Page URL
  5. https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  6. https://best.prizedeal0819.info/proc.php?74f3382414ca14aac8fdf6ddc2d0d7251101169c HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=673026148282033... Page URL
  7. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339... Page URL
  8. https://up.trkgenius.com/out.php?v=876a08d39e50e40b8628641e0ee09236 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  9. http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
    http://xsportshd.com/index-de.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

102
Requests

68 %
HTTPS

30 %
IPv6

47
Domains

53
Subdomains

30
IPs

10
Countries

2610 kB
Transfer

4660 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://incident-prevention.com/ Page URL
  2. http://gadddem.gq/index/?5731550755135 HTTP 302
    http://rolwithred.space/?u=h2xkd0x&o=lxkgnum&t=808 HTTP 302
    http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Page URL
  3. http://app1930.tutonhamon4.live/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdFQp%2f1VZJXqaaSl00UFg1Fj8E%2fJPVlR1GSW4UVcTtVhbd67DgC6ljLM HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0 Page URL
  5. https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549 Page URL
  6. https://best.prizedeal0819.info/proc.php?74f3382414ca14aac8fdf6ddc2d0d7251101169c HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314 Page URL
  7. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314&m=yFFDI7J.k_21toHjkjDH6SE1tjDxsJ2QsPMFM.X7XkHisJHmOmHZHSHmOhDCHFDBOOaiwJOOOboWNAdx3oHjtCOJtCtNIowRN.ouxbowNAGxABgZH_KNMv3j Page URL
  8. https://up.trkgenius.com/out.php?v=876a08d39e50e40b8628641e0ee09236 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx Page URL
  9. http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
    http://xsportshd.com/index-de.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=400161558&t=pageview&_s=1&dl=https%3A%2F%2Fincident-prevention.com%2F&ul=en-us&de=UTF-8&dt=Utility%20Safety%20and%20Operations%20Incident%20Prevention&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1264533286&gjid=1400097943&cid=386679646.1567011111&tid=UA-436345-3&_gid=1563437368.1567011112&_r=1&gtm=2ou8e1&z=2141768769 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_gid=1563437368.1567011112&gjid=1400097943&_v=j79&z=2141768769 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769&slf_rd=1&random=2935101302
Request Chain 60
  • http://gadddem.gq/index/?5731550755135 HTTP 302
  • http://rolwithred.space/?u=h2xkd0x&o=lxkgnum&t=808 HTTP 302
  • http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
Request Chain 63
  • http://app1930.tutonhamon4.live/web/ HTTP 302
  • http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdFQp%2f1VZJXqaaSl00UFg1Fj8E%2fJPVlR1GSW4UVcTtVhbd67DgC6ljLM HTTP 302
  • http://realcenter-mobileapps2.com/away.php
Request Chain 66
  • https://best.prizedeal0819.info/proc.php?74f3382414ca14aac8fdf6ddc2d0d7251101169c HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
Request Chain 68
  • https://up.trkgenius.com/out.php?v=876a08d39e50e40b8628641e0ee09236 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx
Request Chain 75
  • http://whos.amung.us/cwidget/z15168j4ae/000000ffffff.png HTTP 307
  • http://widgets.amung.us/draw/?w=colored&n=339&c=000000ffffff&p=
Request Chain 83
  • https://secure.adnxs.com/getuid?https://totandrepatrit.pro/s?a=$UID&b=110874680957 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftotandrepatrit.pro%2Fs%3Fa%3D%24UID%26b%3D110874680957 HTTP 302
  • https://totandrepatrit.pro/s?a=4123242139647022578&b=110874680957
Request Chain 89
  • http://whos.amung.us/cwidget/9t0v2a03dyp5/000000ffffff.png HTTP 307
  • http://widgets.amung.us/draw/?w=colored&n=590&c=000000ffffff&p=
Request Chain 97
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html HTTP 302
  • http://usd.odysseus-nua.com/zcvisitor/24eb2fcb-c9b4-11e9-996c-1206c319a1c8?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698&__id__=d3ec2b00-5008-11e7-a36d-0e06c6fba698 HTTP 302
  • https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
Request Chain 98
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html HTTP 302
  • http://usd.india-abc.com/zcvisitor/24e7864f-c9b4-11e9-8a14-1230266a9556?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a HTTP 302
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dsierra-bal-UDZlTdCE%26sc%3Df1be0f9b-24b9-4ef6-b115-1b6525e2d391%26browser%3DChrome%26browserversion%3DChrome%252074%26city%3DFrankfurt%2520Am%2520Main%26os%3DMacOS%26osv%3DMacOS%252010.14%2520Mojave%26model%3DDesktop%26td%3Dtracking.marketing%26ua%3DMozilla%252F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26language%3DUnknown%26connection%3DBROADBAND%26isp%3DUnix%2520Networks%2520ltd.%26carrier%3D%26country%3DDE%26cep%3DA0KV6dFtz_tITxA5zKHFMHqwSq9huKkDhXEZ2zr9EW9Yz7RszUZ1keBP9OgOyNXrS-dw7EPIymuBrhSRr9e18RLTliZetbNJdz3Q53vVx81qwxjfESTwGzjs2cHn2q7Pcd4lf3Jn3_TTmW5FlbM5eUy8mz4J-8Nhm3H93dwlKUWDngZyw4BjaB06heNJYn3g0n_aim3H9pSmpNaLe63Pg4FLEjMr9i_Mviudkr49gRPTXbC1aI0cnR85NOPQBRuprYhM0soS-zfrEvl-2gQ89dbsigJx9GIr99XMp3UP9obieXTTjJhcnBHX07GoN44dmgRwNZhipPnxstjsEgVw-g4RbVNDqAkenKWxrwvoM_3SYYQrj8bpsMF5i2dXLLE_bi3IGOuTiJkZa3wmZIw-PZRGbK0ULw7xfCSFZdwdaxrM-iflf2b5_t_M44Ia6XomkyBIgc02es9EBTptTj3k6SvZ0UR3cn4DOmWylHy_LK_eMtNa2lXDxYnQRc-LtMVw%26lptoken%3D150e67fc01cc29de16be&caid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zpid=24e7864f-c9b4-11e9-8a14-1230266a9556&cid=&rt=DJ HTTP 302
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=sierra-bal-UDZlTdCE&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserversion=Chrome%2074&city=Frankfurt%20Am%20Main&os=MacOS&osv=MacOS%2010.14%20Mojave&model=Desktop&td=tracking.marketing&ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=Unknown&connection=BROADBAND&isp=Unix%20Networks%20ltd.&carrier=&country=DE&cep=A0KV6dFtz_tITxA5zKHFMHqwSq9huKkDhXEZ2zr9EW9Yz7RszUZ1keBP9OgOyNXrS-dw7EPIymuBrhSRr9e18RLTliZetbNJdz3Q53vVx81qwxjfESTwGzjs2cHn2q7Pcd4lf3Jn3_TTmW5FlbM5eUy8mz4J-8Nhm3H93dwlKUWDngZyw4BjaB06heNJYn3g0n_aim3H9pSmpNaLe63Pg4FLEjMr9i_Mviudkr49gRPTXbC1aI0cnR85NOPQBRuprYhM0soS-zfrEvl-2gQ89dbsigJx9GIr99XMp3UP9obieXTTjJhcnBHX07GoN44dmgRwNZhipPnxstjsEgVw-g4RbVNDqAkenKWxrwvoM_3SYYQrj8bpsMF5i2dXLLE_bi3IGOuTiJkZa3wmZIw-PZRGbK0ULw7xfCSFZdwdaxrM-iflf2b5_t_M44Ia6XomkyBIgc02es9EBTptTj3k6SvZ0UR3cn4DOmWylHy_LK_eMtNa2lXDxYnQRc-LtMVw&lptoken=150e67fc01cc29de16be HTTP 302
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE HTTP 301
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Request Chain 99
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html HTTP 302
  • http://xml.realtime-bid.com/click?i=B91zeoFu12A_0 HTTP 302
  • https://witalfieldt.com/redirect?tid=751245&ref= HTTP 302
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=73195269417767045&aff_sub2=751245 HTTP 302
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Request Chain 100
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com HTTP 302
  • http://usd.odysseus-nua.com/zcvisitor/24e78642-c9b4-11e9-8bff-12afbac49a8c?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698&__id__=d3ec2b00-5008-11e7-a36d-0e06c6fba698 HTTP 302
  • https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
Request Chain 101
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com/football-live-streaming.html HTTP 302
  • http://xml.realtime-bid.com/click?i=km1ao3kov8M_0 HTTP 302
  • https://ads.casumoaffiliates.com/redirect.aspx?pid=1159029&bid=7949&AFFID=Casumodesk_64582_682790 HTTP 301
  • https://campaigns.casumo.com/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
Request Chain 102
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com/football-live-streaming.html HTTP 302
  • http://xml.realtime-bid.com/click?i=3t5enQcRIkk_0 HTTP 302
  • https://witalfieldt.com/redirect?tid=751245&ref= HTTP 302
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=5265552259346533947&aff_sub2=751245 HTTP 302
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Request Chain 104
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com/other-live-streaming.html HTTP 302
  • http://xml.realtime-bid.com/click?i=uFRLujUlsZU_0 HTTP 302
  • https://witalfieldt.com/redirect?tid=751245&ref= HTTP 302
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=1270542051888097942&aff_sub2=751245 HTTP 302
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Request Chain 105
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com HTTP 302
  • http://usd.india-abc.com/zcvisitor/251ec2ed-c9b4-11e9-996c-1206c319a1c8?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a HTTP 302
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dzulu-log-JkW3v1ki%26sc%3Df1be0f9b-24b9-4ef6-b115-1b6525e2d391%26browser%3DChrome%26browserversion%3DChrome%252074%26city%3DFrankfurt%2520Am%2520Main%26os%3DMacOS%26osv%3DMacOS%252010.14%2520Mojave%26model%3DDesktop%26td%3Dtracking.marketing%26ua%3DMozilla%252F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26language%3DUnknown%26connection%3DBROADBAND%26isp%3DUnix%2520Networks%2520ltd.%26carrier%3D%26country%3DDE%26cep%3Dk4v20zsy2M9gcOqP5t6MAaGWSpxKxdyDbRcDXOidhFM9p_tMSJ6mWwuT_rgHOz7HLc-UrgXzt1wGVgvtaNP7mb6Wos0Ed8mgQVLqgMUkAAmem2-iw3W3bAtZR9PuyKU-G1sYOelOMoCvHlhNv81-AqODjucBMoxFW0hfsbKLCpeZ1ht0m-BtXuuPOINQIr4GZK_vxKqQsLKQClRTaBMOG9ufG8Fm9ZPb07o-wE8W0vGPFVzUSEXCINEvsPc6XBHYoSL6ImLbr9IT33KTPLGnLn6qOsSJKbopaldEOix1aQYeL8-tD8brtLifWR6pe2Y6romEMWrS9jeLlPiKnM7s44T4sRm6BGAD5B6JCX0OEcoadWmLPv0PZpSkvXEWwOyzig_N0pjq_9c-q2Yg0iPH9YwTHj8xHPFLcCpUgsLtWaP1w3m3lJpMC0TpVDlTscdrdOhlPT6oqiWHFg3ApFGyB-vwz7Y0jzO5p4wG12m5Tc7tPCeCSqgKSoceEev0UsaH%26lptoken%3D150e67fc01cc29de16be&caid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zpid=251ec2ed-c9b4-11e9-996c-1206c319a1c8&cid=&rt=DJ HTTP 302
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=zulu-log-JkW3v1ki&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserversion=Chrome%2074&city=Frankfurt%20Am%20Main&os=MacOS&osv=MacOS%2010.14%20Mojave&model=Desktop&td=tracking.marketing&ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=Unknown&connection=BROADBAND&isp=Unix%20Networks%20ltd.&carrier=&country=DE&cep=k4v20zsy2M9gcOqP5t6MAaGWSpxKxdyDbRcDXOidhFM9p_tMSJ6mWwuT_rgHOz7HLc-UrgXzt1wGVgvtaNP7mb6Wos0Ed8mgQVLqgMUkAAmem2-iw3W3bAtZR9PuyKU-G1sYOelOMoCvHlhNv81-AqODjucBMoxFW0hfsbKLCpeZ1ht0m-BtXuuPOINQIr4GZK_vxKqQsLKQClRTaBMOG9ufG8Fm9ZPb07o-wE8W0vGPFVzUSEXCINEvsPc6XBHYoSL6ImLbr9IT33KTPLGnLn6qOsSJKbopaldEOix1aQYeL8-tD8brtLifWR6pe2Y6romEMWrS9jeLlPiKnM7s44T4sRm6BGAD5B6JCX0OEcoadWmLPv0PZpSkvXEWwOyzig_N0pjq_9c-q2Yg0iPH9YwTHj8xHPFLcCpUgsLtWaP1w3m3lJpMC0TpVDlTscdrdOhlPT6oqiWHFg3ApFGyB-vwz7Y0jzO5p4wG12m5Tc7tPCeCSqgKSoceEev0UsaH&lptoken=150e67fc01cc29de16be HTTP 302
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki HTTP 301
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Request Chain 106
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com HTTP 302
  • http://usd.india-abc.com/zcvisitor/2523cbf7-c9b4-11e9-8a14-1230266a9556?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a HTTP 302
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dzulu-log-JkW3v1ki%26sc%3Df1be0f9b-24b9-4ef6-b115-1b6525e2d391%26browser%3DChrome%26browserversion%3DChrome%252074%26city%3DFrankfurt%2520Am%2520Main%26os%3DMacOS%26osv%3DMacOS%252010.14%2520Mojave%26model%3DDesktop%26td%3Dtracking.marketing%26ua%3DMozilla%252F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26language%3DUnknown%26connection%3DBROADBAND%26isp%3DUnix%2520Networks%2520ltd.%26carrier%3D%26country%3DDE%26cep%3DrTOzbHGGJ_wgrpzsG_vWC1Z9ecLz204c4sc1vtFQvIYKLi9V1OfiD7t5cCkYhbr0KeJTe9vbHgX72FxFNH_p2G06gHBmzTuUQWxGqeG5acFy1vPj08bI_wgTW3eUVJW7WKLM6yf_AYz7s0XurJYk69MCahWylW7NTdvSFolXOjM1YgaeX-Gigk9T8UUI-y_ffEA7pHcIEjBEHU44PdKkg9COPJi-Nq0bJrXYDkPnnG47vBgqwBwGjw21IYdagvi8J1SDxu9wpcQr8sVrcoPLGvCYDBoLyFk2GYSt1Y10DDBX6N5tQnAh8EU4FnotBF_zcsYX93mUMrDh6sbbbNwio5WUHjy0t-IuSuSdH5amxoq2nbLrsMgRPTnc9PKqGZqOrva_cf3Me_4qThaJX_bnZ0QiPnEkxKOeH3-kNymxB4VRqNu-kstnhodak_1gzL211sgcBnO6tTyacFi0IHyWIn7U5u72jbjY7oCXVMlPSLVRv1HAb9_yxgGwMa_IK-Ii%26lptoken%3D157f6737019a2905173d&caid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zpid=2523cbf7-c9b4-11e9-8a14-1230266a9556&cid=&rt=DJ HTTP 302
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=zulu-log-JkW3v1ki&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserversion=Chrome%2074&city=Frankfurt%20Am%20Main&os=MacOS&osv=MacOS%2010.14%20Mojave&model=Desktop&td=tracking.marketing&ua=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&language=Unknown&connection=BROADBAND&isp=Unix%20Networks%20ltd.&carrier=&country=DE&cep=rTOzbHGGJ_wgrpzsG_vWC1Z9ecLz204c4sc1vtFQvIYKLi9V1OfiD7t5cCkYhbr0KeJTe9vbHgX72FxFNH_p2G06gHBmzTuUQWxGqeG5acFy1vPj08bI_wgTW3eUVJW7WKLM6yf_AYz7s0XurJYk69MCahWylW7NTdvSFolXOjM1YgaeX-Gigk9T8UUI-y_ffEA7pHcIEjBEHU44PdKkg9COPJi-Nq0bJrXYDkPnnG47vBgqwBwGjw21IYdagvi8J1SDxu9wpcQr8sVrcoPLGvCYDBoLyFk2GYSt1Y10DDBX6N5tQnAh8EU4FnotBF_zcsYX93mUMrDh6sbbbNwio5WUHjy0t-IuSuSdH5amxoq2nbLrsMgRPTnc9PKqGZqOrva_cf3Me_4qThaJX_bnZ0QiPnEkxKOeH3-kNymxB4VRqNu-kstnhodak_1gzL211sgcBnO6tTyacFi0IHyWIn7U5u72jbjY7oCXVMlPSLVRv1HAb9_yxgGwMa_IK-Ii&lptoken=157f6737019a2905173d HTTP 302
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki HTTP 301
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
incident-prevention.com/ 		64 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
253d59b2bfd332120e3ab08ab6e56c97c5b65722f35a5ae8f10171aa39fe98b4

