208.100.26.92 Open in urlscan Pro
208.100.26.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://208.100.26.92/
Effective URL:
https://208.100.26.92/welcome/lp16/cr64a.cfm
Submission: On May 11 via manual (May 11th 2017, 8:06:03 pm UTC) from US

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 70 HTTP transactions. The main IP is 208.100.26.92, located in Chicago, United States and belongs to STEADFAST - Steadfast, US. The main domain is 208.100.26.92.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 25th 2014. Valid for: 3 years.

This is the only time 208.100.26.92 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	208.100.26.92 208.100.26.92	32748 (STEADFAST) (STEADFAST - Steadfast)
1	95.101.241.136 95.101.241.136	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	94.31.29.55 94.31.29.55	6461 (ZAYO-6461) (ZAYO-6461 - Zayo Bandwidth Inc)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.16.22.35 104.16.22.35	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:400e:802::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:400e:802::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.16.27.235 104.16.27.235	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
3	2a00:1450:401... 2a00:1450:401b:803::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	151.101.12.65 151.101.12.65	54113 (FASTLY) (FASTLY - Fastly)
1	172.217.20.66 172.217.20.66	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	46.51.169.47 46.51.169.47	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.23.243.116 23.23.243.116	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	198.47.127.15 198.47.127.15	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	62.67.193.85 62.67.193.85	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	54.217.219.154 54.217.219.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2400:cb00:204... 2400:cb00:2048:1::6814:b609	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	107.22.197.50 107.22.197.50	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
70	25

17 208.100.26.92 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip92.208-100-26.static.steadfastdns.net

208.100.26.92	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.241.136 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-241-136.deploy.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.55 (United Kingdom)

ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US)
PTR: 94.31.29.55.IPYX-077437-ZYO.above.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.22.35 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:802::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.27.235 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

m.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:401b:803::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.65 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: ams15s33-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.169.47 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-169-47.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.243.116 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-243-116.compute-1.amazonaws.com

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.15 (Redwood City, United States)

ASN3257 (GTT-BACKBONE GTT, DE)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.219.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-219-154.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.202 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6814:b609 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.197.50 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-22-197-50.compute-1.amazonaws.com

hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	prfct.co pixel-geo.prfct.co pixel.prfct.co	231 B
3	google.de www.google.de	153 B
3	facebook.net connect.facebook.net	69 KB
2	inspectlet.com cdn.inspectlet.com hn.inspectlet.com	65 KB
2	google-analytics.com www.google-analytics.com	12 KB
2	facebook.com www.facebook.com staticxx.facebook.com Failed	110 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	61 KB
1	adnxs.com secure.adnxs.com
1	rubiconproject.com pixel.rubiconproject.com	42 B
1	pubmatic.com image2.pubmatic.com	42 B
1	openx.net us-u.openx.net	43 B
1	yahoo.com ads.yahoo.com
1	twitter.com analytics.twitter.com	92 B
1	googleadservices.com www.googleadservices.com	4 KB
1	marinsm.com tag.marinsm.com	3 KB
1	addthisedge.com m.addthisedge.com	47 B
1	googletagmanager.com www.googletagmanager.com	17 KB
1	addthis.com s7.addthis.com	110 KB
1	optimizely.com cdn.optimizely.com	63 KB
0	Failed function sub() { [native code] }. Failed
70	20

	Domain	Requested by
3	pixel-geo.prfct.co	208.100.26.92
3	www.google.de	208.100.26.92
3	connect.facebook.net	208.100.26.92 connect.facebook.net
2	www.google-analytics.com	208.100.26.92
2	www.facebook.com	208.100.26.92
2	maxcdn.bootstrapcdn.com	208.100.26.92
1	hn.inspectlet.com	cdn.inspectlet.com
1	cdn.inspectlet.com	208.100.26.92
1	secure.adnxs.com	208.100.26.92
1	pixel.rubiconproject.com	208.100.26.92
1	image2.pubmatic.com	208.100.26.92
1	us-u.openx.net	208.100.26.92
1	ads.yahoo.com	208.100.26.92
1	analytics.twitter.com	208.100.26.92
1	pixel.prfct.co	208.100.26.92
1	www.googleadservices.com	www.googletagmanager.com
1	tag.marinsm.com	www.googletagmanager.com
1	m.addthisedge.com	s7.addthis.com
1	www.googletagmanager.com	208.100.26.92
1	s7.addthis.com	208.100.26.92
1	cdn.optimizely.com	208.100.26.92
0	staticxx.facebook.com Failed	connect.facebook.net
0	100.26.0.92 Failed	208.100.26.92
70	23

This site contains no links.