Request headers

:method
GET
:authority
incident-prevention.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:51 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9205f9d4ff185c6abfc42fcda6bbe6141567011110; expires=Thu, 27-Aug-20 16:51:50 GMT; path=/; domain=.incident-prevention.com; HttpOnly; Secure 8dac7a5aed439c5919b2aced6487864a=0a6c4ce69d949174865a22ee0d06b469; path=/; HttpOnly
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
expires
Wed, 17 Aug 2005 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
last-modified
Wed, 28 Aug 2019 16:51:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cace6b4dcbc8-VIE
content-encoding
br
style-5.3.2.min.css
incident-prevention.com/components/com_easyblog/themes/nomad/styles/ 		431 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/components/com_easyblog/themes/nomad/styles/style-5.3.2.min.css
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d92d30c33315eedb82bfe3411ce6143e621030a7d0f1ec3460071d24171f5bc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jul 2019 16:32:19 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad458f2cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
theme.207.css
incident-prevention.com/templates/yootheme/css/ 		407 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe00ff7ca43fa04f0cdd62cb9f8b8501a7091243da32c4a4ca183bc127a580d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Aug 2019 13:02:59 GMT
server
cloudflare
age
421
cf-polished
origSize=419720
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=86400
cf-bgj
minify
cf-ray
50d7cad458f3cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
jquery.min.js
incident-prevention.com/media/jui/js/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/media/jui/js/jquery.min.js?17eb2dd02a6e10c0e710977a81b47b9a
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2019 18:14:06 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad458f4cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
jquery-noconflict.js
incident-prevention.com/media/jui/js/ 		20 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/media/jui/js/jquery-noconflict.js?17eb2dd02a6e10c0e710977a81b47b9a
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
age
421
cf-polished
origSize=21
status
200
last-modified
Mon, 12 Aug 2019 18:14:06 GMT
content-length
20
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad458f6cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
jquery-migrate.min.js
incident-prevention.com/media/jui/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/media/jui/js/jquery-migrate.min.js?17eb2dd02a6e10c0e710977a81b47b9a
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2019 18:14:06 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad458f7cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
analytics.min.js
incident-prevention.com/templates/yootheme/vendor/yootheme/theme-analytics/app/ 		494 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/vendor/yootheme/theme-analytics/app/analytics.min.js?v=1.21.9
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0cfd07061ec426b14b14e9d771eabe3c5ca4f67a94f728ce24138d8e9e3e21

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Aug 2019 21:25:32 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad458f8cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
scripts-534cd5b9.js
incident-prevention.com/templates/yootheme/cache/ 		198 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a938ea209d1ee5ff1cadc6896a3fe3e0c8163913712e8672d96e9bfa4e87f0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Aug 2019 21:25:37 GMT
server
cloudflare
age
421
cf-polished
origSize=202442
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-bgj
minify
cf-ray
50d7cad458f9cbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
site-5.3.2-basic.min.js
incident-prevention.com/media/com_easyblog/scripts/ 		603 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/media/com_easyblog/scripts/site-5.3.2-basic.min.js
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cedfdc33e9ff45a2a400c06dc28b32cd5eab5e50488b1650ba44ea8fc3c83e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jul 2019 16:32:19 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad458facbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
15181b10b9cc838d6895d4a7ec1dd16897b22a763800f4cd5d2ace5084c5ab2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
34981
x-xss-protection
0
server
cafe
etag
2822467347844166493
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 16:51:51 GMT
ip-logo-ft-7271754b.png
incident-prevention.com/templates/yootheme/cache/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/ip-logo-ft-7271754b.png
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1cac696f00668e0e97d35928fc5ce136e2bab8992fb697f77ecaf888e9332f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Jun 2018 18:17:49 GMT
server
cloudflare
age
421
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad47933cbc8-VIE
content-length
3139
expires
Thu, 29 Aug 2019 16:51:51 GMT
iP-2017-Logo-TM-df517145.png
incident-prevention.com/templates/yootheme/cache/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/iP-2017-Logo-TM-df517145.png
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96be0dfcf59c986c519e4d6cf1388b62cb38c8e1999513d5052fe36b285a947e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Jun 2018 18:17:49 GMT
server
cloudflare
age
420
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad51aa8cbc8-VIE
content-length
28749
expires
Thu, 29 Aug 2019 16:51:51 GMT
b2ap3_large_Web-Updated-DrivingDynamics_5-Levels-Communication-GreyBkgd.jpg
incident-prevention.com/images/easyblog_articles/782/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/782/b2ap3_large_Web-Updated-DrivingDynamics_5-Levels-Communication-GreyBkgd.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8556b54b80bcfc636e01fc6df6c8bf37b7789c1c51bf104b2bed99bede48cba2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2019 19:19:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad51aaacbc8-VIE
content-length
25403
expires
Thu, 29 Aug 2019 16:51:51 GMT
b2ap3_large_Web-Edmonds-background.jpg
incident-prevention.com/images/easyblog_articles/781/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/781/b2ap3_large_Web-Edmonds-background.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ecfc757dff20b095a76f9ce8a4391d29d215bb945b47d250e3804aa345ee37d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2019 19:15:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad55b0fcbc8-VIE
content-length
34998
expires
Thu, 29 Aug 2019 16:51:51 GMT
b2ap3_large_Web-Safety-Team.jpg
incident-prevention.com/images/easyblog_articles/770/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/770/b2ap3_large_Web-Safety-Team.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3adfad690aa02a4a5c67f5eade359a20c2315f1374aa04c6ef0ac3ec78d226

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2019 16:29:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad56b2ccbc8-VIE
content-length
21230
expires
Thu, 29 Aug 2019 16:51:51 GMT
position.min.js
incident-prevention.com/media/com_easyblog/scripts/vendors/ui/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/media/com_easyblog/scripts/vendors/ui/position.min.js
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/media/jui/js/jquery.min.js?17eb2dd02a6e10c0e710977a81b47b9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb2d21f30444991d7fb2df4410136bceaf64b420e47fd4c10f8db8b0550c730

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Apr 2018 18:25:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
50d7cad56b2ecbc8-VIE
expires
Thu, 29 Aug 2019 16:51:51 GMT
loader.js
static.olark.com/jsclient/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/loader.js
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
d69064f9d472279ad64fef86f9cfe6d061608010d8d8aa04cf874568c4186416

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2019 16:43:28 GMT
server
ECS (fcn/41A4)
etag
W/"5d31f330-22be"
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript
content-length
3146
via
1.1 google
expires
Wed, 28 Aug 2019 19:51:51 GMT
redirect.php
incident-prevention.com/ Frame 4A72 		365 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/redirect.php?url=aHR0cDovL29ubGluZS5pbmNpZGVudC1wcmV2ZW50aW9uLmNvbS9wdWJsaXNoL2dldENvdmVyLnBocD9wb3B1cD10cnVlJmlzej0yNTEmbT0xOTM4OQ==
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
276906aa6ce0c84493abe052435ddb1dd13c29260a70b2ea93da17cec2dd8152

Request headers

:method
GET
:authority
incident-prevention.com
:scheme
https
:path
/redirect.php?url=aHR0cDovL29ubGluZS5pbmNpZGVudC1wcmV2ZW50aW9uLmNvbS9wdWJsaXNoL2dldENvdmVyLnBocD9wb3B1cD10cnVlJmlzej0yNTEmbT0xOTM4OQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://incident-prevention.com/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d9205f9d4ff185c6abfc42fcda6bbe6141567011110; 8dac7a5aed439c5919b2aced6487864a=0a6c4ce69d949174865a22ee0d06b469
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://incident-prevention.com/

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:51 GMT
content-type
text/html; charset=UTF-8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cad56b2fcbc8-VIE
content-encoding
br
font-2796f890.woff2
incident-prevention.com/templates/yootheme/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-2796f890.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b99cbc8-VIE
content-length
15344
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-66cfe135.woff2
incident-prevention.com/templates/yootheme/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-66cfe135.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b9acbc8-VIE
content-length
14544
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-7e3e66cb.woff2
incident-prevention.com/templates/yootheme/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-7e3e66cb.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:55 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b9bcbc8-VIE
content-length
14564
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-05d3e9a7.woff2
incident-prevention.com/templates/yootheme/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-05d3e9a7.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30da2bff9b5cb0f94b04c9c21ec607dfb1b46cf706802a093185036b333f89e6

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b9ccbc8-VIE
content-length
15252
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-9c210a55.woff2
incident-prevention.com/templates/yootheme/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-9c210a55.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f120e3bbb65e999c5bb8492ec326934e9d8578b9134ad2c97713b8570867df8

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b9dcbc8-VIE
content-length
15164
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-fce4bd27.woff2
incident-prevention.com/templates/yootheme/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-fce4bd27.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59b9fcbc8-VIE
content-length
15440
expires
Thu, 29 Aug 2019 16:51:51 GMT
font-16da9696.woff2
incident-prevention.com/templates/yootheme/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incident-prevention.com/templates/yootheme/fonts/font-16da9696.woff2
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/templates/yootheme/css/theme.207.css?v=1566306179
Origin
https://incident-prevention.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jul 2018 20:33:56 GMT
server
cloudflare
age
419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad59ba0cbc8-VIE
content-length
15332
expires
Thu, 29 Aug 2019 16:51:51 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34a1f9976fe0698e932d7a54ca8d24b7bc991d8f9800cf21b9799164ea88186c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=incident-prevention.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=incident-prevention.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/ 		221 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef184624ec8084ef9f3e3a3159b37e847417d50de3aae2561d7335a5766d04d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
83411
x-xss-protection
0
server
cafe
etag
18308782597284574375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 16:51:51 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77dcfa1e3d3efb6f238cc960d2f965c24e2126952ae6539c56b9e7675ec8369a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/ Frame 510A 		221 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef184624ec8084ef9f3e3a3159b37e847417d50de3aae2561d7335a5766d04d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
83411
x-xss-protection
0
server
cafe
etag
18308782597284574375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 16:51:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190826/r20190131/ Frame F622 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190826/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190826/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://incident-prevention.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://incident-prevention.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 27 Aug 2019 00:03:49 GMT
expires
Tue, 10 Sep 2019 00:03:49 GMT
content-type
text/html; charset=UTF-8
etag
4817175036427020965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7274
x-xss-protection
0
cache-control
public, max-age=1209600
age
146882
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
ip-magazine-home-c22fb1dd.jpeg
incident-prevention.com/templates/yootheme/cache/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/ip-magazine-home-c22fb1dd.jpeg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 28 Mar 2019 14:54:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad5fc57cbc8-VIE
content-length
144652
expires
Thu, 29 Aug 2019 16:51:51 GMT
build_deliver_effective_safety_courses-72642133.png
incident-prevention.com/templates/yootheme/cache/ 		471 KB
472 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/build_deliver_effective_safety_courses-72642133.png
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Aug 2019 14:50:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad869bfcbc8-VIE
content-length
482597
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-Instructor-with-Group.jpg
incident-prevention.com/images/easyblog_articles/779/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/779/b2ap3_large_Web-Instructor-with-Group.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2019 18:59:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad89a23cbc8-VIE
content-length
60947
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-IMG_1196.jpg
incident-prevention.com/images/easyblog_articles/771/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/771/b2ap3_large_Web-IMG_1196.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2019 16:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad8ba92cbc8-VIE
content-length
51036
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-Missouri-Valley-JATC-1.jpg
incident-prevention.com/images/easyblog_articles/760/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/760/b2ap3_large_Web-Missouri-Valley-JATC-1.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 10 Apr 2019 15:54:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad8ba93cbc8-VIE
content-length
31023
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-DSC00163.jpg
incident-prevention.com/images/easyblog_articles/780/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/780/b2ap3_large_Web-DSC00163.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Aug 2019 19:11:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad94bcccbc8-VIE
content-length
37728
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-Kelly-Brett-FMS.jpg
incident-prevention.com/images/easyblog_articles/772/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/772/b2ap3_large_Web-Kelly-Brett-FMS.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Jun 2019 16:52:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cad97c1bcbc8-VIE
content-length
41242
expires
Thu, 29 Aug 2019 16:51:52 GMT
b2ap3_large_Web-190319---Jesse-Hardy-Magazine-Pics---4.jpg
incident-prevention.com/images/easyblog_articles/759/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/easyblog_articles/759/b2ap3_large_Web-190319---Jesse-Hardy-Magazine-Pics---4.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 10 Apr 2019 15:50:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cadbb9c1cbc8-VIE
content-length
48352
expires
Thu, 29 Aug 2019 16:51:52 GMT
NASCO-ArcWear-JOOMLA.jpg
incident-prevention.com/images/stories/products/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/stories/products/NASCO-ArcWear-JOOMLA.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Aug 2019 21:28:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cadbc9cacbc8-VIE
content-length
5544
expires
Thu, 29 Aug 2019 16:51:52 GMT
app.js
static.olark.com/jsclient/ Frame 0579 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/app.js
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FB) /
Resource Hash
295aa5529401acf528980bb2419f31c082c03e6ef7fbac2aab5aa06488aad2aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2019 16:43:16 GMT
server
ECS (fcn/40FB)
etag
W/"5d31f324-d844"
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript
content-length
18382
via
1.1 google
expires
Wed, 28 Aug 2019 19:51:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A995 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4909232145069428&output=html&adk=1812271804&adf=3025194257&lmt=1567011110&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fincident-prevention.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567011111319&bpp=13&bdt=239&fdt=86&idt=87&shv=r20190826&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2527967927400&frm=20&pv=2&ga_vid=386679646.1567011111&ga_sid=1567011111&ga_hid=400161558&ga_fc=0&iag=0&icsg=1048554&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21063908&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3142610666&ifi=0&uci=0.hib2p95kz7sl&fsb=1&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4909232145069428&output=html&adk=1812271804&adf=3025194257&lmt=1567011110&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fincident-prevention.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1567011111319&bpp=13&bdt=239&fdt=86&idt=87&shv=r20190826&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2527967927400&frm=20&pv=2&ga_vid=386679646.1567011111&ga_sid=1567011111&ga_hid=400161558&ga_fc=0&iag=0&icsg=1048554&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21063908&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3142610666&ifi=0&uci=0.hib2p95kz7sl&fsb=1&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://incident-prevention.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://incident-prevention.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Aug 2019 16:51:51 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Aug-2019 17:06:51 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Wed, 28 Aug 2019 16:51:51 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190826/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
eb815c0a9dc0c022eebbaab88f1413f0ab1a49013a63b901ac6483fdd1dc3fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1566818030648843"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28402
x-xss-protection
0
expires
Wed, 28 Aug 2019 16:51:51 GMT
342078767
player.vimeo.com/video/ Frame 9D26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/342078767
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://incident-prevention.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://incident-prevention.com/

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 29 Aug 2019 06:49:10 GMT
Via
1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Content-Length
6529
Accept-Ranges
bytes
Date
Wed, 28 Aug 2019 16:51:51 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-bwi5145-BWI, cache-fra19161-FRA
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-Timer
S1567011111.472626,VS0,VE119
Vary
Accept-Encoding
348632445
player.vimeo.com/video/ Frame AA8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/348632445
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://incident-prevention.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://incident-prevention.com/

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 29 Aug 2019 10:16:08 GMT
Via
1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Content-Length
6589
Accept-Ranges
bytes
Date
Wed, 28 Aug 2019 16:51:51 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-bwi5140-BWI, cache-fra19170-FRA
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-Timer
S1567011111.471649,VS0,VE105
Vary
Accept-Encoding
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb49ec67bafcc1fe7622f5e9ca5d7d021faf92e3b55b97cd5f8239f8f60aecb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9e1a595ce4e0741a9544110493ef371e71668867c8f685216ab4c03f555f1bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c2bc32208db9bd0a6f1685671ec17f5a92fdd7df0465f4b74b5a1d4db1a2e82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7819a2765bb6f1a2fc51383035437196d7827da0d5dc5262ceefb733e41175f5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
9085-818-10-2146.js
static.olark.com/a/assets/v0/site/ Frame 0579 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/a/assets/v0/site/9085-818-10-2146.js?cb=1567011111505
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B6) /
Resource Hash
8b5e6317541f31352c8e7949c9d1d62dfd3d469d7aac30e3758ac9b4c2f3e0b1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
via
1.1 google
last-modified
Wed, 28 Aug 2019 13:03:18 GMT
server
ECS (fcn/40B6)
status
200
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
14232
wbenc-ip.png
incident-prevention.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/images/wbenc-ip.png
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Aug 2017 20:02:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cadc0a5bcbc8-VIE
content-length
3500
expires
Thu, 29 Aug 2019 16:51:52 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee829bc5fcbb990ddcccda36dee631692a2401be69865dee9c68a7c745699927