Subject Issuer	Validity	Valid
*.igive.com Go Daddy Secure Certificate Authority - G2	`2014-08-25` - `2017-10-08`	3 years	crt.sh
*.optimizely.com Symantec Class 3 Secure Server CA - G4	`2016-11-11` - `2017-11-11`	a year	crt.sh
*.bootstrapcdn.com RapidSSL SHA256 CA	`2016-10-13` - `2017-10-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.addthis.com DigiCert SHA2 Secure Server CA	`2014-10-09` - `2018-02-14`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.addthisedge.com DigiCert SHA2 Secure Server CA	`2014-08-22` - `2017-11-29`	3 years	crt.sh
www.google.de Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-04-13` - `2017-12-21`	8 months	crt.sh
www.googleadservices.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2016-09-09` - `2019-09-26`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
ad.yieldmanager.com Symantec Class 3 Secure Server CA - G4	`2015-08-20` - `2017-08-19`	2 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2014-09-29` - `2017-06-07`	3 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
ssl511215.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-02-24` - `2017-12-16`	10 months	crt.sh
*.inspectlet.com RapidSSL SHA256 CA	`2016-10-12` - `2017-10-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://208.100.26.92/welcome/lp16/cr64a.cfm
Frame ID: 10586.1
Requests: 68 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com%2Figive&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21
Frame ID: 10586.3
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/JtmcTFxyLye.js?version=42
Frame ID: 10586.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

70
Requests

43 %
HTTPS

33 %
IPv6

20
Domains

23
Subdomains

25
IPs

4
Countries

903 kB
Transfer

1609 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 49

https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354&slf_rd=1&random=1982816639

Request 54

https://www.google.com/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
https://www.google.de/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...

Request 55

https://www.google.com/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
https://www.google.de/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...

Request 57

https://pixel-geo.prfct.co/tagjs?a_id=51592&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=51592&source=js_tag

Request 58

https://cs.marinsm.com/mrin
https://pixel.prfct.co/cb?partnerId=mrin

Request 59

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_27YYAo7lftzfuQCyT

Request 60

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_27YYAo7lftzfuQCyT%26sigv%3D1%26esig%3D2%7E398428d75320154581df99ff7fb8478...

Request 61

https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_27YYAo7lftzfuQCyT
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_27YYAo7lftzfuQCyT

Request 62

https://pixel-geo.prfct.co/cs/?partnerId=pub
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNDMmdGw9MTI5NjAw&piggybackCookie=uid:pa_27YYAo7lftzfuQCyT

Request 63

https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT

Request 64

https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfMjdZWUFvN2xmdHpmdVFDeVQ
https://pixel-geo.prfct.co/cb?partnerId=goo

Request 66

https://secure.adnxs.com/seg?t=2&add=3460836
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D3460836

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set cr64a.cfm Show response
208.100.26.92/welcome/lp16/
Redirect Chain

https://208.100.26.92/welcome/index.cfm
https://208.100.26.92/welcome/lp16/cr64a.cfm

69 KB
69 KB

321ms
320ms

Document
text/html

208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: b615abc6c4aba7b597ecdeedef8406a2ccae63ef65b1d636410055e41cb49b44

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Cookie: CFID=11539631; CFTOKEN=b69308dc06bf3c4b-BB283433-C466-C5BB-028DC631A327757F; CFGLOBALS=urltoken%3DCFID%23%3D11539631%26CFTOKEN%23%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23lastvisit%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23cftoken%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23cfid%3D11539631%23
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:19 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: CAMETOIGIVEFIRST=%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D; Domain=.igive.com; Expires=Thu, 18-May-2017 20:05:19 GMT; Path=/ CFGLOBALS=urltoken%3DCFID%23%3D11539631%26CFTOKEN%23%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23lastvisit%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23hitcount%3D3%23timecreated%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23cftoken%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23cfid%3D11539631%23; Expires=Sat, 04-May-2047 20:05:19 GMT; Path=/; HttpOnly
Content-Length: 70533
Content-Type: text/html;charset=UTF-8