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
r.php
quahotluon.com/wp-admin/css/colors/blue/ 		40 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quahotluon.com/wp-admin/css/colors/blue/r.php
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6048 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
50d7cad83bdb5a18-VIE
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
last-modified
Thu, 06 Dec 2018 14:12:12 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-139234964"
x-cacheable
Matched cache
content-type
text/javascript
status
200
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4333
x-request-id
0f16624383ff1f9870061cd1158a7ee8
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-436345-3
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/vendor/yootheme/theme-analytics/app/analytics.min.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a79dd64f8bba6eeeec2361ae6c76e9433759e3c64c5d6034469ee29f6f19160
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:51 GMT
content-encoding
br
last-modified
Wed, 28 Aug 2019 16:25:27 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26572
x-xss-protection
0
expires
Wed, 28 Aug 2019 16:51:51 GMT
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4214393&@f16&@g1&@h1&@i1&@j1567011111700&@k0&@l1&@mUtility%20Safety%20and%20Operations%20Incident%20Prevention&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-47047752&@b3:1567011112&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fincident-prevention.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561403.ip-158-69-252.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:51 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-436345-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5154
date
Wed, 28 Aug 2019 15:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 28 Aug 2019 17:25:57 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=400161558&t=pageview&_s=1&dl=https%3A%2F%2Fincident-prevention.com%2F&ul=en-us&de=UTF-8&dt=Utility%20Safety%20and%20Operations%20Incident%20P...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_gid=1563437368.1567011112&gjid=1400097943&_v=j79&z=2141768769
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769&slf_rd=1&random=2935101302
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769&slf_rd=1&random=2935101302
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 16:51:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Aug 2019 16:51:51 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-436345-3&cid=386679646.1567011111&jid=1264533286&_v=j79&z=2141768769&slf_rd=1&random=2935101302
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6c935f8ccc5020222067b1c2845f8bdca00b8ef0.jpg
cdn.coverstand.com/19389/609239/iphonejpg/320/ Frame 4A72 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.coverstand.com/19389/609239/iphonejpg/320/6c935f8ccc5020222067b1c2845f8bdca00b8ef0.jpg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/redirect.php?url=aHR0cDovL29ubGluZS5pbmNpZGVudC1wcmV2ZW50aW9uLmNvbS9wdWJsaXNoL2dldENvdmVyLnBocD9wb3B1cD10cnVlJmlzej0yNTEmbT0xOTM4OQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x02a.map2.ssl.hwcdn.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/redirect.php?url=aHR0cDovL29ubGluZS5pbmNpZGVudC1wcmV2ZW50aW9uLmNvbS9wdWJsaXNoL2dldENvdmVyLnBocD9wb3B1cD10cnVlJmlzej0yNTEmbT0xOTM4OQ==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:51 GMT
Last-Modified
Mon, 12 Aug 2019 20:11:12 GMT
ETag
"1565640672"
X-HW
1567011111.dop006.fr8.t,1567011111.cds060.fr8.shn,1567011111.dop006.fr8.t,1567011111.cds141.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
67964
Cookie set /
app1930.tutonhamon4.live/1853184888/
Redirect Chain
  • http://gadddem.gq/index/?5731550755135
  • http://rolwithred.space/?u=h2xkd0x&o=lxkgnum&t=808
  • http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
85 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/
Protocol
HTTP/1.1
Server
5.189.252.12 , Czech Republic, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software
nginx/1.12.0 / ASP.NET
Resource Hash
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6

Request headers

Host
app1930.tutonhamon4.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.0
Date
Wed, 28 Aug 2019 16:51:52 GMT
Content-Type
text/html
Content-Length
85
Connection
keep-alive
Cache-Control
private
Set-Cookie
ASP.NET_SessionId=obgdxy3ro5lzcwiupw14kx5y; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Server
nginx/1.12.0
Date
Wed, 28 Aug 2019 16:51:52 GMT
Content-Length
202
Connection
keep-alive
Cache-Control
private
Location
http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
Set-Cookie
ASP.NET_SessionId=wxxshudrly23cf2g1dudjsmy; path=/; HttpOnly
X-Powered-By
ASP.NET
ip-magazine-home-c22fb1dd.jpeg
incident-prevention.com/templates/yootheme/cache/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/ip-magazine-home-c22fb1dd.jpeg
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2019 14:54:28 GMT
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cadc1a73cbc8-VIE
content-length
144652
expires
Thu, 29 Aug 2019 16:51:52 GMT
build_deliver_effective_safety_courses-72642133.png
incident-prevention.com/templates/yootheme/cache/ 		471 KB
472 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incident-prevention.com/templates/yootheme/cache/build_deliver_effective_safety_courses-72642133.png
Requested by
Host: incident-prevention.com
URL: https://incident-prevention.com/templates/yootheme/cache/scripts-534cd5b9.js?v=1.21.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1765 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://incident-prevention.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:52 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Aug 2019 14:50:20 GMT
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
50d7cadc3abdcbc8-VIE
content-length
482597
expires
Thu, 29 Aug 2019 16:51:52 GMT
away.php
realcenter-mobileapps2.com/
Redirect Chain
  • http://app1930.tutonhamon4.live/web/
  • http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdFQp%2f1VZJXqaa...
  • http://realcenter-mobileapps2.com/away.php
341 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
http://realcenter-mobileapps2.com/away.php
Requested by
Host: app1930.tutonhamon4.live
URL: http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
Protocol
HTTP/1.1
Server
185.50.248.98 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
712113e733ea381a810c1ffdb0a2315d7189b8f7be6e33e8b04d09eeb88a605a

Request headers

Host
realcenter-mobileapps2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=9loq2gm8f6b8arhftvq4huts07
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://app1930.tutonhamon4.live/1853184888/?u=h2xkd0x&o=lxkgnum&t=808&f=1

Response headers

Server
nginx
Date
Wed, 28 Aug 2019 16:51:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 28 Aug 2019 16:51:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=9loq2gm8f6b8arhftvq4huts07; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/away.php
/
best.prizedeal0819.info/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0
Requested by
Host: realcenter-mobileapps2.com
URL: http://realcenter-mobileapps2.com/away.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
9899025ea5718fc42e7de8f536d1997660c987a3330faee85f11f0472620906c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
best.prizedeal0819.info
:scheme
https
:path
/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=51fb6cb0c289053592856daa96a00aac; expires=Thu, 27-Aug-2020 16:51:53 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
best.prizedeal0819.info/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549
Requested by
Host: best.prizedeal0819.info
URL: https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
ed6833028e487d2a4020343442a17eef5b54a931dda1cc4d2fad7c395f477e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
best.prizedeal0819.info
:scheme
https
:path
/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0
accept-encoding
gzip, deflate, br
cookie
u=51fb6cb0c289053592856daa96a00aac
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=e6338a99-1d50-4756-9863-34fb1109a3e0

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • https://best.prizedeal0819.info/proc.php?74f3382414ca14aac8fdf6ddc2d0d7251101169c
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
Requested by
Host: best.prizedeal0819.info
URL: https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://best.prizedeal0819.info/?utm_term=6730261482820339233&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b28485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c549

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html; charset=UTF-8
location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
in.php
up.trkgenius.com/ 		1 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314&m=yFFDI7J.k_21toHjkjDH6SE1tjDxsJ2QsPMFM.X7XkHisJHmOmHZHSHmOhDCHFDBOOaiwJOOOboWNAdx3oHjtCOJtCtNIowRN.ouxbowNAGxABgZH_KNMv3j
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314&m=yFFDI7J.k_21toHjkjDH6SE1tjDxsJ2QsPMFM.X7XkHisJHmOmHZHSHmOhDCHFDBOOaiwJOOOboWNAdx3oHjtCOJtCtNIowRN.ouxbowNAGxABgZH_KNMv3j
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=876a08d39e50e40b8628641e0ee09236
set-cookie
t=1ad3fc7eaeeb56db
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=876a08d39e50e40b8628641e0ee09236
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.227.130.45 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
78ede460194c9b189b7b6b1219b94a07fed611173b69fa1795763870ffd91286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Host
minently.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314&m=yFFDI7J.k_21toHjkjDH6SE1tjDxsJ2QsPMFM.X7XkHisJHmOmHZHSHmOhDCHFDBOOaiwJOOOboWNAdx3oHjtCOJtCtNIowRN.ouxbowNAGxABgZH_KNMv3j
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730261482820339233&pubid=1314&m=yFFDI7J.k_21toHjkjDH6SE1tjDxsJ2QsPMFM.X7XkHisJHmOmHZHSHmOhDCHFDBOOaiwJOOOboWNAdx3oHjtCOJtCtNIowRN.ouxbowNAGxABgZH_KNMv3j

Response headers

date
Wed, 28 Aug 2019 16:51:54 GMT
content-type
text/html;charset=utf-8
transfer-encoding
chunked
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-encoding
gzip
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=3e1e5b52aa488c18d9d159398dc52481_1567011114.0608; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 16:51:54 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1567011114.0647; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 16:51:54 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnlINCt6a3Q1U3gzOFVLeFlkQ3FJT2dxY2VkVzlzTTVNZVJqSGFCckhhcQ%3D%3D; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 16:51:54 UTC; Secure 3e1e5b52aa488c18d9d159398dc52481_1567011114.0608_ck=MzhEZ044WllxeTNrQ0VUajhpc0luL01aclZJUFRHSmJSTDBFRDRhKzNVTXdYZnZZcXR6bC9CVWFEN1ZyVkd5VXlUVFdLVkphOUQ4elFZNHZqenltWFNKaEpJck0vaGliYWxtekNKV3oyR1FaQUh5aDd4Tk40Mm9hUjBMU1pCVDF0WWJlbEVDZDFBNTZBU1ZIUnJaajNINDR0eUo0cUtyaE0zT295RDVja0grbjU2ejNITUF4OU04WHd3aWQ0UlVJNkV0Z2RuZWYrSGdvbjllQ0Q0RzVBRWhnYnliaWJNUzh4RFlrQnhMeWdQb1NrT1ZnZlh1TVBnZWFMajlpdlFnb09LaGxieGwxdS9sM3RuMjdsbTRpVmZZanZiTVJGbDZZWXY0Y1BFdHVrelhycnY0ZGZ2blRaZ2dQenhWU0hCUmNOaFV0SmMveUVXbUNGTkNBMW9sSXhyU1FkQnJ3TmFtNHZUVHdIRngrYTNzTW1lZWVxdURLZTMwdmNBbUw4ZkJTckY1YmdNWTA0TXNyZ3ZVY3MxYk51clN1RHM5MlpIWHdoRHBuSytFdGNMdDErSEMwWFYybWlLOGh5U0MvMWtOQk1PN21hb1hjZk5WaTlyZVF2MU9KditUMGxVVFFrdVBWUzVaZDA4K05UQWpuR3NwZGVGZ090UmxzSDRuTVJZemh6d0pXNlFuVHBvam9DY3BXZ2hyL2ZQUEU4SzNCdERMVXhUOHgxaXpSSUlaUUl6eXJycGI5aFRtMG5XVUdLQ0VtNGphQk10TGFvMzFVM1BFRG16aGw5a1lpVWdObVRlenE3RnRNaEQwNmd1aVIzc0IyVGhQejNwSHFoZmZrL2I5aGhpYVJTVzlNNkpkU2JubkxhZ0RJdnpmSEdRNk1SSFhTcHoyZC85QlRNSWwrVnh6UjNqQzVpdGw4RWRkWVVWRnkwWlA4RjA0ODMydnBVa2xwODgxazJJYVorcmRiZDh3S1VVYVl6RDhUWllrWkJDOFllblJ2cDBQcDYyK3YvVm1p; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 16:51:54 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=N0xHTUM3aU00NjhoSGR0NFRJUXNrY1AwZXBWOS85NjdWNGhmTU4yOVJ6Y1Q2T0UySjIxeXFQRTRVZWorUW1pM3dxWCt1b1N3RXZOR3doVW5BRkNsUk4rdzRNQUxRV3BWRnM2WXkya2x4SVU9; domain=minently.com; path=/; expires=Wed, 28-Aug-2019 17:56:54 UTC; Secure SERVERID=sfc4; path=/
strict-transport-security
max-age=31536000; includeSubDomains;