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:19 GMT
Server: Microsoft-IIS/8.5
Content-Type: text/html;charset=UTF-8
Location: /welcome/lp16/cr64a.cfm
Cache-Control: no-cache
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D11539631%26CFTOKEN%23%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23lastvisit%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23hitcount%3D2%23timecreated%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23cftoken%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23cfid%3D11539631%23; Expires=Sat, 04-May-2047 20:05:19 GMT; Path=/; HttpOnly
Content-Length: 717

GET
H2 200 796920252.js Show response
cdn.optimizely.com/js/ 178 KB
63 KB 266ms
226ms Script
text/javascript 95.101.241.136
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/796920252.js
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.241.136 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-241-136.deploy.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cad241a2e05e7e9d0723b74d70ad5b2b67cacf9339f8ff892d4fa9e4e9b91a75

Request headers

:path: /js/796920252.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: cdn.optimizely.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id: KpXswbejRz2utWexisxRqnRfdyq6qKSN
content-encoding: gzip
etag: "fbeb33e9ed252df741e6f1a767ed5ad3"
x-amz-request-id: 2DC1D2F85B6470AF
status: 200
vary: Accept-Encoding
content-length: 64115
x-amz-id-2: hI7opHY9iT9zsF2NQXtdVlvKx3TIZ0RXiPdnp68zGsk/D/qlbUuUmFh1uQ88dmAdQhM8o3E5e28=
last-modified: Thu, 04 May 2017 17:59:15 GMT
server: AmazonS3
date: Thu, 11 May 2017 20:05:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=126
x-amz-meta-revision: 968
set-cookie: cdn=https%3a%2f%2fakamai%3adsd%40cdn.optimizely.com%2fjs%2f796920252.js; path=/; domain=.optimizely.com
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 29ms
6ms Stylesheet
text/css 94.31.29.55
Zayo Bandwidth Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.55 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US),
Reverse DNS: 94.31.29.55.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

:path: /font-awesome/4.3.0/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: maxcdn.bootstrapcdn.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 20:05:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Jan 2015 19:53:38 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"04425bbdc6243fc6e54bf8984fe50330"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
expires: Sun, 06 May 2018 20:05:18 GMT

GET
H/1.1 200
OK style3.css
208.100.26.92/welcome/lp16/css/ 26 KB
26 KB 747ms
329ms Stylesheet
text/css 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: ca607a355fd02f82a5ec74f282225b1b3bf9ff46051f47c986003410e5edda67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: CFID=11539631; CFTOKEN=b69308dc06bf3c4b-BB283433-C466-C5BB-028DC631A327757F; CFGLOBALS=urltoken%3DCFID%23%3D11539631%26CFTOKEN%23%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23lastvisit%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23hitcount%3D3%23timecreated%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23cftoken%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23cfid%3D11539631%23
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:20 GMT
Last-Modified: Thu, 28 Jul 2016 21:56:43 GMT
Server: Microsoft-IIS/8.5
ETag: "14ffa2ed1ae9d11:0"
Content-Type: text/css
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 26505

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 196 KB
60 KB 29ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ced37fcda72bd7e0f2ed2522d3924ef2991c6a43ae16dca8d21f909cec0ff278

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /en_US/all.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eAaGX++r90eEVcskJLmMKQ==
status: 200
content-length: 61138
x-xss-protection: 0
x-fb-debug: FLcrl7yGnGYZQkmhLuj9xwVhsh3/ifMsCuqQFVFf6RtZU0GW174lmDG46cGwC8dNltR+WIPgjMd4+A0RX0JrbQ==
x-fb-content-md5: ce2c3c5f331c317b0c4697a1f8b26605
x-frame-options: DENY
date: Thu, 11 May 2017 20:05:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a7793603ea10fa06ba0772d5b654bb2b"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Thu, 11 May 2017 20:21:52 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/152/ 344 KB
110 KB 57ms
34ms Script
text/javascript 104.16.22.35
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/152/addthis_widget.js
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.22.35 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: a5a2e1815cffa7f06c9aa68e21e3c0a43433ca18a1f526a3fd604dcffca5907b

Request headers

:path: /js/152/addthis_widget.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: s7.addthis.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 May 2017 20:05:18 GMT
content-encoding: gzip
surrogate-key: client_dist
last-modified: Thu, 04 May 2017 15:03:21 GMT
server: cloudflare-nginx
etag: "5617e-54eb412db6040"
vary: Accept-Encoding
x-distribution: 99
content-type: text/javascript
status: 200
cache-control: public, no-check, max-age=600
x-host: s7.addthis.com
cf-ray: 35d7c096c8b62786-FRA
cf-cache-status: HIT