Redirect headers

status
302
server
nginx/1.17.0
date
Wed, 28 Aug 2019 16:51:53 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
ad
ps.popcash.net/ad/ 		0
0
Primary Request index-de.html
xsportshd.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903
  • http://xsportshd.com/index-de.html
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xsportshd.com/index-de.html
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=2f60eeb1f53b8c75b66eaa7104029592&ext1=dvx
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash
aad24581280e73d999148da506dad05798b7d846876cb5009145b0a4d630f0c2

Request headers

Host
xsportshd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:31 GMT
Content-Type
text/html
Content-Length
8372
Last-Modified
Sun, 18 Aug 2019 18:41:38 GMT
Connection
keep-alive
ETag
"5d599be2-20b4"
Accept-Ranges
bytes

Redirect headers

Date
Wed, 28 Aug 2019 16:51:54 GMT
Content-Type
text/html; charset=utf-8
Content-Length
61
Connection
keep-alive
Server
nginx
Location
http://xsportshd.com/index-de.html
/
doo6pwib3qngu.cloudfront.net/ 		171 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
2600:9000:2057:e200:d:bb42:1380:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
28264acb8880e5cb25c0b828116c291b3af85c22d86c2702c17bc08d2ceb61a0

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Aug 2019 16:51:55 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
62636
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
LTOGQ9yL9yhE1kiy91rFzuah6POeo1n4UO6r7dHo9iM8Pam55DVnRQ==
logo.png
www.xsportshd.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsportshd.com/logo.png
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:56:31 GMT
Last-Modified
Sun, 24 Sep 2017 14:44:30 GMT
Server
nginx/1.12.2
ETag
"59c7c4ce-4a0a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18954
display.php
www.greatdexchange.com/a/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.greatdexchange.com/a/display.php?r=2552207
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:54 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
ico.jpg
xsportshd.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xsportshd.com/ico.jpg
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash
700e58551da99e1a2af45394d6b252d420379ac42174d37757941bf577915c46

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:56:32 GMT
Last-Modified
Tue, 12 Jun 2018 12:30:50 GMT
Server
nginx/1.12.2
ETag
"5b1fbcfa-2310"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8976
display.php
www.greatdexchange.com/a/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.greatdexchange.com/a/display.php?r=2552215
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
35.201.103.0 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:55 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
/
widgets.amung.us/draw/
Redirect Chain
  • http://whos.amung.us/cwidget/z15168j4ae/000000ffffff.png
  • http://widgets.amung.us/draw/?w=colored&n=339&c=000000ffffff&p=
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.amung.us/draw/?w=colored&n=339&c=000000ffffff&p=
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
2e6af623e710ea08b521d3541c82fd29e9ebabe1adde042c3126a158e8df5efe

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:55 GMT
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Content-Disposition
filename=wau-widget.png
Connection
close
Expires
Thu, 29 Aug 2019 16:51:55 GMT

Redirect headers

location
http://widgets.amung.us/draw/?w=colored&n=339&c=000000ffffff&p=
date
Wed, 28 Aug 2019 16:51:55 GMT
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
MDc4VmEfCFslXFJvUD03XW1bAjBpQG4QDX12b2MHc3JIADtcbVxwFVlTBWFSAAYKY0dAXlxrUwkRSyIAREJLa1AWXlYwDg0RTmtQHgcWZFceBx4iEVFQBWdHQENMOlwBAg5hUQEGCWdUAA8P
rappenedstoric.info/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rappenedstoric.info/MDc4VmEfCFslXFJvUD03XW1bAjBpQG4QDX12b2MHc3JIADtcbVxwFVlTBWFSAAYKY0dAXlxrUwkRSyIAREJLa1AWXlYwDg0RTmtQHgcWZFceBx4iEVFQBWdHQENMOlwBAg5hUQEGCWdUAA8P
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:55 GMT
popunder.gif
rappenedstoric.info/ 		35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rappenedstoric.info/popunder.gif
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Wed, 28 Aug 2019 16:51:55 GMT
content-encoding
gzip
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
NGM5dG8bXFoHUnkZczM7YQh6NhZlEVwDDHMqCiEcdhR3UV12KAofKxIXUBBSA1AIQlgDRUkdCwlSHwcbVRdMB1IFRVAaCVteHwJSBU0KQEEFUxdESUATWBNSBUVJABtYXghBWQNTCEVeBVYIQlc
rappenedstoric.info/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rappenedstoric.info/NGM5dG8bXFoHUnkZczM7YQh6NhZlEVwDDHMqCiEcdhR3UV12KAofKxIXUBBSA1AIQlgDRUkdCwlSHwcbVRdMB1IFRVAaCVteHwJSBU0KQEEFUxdESUATWBNSBUVJABtYXghBWQNTCEVeBVYIQlc
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:55 GMT
/
widget.streamthunder.com/ Frame DC08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.streamthunder.com/?d=1&s=1&sp=1&fs=12px&tt=none&fc=333333&tc=333333&bc=FFFFFF&bhc=F3F3F3&thc=333333&pd=10px&brc=CCCCCC&brr=2px&mr=1px&tm=333333&tmb=FFFFFF&wb=EBEBEB&bcc=FFFFFF&bsh=0px&rdb=EBEBEB&rdc=333333
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b5f7 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
widget.streamthunder.com
:scheme
https
:path
/?d=1&s=1&sp=1&fs=12px&tt=none&fc=333333&tc=333333&bc=FFFFFF&bhc=F3F3F3&thc=333333&pd=10px&brc=CCCCCC&brr=2px&mr=1px&tm=333333&tmb=FFFFFF&wb=EBEBEB&bcc=FFFFFF&bsh=0px&rdb=EBEBEB&rdc=333333
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://xsportshd.com/index-de.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://xsportshd.com/index-de.html

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dce76c5cc79f097f96288a1b8225af1af1567011115; expires=Thu, 27-Aug-20 16:51:55 GMT; path=/; domain=.streamthunder.com; HttpOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7caee6ad8cbc8-VIE
content-encoding
br
popxx.html
xsportshd.com/ Frame A710 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xsportshd.com/popxx.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash
0d9822b82330b8c63f700533c3a70a72948f53ed564b9be8b9f54c418e6f6437

Request headers

Host
xsportshd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://xsportshd.com/index-de.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://xsportshd.com/index-de.html

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:32 GMT
Content-Type
text/html
Content-Length
1160
Last-Modified
Mon, 26 Aug 2019 19:49:39 GMT
Connection
keep-alive
ETag
"5d6437d3-488"
Accept-Ranges
bytes
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:44:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4746
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
855692939
HxVHGz8lNyACJBsWAw8
dingrigoguter.pro/cWV6blAQBxkDbxBYGEglAwlHS2I3QEgoNB4KTB4nGAdJHz4WEFQNPB4QHggiHgsOQD4UEV9cFhgyFAZmElcNWxYJNCw7KUU3MgVlEwQvBhwgMxZWFRYOGS85ASM+FidFJjknBzMSIx4RIxEsKRMwBiheFjorEgUFNyM8VhgjNCs7BwUAPRY... Frame 6954 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dingrigoguter.pro/cWV6blAQBxkDbxBYGEglAwlHS2I3QEgoNB4KTB4nGAdJHz4WEFQNPB4QHggiHgsOQD4UEV9cFhgyFAZmElcNWxYJNCw7KUU3MgVlEwQvBhwgMxZWFRYOGS85ASM+FidFJjknBzMSIx4RIxEsKRMwBiheFjorEgUFNyM8VhgjNCs7BwUAPRYzPj9KFjMzHQ1fFUEGMCgEAj88PyMSKCgFCCc3EVkCIwYZKDo8MDwGGjsEPlsAKTMCS2I3NhEeMjAxCQwVCVUjIAECNiwCaCg9LwYUMzErIxgJXDAPFRY9PwlpVFc8PTseBjJdaTo2HRoaECASIgELKwg6E1wzPTwISC4pBhkSLhI/NjMkEVoVCSgyPQcWQEgsBEEnGAoVBSgsAmUAMDgrMjYhGTsIQSAMCGABLjIZBQktLFcSKSFKChcjAj4NYUAsKxloCCYSOzUyPUMlADQ3IwoVGTArKCQeNCw8EyYINAoDNCgcIShFBzs/BlRXPD06CSIiXGEmNi84Gz1VLCoCQFAJOgJFNCw6aTg2LycfEFVLLQIdMw49BRkuOTplOjEvIx8QHQIjATBDEB0/HxVHGz8lNyACJBsWAw8
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Server
54.236.210.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-210-87.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
dingrigoguter.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://xsportshd.com/index-de.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://xsportshd.com/index-de.html

Response headers

Date
Wed, 28 Aug 2019 16:51:55 GMT
Content-Type
text/html
Content-Length
1265
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
s
totandrepatrit.pro/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://totandrepatrit.pro/s?a=$UID&b=110874680957
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftotandrepatrit.pro%2Fs%3Fa%3D%24UID%26b%3D110874680957
  • https://totandrepatrit.pro/s?a=4123242139647022578&b=110874680957
43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://totandrepatrit.pro/s?a=4123242139647022578&b=110874680957
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.186 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
accept-ranges
bytes
cf-ray
50d7caf2db20dfeb-FRA
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 28 Aug 2019 16:51:57 GMT
X-Proxy-Origin
185.151.58.115; 185.151.58.115; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid
25d8df81-d59a-4baf-9a64-307542e7259e
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://totandrepatrit.pro/s?a=4123242139647022578&b=110874680957
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZTghATJgOTgPJX0rOgclNy4kBz4nZjgNJHZ6ECYKFRoZDCoaABkREQEMBClpGCM5LgZhHmI5EQULBgJgChAUOiADDC5QHhAwc1oWFyYDGABgIz0pFRovGCodAx44ITkVJCEsMQQvBTARNzgwWRYHCRIyKgIwBzkaEA01LChnPBoQCjcAFTk8FSRvKxkAcR0wJyA9H...
dingrigoguter.pro/aFBTSFYJMjAlaQltMW4jGjxubWQudWEOMgc/ Frame 7C8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dingrigoguter.pro/aFBTSFYJMjAlaQltMW4jGjxubWQudWEOMgc/ZTghATJgOTgPJX0rOgclNy4kBz4nZjgNJHZ6ECYKFRoZDCoaABkREQEMBClpGCM5LgZhHmI5EQULBgJgChAUOiADDC5QHhAwc1oWFyYDGABgIz0pFRovGCodAx44ITkVJCEsMQQvBTARNzgwWRYHCRIyKgIwBzkaEA01LChnPBoQCjcAFTk8FSRvKxkAcR0wJyA9HBAkNgoOLmgeGTIjChQ8ECk7JH0aEAIxCz8pOBEOJioKJDAFKRYCcR8pHgsLHi5oAXluLh5hPBApNyAmN1gFEAAeLmgBPxg9E2BlbywyBQ5vCWAGCxQ7AXZ6FC9hMBwbOycwHy4qKDUMEyAGYQYxOhEBCgwGZTUfBx83GjAlMAY7LCQ6ARoBBjsFAA5nMjsYGhw6FCk8OD03ER0YEQkVEAcDKDJ4AFgFYQoxOigrEA9bKBwAED45N3kfKQYQKyAtBh4fBj8kFSwQLj42Hj0qBT0BYTs3JxkMBjgQHjEMJBh4NSoGBxJzWhYCLyY6MgskESkWYzAdAwUVHhIydWEOEx8CC248Gz89OGsaGx0YLlkpFAU9XwNh
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Server
54.236.210.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-210-87.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
dingrigoguter.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://xsportshd.com/index-de.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://xsportshd.com/index-de.html

Response headers

Date
Wed, 28 Aug 2019 16:51:55 GMT
Content-Type
text/html
Content-Length
1269
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
multi
dingrigoguter.pro/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dingrigoguter.pro/multi?tid=730125&red=1&cs=a3dHdEhaQiUSel9DIkxxDkV2RHhb&abt=0&v=1.0.26.0&sm=76&k=free%20video%20streaming%20stream%20sport%20livescore%20live&sts=0&prn=0&emb=0&fs=1&ref=http%3A%2F%2Fxsportshd.com%2Findex-de.html&osr=minently.com&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_4gyT=1567011115788&crc=1
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Security
, ,
Server
54.236.210.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-210-87.compute-1.amazonaws.com
Software
/
Resource Hash
c2bbc41499bd4ca9c552965840204d0c08cee9ee688b99e219aa5459ce2bbc9d

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Aug 2019 16:51:55 GMT
content-encoding
gzip
P3P
CP="NID DSP ALL COR"
access-control-allow-origin
http://xsportshd.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
Connection
keep-alive
Content-Type
text/plain
Content-Length
1890
AnZNGDZROx4YfwZ9TQIsViBWTTQNfkVbbAJ5RVtkRD8KDH8BaRsfNlxyWl50B39aWnMBelxTcQ
rappenedstoric.info/T2trQjBgVAgxDSw+ITNUJDkqJkcoOg8pZn0vW3cJCSMpIGIhOSlkRCYPVnUDf1pZdxY/Ag9/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rappenedstoric.info/T2trQjBgVAgxDSw+ITNUJDkqJkcoOg8pZn0vW3cJCSMpIGIhOSlkRCYPVnUDf1pZdxY/Ag9/AnZNGDZROx4YfwZ9TQIsViBWTTQNfkVbbAJ5RVtkRD8KDH8BaRsfNlxyWl50B39aWnMBelxTcQ
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:55 GMT
STMwd3hmDFMERR5nXEUqDF9fMzoYWlVFSAd2AwALK2JYODEnX0BRDCBXDUBLeAUHQF45WlRKSW9ARBYMPEANQUpvWl4RF3QVRkpJZwAEWUl5HQBRDDlSV0pJb0NEAxR0AgVBT3kCAUZJfAQITg
rappenedstoric.info/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rappenedstoric.info/STMwd3hmDFMERR5nXEUqDF9fMzoYWlVFSAd2AwALK2JYODEnX0BRDCBXDUBLeAUHQF45WlRKSW9ARBYMPEANQUpvWl4RF3QVRkpJZwAEWUl5HQBRDDlSV0pJb0NEAxR0AgVBT3kCAUZJfAQITg
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/index-de.html
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:55 GMT
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3323270&@f16&@g1&@h1&@i1&@j1567011115793&@k0&@l1&@mXsportshd.com%20-%20Free%20Live%20Sport%20Streams&@n0&@ohttps%3A%2F%2Fminently.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-140418639&@b3:1567011116&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fxsportshd.com%2Findex-de.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
, ,
Server
158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561403.ip-158-69-252.net
Software
/
Resource Hash
19cf67002428891a0ac057afaf4af74350a9117ff7ec42ceb5820f1916355951

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:55 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
/
widgets.amung.us/draw/ Frame A710
Redirect Chain
  • http://whos.amung.us/cwidget/9t0v2a03dyp5/000000ffffff.png
  • http://widgets.amung.us/draw/?w=colored&n=590&c=000000ffffff&p=
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widgets.amung.us/draw/?w=colored&n=590&c=000000ffffff&p=
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/popxx.html
Protocol
HTTP/1.1
Security
, ,
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
f68c362861c4fac6644bb9ea7147d3f8c2142594a11e4518d6c89fed5761a450

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 16:51:56 GMT
Transfer-Encoding
chunked
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Content-Disposition
filename=wau-widget.png
Connection
close
Expires
Thu, 29 Aug 2019 16:51:56 GMT

Redirect headers

location
http://widgets.amung.us/draw/?w=colored&n=590&c=000000ffffff&p=
date
Wed, 28 Aug 2019 16:51:56 GMT
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
bundesliga.html
mama-hd.org/ Frame F8E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://mama-hd.org/bundesliga.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/popxx.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Host
mama-hd.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:32 GMT
Content-Type
text/html
Content-Length
588
Last-Modified
Tue, 20 Aug 2019 07:58:22 GMT
Connection
keep-alive
ETag
"5d5ba81e-24c"
Accept-Ranges
bytes
football-streaming.html
vip-league.com/ Frame DF01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://vip-league.com/football-streaming.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/popxx.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Host
vip-league.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:32 GMT
Content-Type
text/html
Content-Length
717
Last-Modified
Tue, 20 Aug 2019 07:58:43 GMT
Connection
keep-alive
ETag
"5d5ba833-2cd"
Accept-Ranges
bytes
add.html
xsportshd.com/ Frame 6A49 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xsportshd.com/add.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/popxx.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash
497fb2c528949b24e4d9898ebcaea28b99ff806b0e5729ad3b65d98f9ce8889d

Request headers

Host
xsportshd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
HstCfa3323270=1567011115793; HstCla3323270=1567011115793; HstCmu3323270=1567011115793; HstPn3323270=1; HstPt3323270=1; HstCnv3323270=1; HstCns3323270=1; c_ref_3323270=https%3A%2F%2Fminently.com%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:32 GMT
Content-Type
text/html
Content-Length
2853
Last-Modified
Thu, 22 Aug 2019 11:22:13 GMT
Connection
keep-alive
ETag
"5d5e7ae5-b25"
Accept-Ranges
bytes
pop.html
livestotal.net/ Frame 03D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://livestotal.net/pop.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/popxx.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Host
livestotal.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:32 GMT
Content-Type
text/html
Content-Length
400
Last-Modified
Sat, 24 Aug 2019 10:32:30 GMT
Connection
keep-alive
ETag
"5d61123e-190"
Accept-Ranges
bytes
b2hBN1ZAVyJEaww+E00zOy4AbgQqDgAHAAguKnIfKS8bdAU+LgMRIgYMfABlX1lzAnAfASUKZFZOMkM3Gx0yCmJdTihZMABVdQZvSR58BnhfRnMBeF9ONUc3CFVwESYbHC0KZ1pedgdnXllwAm9XUQ
rappenedstoric.info/ 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
http://rappenedstoric.info/b2hBN1ZAVyJEaww+E00zOy4AbgQqDgAHAAguKnIfKS8bdAU+LgMRIgYMfABlX1lzAnAfASUKZFZOMkM3Gx0yCmJdTihZMABVdQZvSR58BnhfRnMBeF9ONUc3CFVwESYbHC0KZ1pedgdnXllwAm9XUQ
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:56 GMT
eHA4eUlXT1sKdBkaW00YSiJaOCUXHG4VfTwoYA0tPAdtMypJIllfPREUBU56SEEKTG8IGVxEe0FWSw0oDAVLRHhPVlEXLxdNCkh+XgYFSGdIXgpPZ0hWTAkoH00JXzkMBFREeE1GD0l4SUEJT3lIRQ
rappenedstoric.info/ 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
http://rappenedstoric.info/eHA4eUlXT1sKdBkaW00YSiJaOCUXHG4VfTwoYA0tPAdtMypJIllfPREUBU56SEEKTG8IGVxEe0FWSw0oDAVLRHhPVlEXLxdNCkh+XgYFSGdIXgpPZ0hWTAkoH00JXzkMBFREeE1GD0l4SUEJT3lIRQ
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:56 GMT
truncated
/ Frame 451F 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.auskunft.de/ Frame 5AD7
Redirect Chain
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html
  • http://usd.odysseus-nua.com/zcvisitor/24eb2fcb-c9b4-11e9-996c-1206c319a1c8?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698&__id__=d3ec2b00-5008-11e7-a36d-0e06c6fba698
  • https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 16:51:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
AUSKUNFT_SESSION=2nlhm7i449rppkkon6uq2h0pus; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=2592000
content-encoding
gzip

Redirect headers

Date
Wed, 28 Aug 2019 16:51:56 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24eb2fcbc9b411e9996c1206c319a1c84160a2d21b45485f9c22c1e1b172a3d004081689c82da904fa
Server
ZeroPark-Traffic
/
www.maccleaner.space/recommended/ Frame D1AA
Redirect Chain
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html
  • http://usd.india-abc.com/zcvisitor/24e7864f-c9b4-11e9-8a14-1230266a9556?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dsierra-bal-UDZlT...
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=sierra-bal-UDZlTdCE&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserv...
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
HTTP/1.1
Server
95.179.146.120 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
95.179.146.120.vultr.com
Software
LiteSpeed /
Resource Hash

Request headers

Host
www.maccleaner.space
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
538
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 28 Aug 2019 16:52:03 GMT
Server
LiteSpeed
Connection
Keep-Alive

Redirect headers

Date
Wed, 28 Aug 2019 16:52:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=9pwZtfZjkcOo7KLhxA5Bpq4Gk/YNmIILMDKcpE/PLGH+jVDeA2hPAlUEKlz2abGZbFQS/XwjiJ8CMQ7Saz1LU/LJbsxawEsPINeD5GFYOpPrguVv+rym1nplJUfj; Expires=Wed, 04 Sep 2019 16:52:01 GMT; Path=/ requester_id=1166755326235389955;Path=/;Expires=Sat, 25-Aug-2029 16:52:01 GMT;Max-Age=315360000 last_click_5pw6zp=1567011121697;Path=/;Expires=Fri, 30-Aug-2019 16:52:01 GMT;Max-Age=172800
Server
nginx/1.14.2
X-Application-Context
application:default,prod:2243
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
X-Node-Id
227
Location
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=sierra-bal-UDZlTdCE&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
X-Proxy-Cache
MISS
trnt-rocket
cyberprivacy.pro/en_US/ Frame 998B
Redirect Chain
  • http://witalfieldt.com/redirect?tid=730126&&ref=xsportshd.com/tennis-live-streaming-video.html
  • http://xml.realtime-bid.com/click?i=B91zeoFu12A_0
  • https://witalfieldt.com/redirect?tid=751245&ref=
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=73195269417767045&aff_sub2=751245
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:417f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cyberprivacy.pro
:scheme
https
:path
/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df95169844ef38520f9404f66e791c1241567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cyberprivacy.pro; HttpOnly CGLP_lang=s%3Aen_US.B7TOQtt%2BjnlDEzeCDUIf6Jde1e5FBjbJBra535yQkdk; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly CGLP_TRACKINGID=s%3A9723028835943357.SnklhoN%2Bi58ww8BPg3b2e60JrY8L%2F3p%2F9RzGQgW8nSc; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly
x-robots-tag
noindex, nofollow
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafc59588caa-VIE
content-encoding
br

Redirect headers

status
302
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4c2c6fd65cb7f568a3702bc70517ffd71567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cybertool.co; HttpOnly offer_type=CPP; Max-Age=15; Path=/; Expires=Wed, 28 Aug 2019 16:52:12 GMT
location
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=73195269417767045&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
vary
Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafa6d33cbc4-VIE
/
www.auskunft.de/ Frame 9868
Redirect Chain
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com
  • http://usd.odysseus-nua.com/zcvisitor/24e78642-c9b4-11e9-8bff-12afbac49a8c?campaignid=d3ec2b00-5008-11e7-a36d-0e06c6fba698&__id__=d3ec2b00-5008-11e7-a36d-0e06c6fba698
  • https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.46.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.46.201.195.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
www.auskunft.de
:scheme
https
:path
/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 16:51:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
AUSKUNFT_SESSION=e4j112s7l2bj3nbrl5ja8b3e4k; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=2592000
content-encoding
gzip

Redirect headers

Date
Wed, 28 Aug 2019 16:51:56 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location
https://www.auskunft.de/?rt=y&utm_source=zpp&c=zr24e78642c9b411e98bff12afbac49a8cc804406c206c4be1b05b2bb918b61c610408163eaf04cbd58a
Server
ZeroPark-Traffic
index.html
campaigns.casumo.com/book-of-dead-de/ Frame 5443
Redirect Chain
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com/football-live-streaming.html
  • http://xml.realtime-bid.com/click?i=km1ao3kov8M_0
  • https://ads.casumoaffiliates.com/redirect.aspx?pid=1159029&bid=7949&AFFID=Casumodesk_64582_682790
  • https://campaigns.casumo.com/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.casumo.com/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.236.192 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash

Request headers

:method
GET
:authority
campaigns.casumo.com
:scheme
https
:path
/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:56 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=900, immutable
content-md5
s1GUAOyWQgPTNxsr5ifE8Q==
last-modified
Tue, 14 May 2019 10:23:25 GMT
etag
W/"0x8D6D856330D6C97"
x-ms-request-id
bba4a2a8-601e-0042-5ec0-5deaa7000000
x-ms-version
2014-02-14
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
access-control-allow-origin
*
server
NetDNA-cache/2.2
x-cache
HIT
content-encoding
gzip

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
https://campaigns.casumo.com/book-of-dead-de/index.html?btag=656576_B22C317075784F91841162720297332E&AFFID=Casumodesk_64582_682790&affid=656576&bid=7949&pid=1159029
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a1159029%2c%22BID%22%3a7949%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1567011116656)%5c%2f%22%2c%22CookieTag%22%3a%22794911590295187621941C20198281751%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22183895563%7c1%22%7d%5d; expires=Fri, 28-Aug-3018 16:51:56 GMT; path=/ visid_incap_2106431=0Xdn/hZIR/2XLIzD8TBdUyyxZl0AAAAAQUIPAAAAAABhGQFlYOzvqt7NyFnKicPA; expires=Thu, 27 Aug 2020 14:10:42 GMT; path=/; Domain=.casumoaffiliates.com incap_ses_728_2106431=BKy2af6BDSs/hcWxJGEaCiyxZl0AAAAAyThf/dVQ27m7ed1+/R0pCw==; path=/; Domain=.casumoaffiliates.com ___utmvmXyuLZwLZ=LnaiEwKArjN; path=/; Max-Age=900 ___utmvaXyuLZwLZ=SBsRDcL; path=/; Max-Age=900 ___utmvbXyuLZwLZ=rZm XlmOQalb: YtF; path=/; Max-Age=900
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Wed, 28 Aug 2019 16:51:56 GMT
Connection
close
Content-Length
0
X-Iinfo
4-1279605-1279608 NNNN CT(0 0 0) RT(1567011116382 19) q(0 0 0 1) r(0 0) U11
X-CDN
Incapsula
trnt-rocket
cyberprivacy.pro/en_US/ Frame 61BD
Redirect Chain
  • http://witalfieldt.com/redirect?tid=682790&&ref=xsportshd.com/football-live-streaming.html
  • http://xml.realtime-bid.com/click?i=3t5enQcRIkk_0
  • https://witalfieldt.com/redirect?tid=751245&ref=
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=5265552259346533947&aff_sub2=751245
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:417f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cyberprivacy.pro
:scheme
https
:path
/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df95169844ef38520f9404f66e791c1241567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cyberprivacy.pro; HttpOnly CGLP_lang=s%3Aen_US.B7TOQtt%2BjnlDEzeCDUIf6Jde1e5FBjbJBra535yQkdk; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly CGLP_TRACKINGID=s%3A23673aa0406a3189.CiPouMiowClbJLIy9XtbB%2FgYTajvtceo623NP%2BT3M7A; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly
x-robots-tag
noindex, nofollow
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafc59598caa-VIE
content-encoding
br

Redirect headers

status
302
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4c2c6fd65cb7f568a3702bc70517ffd71567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cybertool.co; HttpOnly offer_type=CPP; Max-Age=15; Path=/; Expires=Wed, 28 Aug 2019 16:52:12 GMT
location
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=5265552259346533947&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
vary
Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafa6d35cbc4-VIE
link.html
feed4u.eu/ Frame 8F09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://feed4u.eu/link.html
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
HTTP/1.1
Server
173.198.254.82 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US),
Reverse DNS
173-198-254-82.static.as40244.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Host
feed4u.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.12.2
Date
Wed, 28 Aug 2019 16:56:33 GMT
Content-Type
text/html
Content-Length
1293
Last-Modified
Sun, 02 Jun 2019 11:27:06 GMT
Connection
keep-alive
ETag
"5cf3b28a-50d"
Accept-Ranges
bytes
trnt-rocket
cyberprivacy.pro/en_US/ Frame 8879
Redirect Chain
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com/other-live-streaming.html
  • http://xml.realtime-bid.com/click?i=uFRLujUlsZU_0
  • https://witalfieldt.com/redirect?tid=751245&ref=
  • https://cybertool.co/mav_zone_k7demqbik.html?aff_sub=1270542051888097942&aff_sub2=751245
  • https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:417f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cyberprivacy.pro
:scheme
https
:path
/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df95169844ef38520f9404f66e791c1241567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cyberprivacy.pro; HttpOnly CGLP_lang=s%3Aen_US.B7TOQtt%2BjnlDEzeCDUIf6Jde1e5FBjbJBra535yQkdk; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly CGLP_TRACKINGID=s%3A636a080308160445.9%2B%2BDTII2K3s4Dvpvi7QqAlqfkiGQl1dqvzCPaMQXcdI; Max-Age=2592000; Domain=.cyberghostvpn.com; Path=/; Expires=Fri, 27 Sep 2019 16:51:57 GMT; HttpOnly
x-robots-tag
noindex, nofollow
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafc49578caa-VIE
content-encoding
br

Redirect headers

status
302
date
Wed, 28 Aug 2019 16:51:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4c2c6fd65cb7f568a3702bc70517ffd71567011117; expires=Thu, 27-Aug-20 16:51:57 GMT; path=/; domain=.cybertool.co; HttpOnly offer_type=CPP; Max-Age=15; Path=/; Expires=Wed, 28 Aug 2019 16:52:12 GMT
location
https://cyberprivacy.pro/en_US/trnt-rocket?aff_id=1272&coupon=3yEuDo&source=zonetelechargement1&aff_sub4=3yEuDo&aff_sub=1270542051888097942&aff_sub2=751245&utm_medium=affiliate&utm_source=1272
vary
Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50d7cafa6d36cbc4-VIE
/
www.maccleaner.space/recommended/ Frame 01BD
Redirect Chain
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com
  • http://usd.india-abc.com/zcvisitor/251ec2ed-c9b4-11e9-996c-1206c319a1c8?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dzulu-log-JkW3v1k...
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=zulu-log-JkW3v1ki&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserver...
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
HTTP/1.1
Server
95.179.146.120 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
95.179.146.120.vultr.com
Software
LiteSpeed /
Resource Hash

Request headers

Host
www.maccleaner.space
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
538
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 28 Aug 2019 16:52:03 GMT
Server
LiteSpeed
Connection
Keep-Alive

Redirect headers

Date
Wed, 28 Aug 2019 16:52:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=wSaAXt/GMcnOhUo0PoZx/Xio/rr3ikg9G9e9FJ+jhy6qeR+wFcMSit5lmdyU4+VECFaW9BP3rn+hSQGdAmbLzFAoYrZ8O7P06wCvBNJRaHa4p2y/F9FOzi2EF6Sh; Expires=Wed, 04 Sep 2019 16:52:02 GMT; Path=/ last_click_5pw6zp=1567011122004;Path=/;Expires=Fri, 30-Aug-2019 16:52:02 GMT;Max-Age=172800
Server
nginx/1.14.2
X-Application-Context
application:default,prod:2243
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
X-Node-Id
227
Location
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
X-Proxy-Cache
MISS
/
www.maccleaner.space/recommended/ Frame DE2A
Redirect Chain
  • http://witalfieldt.com/redirect?tid=731474&&ref=xsportshd.com
  • http://usd.india-abc.com/zcvisitor/2523cbf7-c9b4-11e9-8a14-1230266a9556?campaignid=e9959de0-d6c8-11e8-802f-0e41d0acbc1a&__id__=e9959de0-d6c8-11e8-802f-0e41d0acbc1a
  • http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-shield-guard.live%2Fredirect%2F%3Fip%3D185.151.58.115%26campid%3D195fb0be-b5a3-4a3f-a106-eca1728009ff%26zn%3Dzulu-log-JkW3v1k...
  • http://www.apple.com-shield-guard.live/redirect/?ip=185.151.58.115&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&zn=zulu-log-JkW3v1ki&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&browser=Chrome&browserver...
  • http://smarturl.it/maccleaner?campid=195fb0be-b5a3-4a3f-a106-eca1728009ff&sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki
  • http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
Requested by
Host: xsportshd.com
URL: http://xsportshd.com/add.html
Protocol
HTTP/1.1
Server
95.179.146.120 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
95.179.146.120.vultr.com
Software
LiteSpeed /
Resource Hash

Request headers

Host
www.maccleaner.space
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Content-Length
538
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 28 Aug 2019 16:52:03 GMT
Server
LiteSpeed
Connection
Keep-Alive

Redirect headers

Date
Wed, 28 Aug 2019 16:52:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=WCzo66JJwidLqzqqxTsdFX/Jp/aopAKF+QXthcu184bXm8jJsx/Zfz8ZjfQzlhO0pxw/3Yjmc+TyC9rqZ+V2NOiQY+ykLYTDtsrxp2q8a5jqEyZwM4KmrpoUXJYJ; Expires=Wed, 04 Sep 2019 16:52:02 GMT; Path=/ last_click_5pw6zp=1567011122041;Path=/;Expires=Fri, 30-Aug-2019 16:52:02 GMT;Max-Age=172800
Server
nginx/1.14.2
X-Application-Context
application:default,prod:2243
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
X-Node-Id
227
Location
http://www.maccleaner.space/recommended/?sc=f1be0f9b-24b9-4ef6-b115-1b6525e2d391&zn=zulu-log-JkW3v1ki&campid=195fb0be-b5a3-4a3f-a106-eca1728009ff
X-Proxy-Cache
MISS
bEBAUSw+HVsLemxUEAVzdkFSFnNoXFYeNigTAQVzfgISTC5lQ1MOdWhDVwlzbkNTDg
rappenedstoric.info/ZjhCWHJJByErTzdvLhMhIGo1ADEBTRg2JAJ0cRkKAm4qIT4Lajp+Bg9cf29BVw51b1QWUSZlQ0BLNjkGE0t/ 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
http://rappenedstoric.info/ZjhCWHJJByErTzdvLhMhIGo1ADEBTRg2JAJ0cRkKAm4qIT4Lajp+Bg9cf29BVw51b1QWUSZlQ0BLNjkGE0t/bEBAUSw+HVsLemxUEAVzdkFSFnNoXFYeNigTAQVzfgISTC5lQ1MOdWhDVwlzbkNTDg
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
HTTP/1.1
Security
, ,
Server
54.88.100.214 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-88-100-214.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 28 Aug 2019 16:51:56 GMT
p
totandrepatrit.pro/ 		26 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://totandrepatrit.pro/p?b=110874680957&c=28788171
Requested by
Host: doo6pwib3qngu.cloudfront.net
URL: http://doo6pwib3qngu.cloudfront.net/?wpood=730125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.186 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c169fdefd1dbc4b505e9fe23646ba5d26bba2f99e65934832d61991acda0ff3

Request headers

Sec-Fetch-Mode
cors
Referer
http://xsportshd.com/index-de.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 16:51:57 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
50d7cafe5a53d6b5-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps.popcash.net
URL
http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903&

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Fingerprint2 number| _1743672300 number| _4136143924 function| vwu object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

1 Cookies

Domain/Path Name / Value
de.777.com/ Name: TS01835a0d
Value: 01681f908e2cd76adeffd22d4bdf5a7dba7c1ce55aa4670ae4e7e96a66906a7f5b7eb33b8c2fc5f20c2fef49e37ffbed8d7c4bc342

1 Console Messages

Source Level URL
Text
console-api log URL: https://incident-prevention.com/media/jui/js/jquery-migrate.min.js?17eb2dd02a6e10c0e710977a81b47b9a(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.casumoaffiliates.com
adservice.google.com
adservice.google.de
app1930.tutonhamon4.live
best.prizedeal0819.info
campaigns.casumo.com
cdn.coverstand.com
cyberprivacy.pro
cybertool.co
dingrigoguter.pro
doo6pwib3qngu.cloudfront.net
feed4u.eu
gadddem.gq
googleads.g.doubleclick.net
incident-prevention.com
livestotal.net
mama-hd.org
minently.com
pagead2.googlesyndication.com
player.vimeo.com
ps.popcash.net
quahotluon.com
rappenedstoric.info
realcenter-mobileapps2.com
rolwithred.space
s10.histats.com
s4.histats.com
secure.adnxs.com
smarturl.it
static.olark.com
stats.g.doubleclick.net
totandrepatrit.pro
tracking.marketing
up.trkgenius.com
usd.india-abc.com
usd.odysseus-nua.com
vip-league.com
whos.amung.us
widget.streamthunder.com
widgets.amung.us
witalfieldt.com
www.apple.com-shield-guard.live
www.auskunft.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.greatdexchange.com
www.maccleaner.space
www.xsportshd.com
xml.realtime-bid.com
xsportshd.com
ps.popcash.net
104.18.19.186
107.154.251.88
107.6.174.196
151.101.12.217
151.139.236.192
158.69.252.241
173.198.254.82
18.195.174.160
18.235.129.249
185.225.208.133
185.33.223.200
185.50.248.98
195.201.46.48
198.134.116.30
209.197.3.42
213.227.130.45
23.20.57.65
2600:9000:2057:e200:d:bb42:1380:21
2606:4700:30::6818:6048
2606:4700:30::681b:a560
2606:4700:30::681b:b5f7
2606:4700:30::681c:1765
2606:4700:30::681f:417f
2a00:1450:4001:814::200e
2a00:1450:4001:818::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2003
2a00:1450:400c:c00::9c
34.225.98.159
35.175.21.193
35.201.103.0
46.105.201.240
5.189.252.12
52.0.152.125
54.236.210.87
54.88.100.214
67.202.94.94
78.140.221.180
92.63.192.131
93.184.220.42
95.179.146.120
99.198.108.198
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c2bc32208db9bd0a6f1685671ec17f5a92fdd7df0465f4b74b5a1d4db1a2e82
0c3adfad690aa02a4a5c67f5eade359a20c2315f1374aa04c6ef0ac3ec78d226
0d9822b82330b8c63f700533c3a70a72948f53ed564b9be8b9f54c418e6f6437
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea
0fb2d21f30444991d7fb2df4410136bceaf64b420e47fd4c10f8db8b0550c730
15181b10b9cc838d6895d4a7ec1dd16897b22a763800f4cd5d2ace5084c5ab2a
19cf67002428891a0ac057afaf4af74350a9117ff7ec42ceb5820f1916355951
1c1cac696f00668e0e97d35928fc5ce136e2bab8992fb697f77ecaf888e9332f
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
253d59b2bfd332120e3ab08ab6e56c97c5b65722f35a5ae8f10171aa39fe98b4
276906aa6ce0c84493abe052435ddb1dd13c29260a70b2ea93da17cec2dd8152
28264acb8880e5cb25c0b828116c291b3af85c22d86c2702c17bc08d2ceb61a0
295aa5529401acf528980bb2419f31c082c03e6ef7fbac2aab5aa06488aad2aa
2c169fdefd1dbc4b505e9fe23646ba5d26bba2f99e65934832d61991acda0ff3
2cb49ec67bafcc1fe7622f5e9ca5d7d021faf92e3b55b97cd5f8239f8f60aecb
2e6af623e710ea08b521d3541c82fd29e9ebabe1adde042c3126a158e8df5efe
30da2bff9b5cb0f94b04c9c21ec607dfb1b46cf706802a093185036b333f89e6
34a1f9976fe0698e932d7a54ca8d24b7bc991d8f9800cf21b9799164ea88186c
3a79dd64f8bba6eeeec2361ae6c76e9433759e3c64c5d6034469ee29f6f19160
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
497fb2c528949b24e4d9898ebcaea28b99ff806b0e5729ad3b65d98f9ce8889d
4a938ea209d1ee5ff1cadc6896a3fe3e0c8163913712e8672d96e9bfa4e87f0c
4ae142f4b4369126d69ab4f3462143ed1f0f2c462a2bdcad52aacf98c9f21830
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
6ecfc757dff20b095a76f9ce8a4391d29d215bb945b47d250e3804aa345ee37d
700e58551da99e1a2af45394d6b252d420379ac42174d37757941bf577915c46
712113e733ea381a810c1ffdb0a2315d7189b8f7be6e33e8b04d09eeb88a605a
77dcfa1e3d3efb6f238cc960d2f965c24e2126952ae6539c56b9e7675ec8369a
7819a2765bb6f1a2fc51383035437196d7827da0d5dc5262ceefb733e41175f5
78ede460194c9b189b7b6b1219b94a07fed611173b69fa1795763870ffd91286
7a0cfd07061ec426b14b14e9d771eabe3c5ca4f67a94f728ce24138d8e9e3e21
7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
7f120e3bbb65e999c5bb8492ec326934e9d8578b9134ad2c97713b8570867df8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844a36c2c43704c5ae846d0f52093463bc6e84d547d04528eefb6313129e570f
8556b54b80bcfc636e01fc6df6c8bf37b7789c1c51bf104b2bed99bede48cba2
8b5e6317541f31352c8e7949c9d1d62dfd3d469d7aac30e3758ac9b4c2f3e0b1
96be0dfcf59c986c519e4d6cf1388b62cb38c8e1999513d5052fe36b285a947e
9899025ea5718fc42e7de8f536d1997660c987a3330faee85f11f0472620906c
9d92d30c33315eedb82bfe3411ce6143e621030a7d0f1ec3460071d24171f5bc
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6
aad24581280e73d999148da506dad05798b7d846876cb5009145b0a4d630f0c2
b9cedfdc33e9ff45a2a400c06dc28b32cd5eab5e50488b1650ba44ea8fc3c83e
b9e1a595ce4e0741a9544110493ef371e71668867c8f685216ab4c03f555f1bd
c2bbc41499bd4ca9c552965840204d0c08cee9ee688b99e219aa5459ce2bbc9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
d69064f9d472279ad64fef86f9cfe6d061608010d8d8aa04cf874568c4186416
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb815c0a9dc0c022eebbaab88f1413f0ab1a49013a63b901ac6483fdd1dc3fcd
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
ed6833028e487d2a4020343442a17eef5b54a931dda1cc4d2fad7c395f477e24
ee829bc5fcbb990ddcccda36dee631692a2401be69865dee9c68a7c745699927
ef184624ec8084ef9f3e3a3159b37e847417d50de3aae2561d7335a5766d04d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68c362861c4fac6644bb9ea7147d3f8c2142594a11e4518d6c89fed5761a450
fe00ff7ca43fa04f0cdd62cb9f8b8501a7091243da32c4a4ca183bc127a580d3