GET functions.js
100.26.0.92/welcome/dir_scripts/ 0
0

GET
H/1.1 200
OK retina.js Show response
208.100.26.92/welcome/lp16/js/ 1 KB
1 KB 557ms
136ms Script
application/javascript 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://208.100.26.92/welcome/lp16/js/retina.js
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: CFID=11539631; CFTOKEN=b69308dc06bf3c4b-BB283433-C466-C5BB-028DC631A327757F; CFGLOBALS=urltoken%3DCFID%23%3D11539631%26CFTOKEN%23%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23lastvisit%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23hitcount%3D3%23timecreated%3D%7Bts%20%272017%2D05%2D11%2015%3A05%3A19%27%7D%23cftoken%3Db69308dc06bf3c4b%2DBB283433%2DC466%2DC5BB%2D028DC631A327757F%23cfid%3D11539631%23
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:20 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:12 GMT
Server: Microsoft-IIS/8.5
ETag: "0acfeaa83acf1:0"
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1326

GET jquery-ui-1.10.4.custom.css
100.26.0.92/res/js/jquery-ui-1.10.4.custom/css/bluedialog/ 0
0

GET jquery.selectbox.css
100.26.0.92/res/js/selectbox/css/ 0
0

GET jquery-1.10.2.js
100.26.0.92/res/js/jquery-ui-1.10.4.custom/js/ 0
0

GET jquery-ui-1.10.4.custom.min.js
100.26.0.92/res/js/jquery-ui-1.10.4.custom/js/ 0
0

GET jquery.selectbox-0.2.js
100.26.0.92/res/js/selectbox/js/ 0
0

GET logo.png
100.26.0.92/welcome/lp16/images/ 0
0

GET fb.png
100.26.0.92/welcome/lp16/images/ 0
0

GET tw.png
100.26.0.92/welcome/lp16/images/ 0
0

GET girl1.png
100.26.0.92/welcome/lp16/images/ 0
0

GET girl2.png
100.26.0.92/welcome/lp16/images/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 44 KB
17 KB 84ms
54ms Script
application/javascript 2a00:1450:400e:802::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTQQRM

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:802::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

cd38d30b55757eb5452e2b80d0601f8a6c767a9763667c8cae162efc2ef19e24

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /gtm.js?id=GTM-TTQQRM
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagmanager.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 20:05:53 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 17405
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2017 20:05:53 GMT

GET walmart-screen.png
100.26.0.92/welcome/lp16/images/ 0
0

GET best-buy.png
100.26.0.92/welcome/lp16/images/ 0
0

GET lowes.png
100.26.0.92/welcome/lp16/images/ 0
0

GET walmart.png
100.26.0.92/welcome/lp16/images/ 0
0

GET createbarrel.png
100.26.0.92/welcome/lp16/images/ 0
0

GET orbitz.png
100.26.0.92/welcome/lp16/images/ 0
0

GET jcp.png
100.26.0.92/welcome/lp16/images/ 0
0

GET lowes-computer.png
100.26.0.92/welcome/lp16/images/ 0
0

GET blue-sheltor.png
100.26.0.92/welcome/lp16/images/ 0
0

GET man-with-dog.png
100.26.0.92/welcome/lp16/images/ 0
0

GET
H/1.1 200
OK bigrotation2.gif
208.100.26.92/res/img/shell/ 2 KB
2 KB 595ms
112ms Image
image/gif 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/res/img/shell/bigrotation2.gif
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Thu, 25 Mar 2010 22:21:16 GMT
Server: Microsoft-IIS/8.5
ETag: "72e6a7c69ccca1:0"
Content-Type: image/gif
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1787

GET
H2 200 /
www.facebook.com/impression.php/f28d07a8f25128/ 43 B
57 B 176ms
162ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/impression.php/f28d07a8f25128/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /impression.php/f28d07a8f25128/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: no-cache
x-fb-debug: B9ym8lA7rKqWSsy5uYr7LUeB5rrzx5oDw9VBAa+JR1SJ5l1VtAduWvL7t76nK9MFnbO19iyuA7GJlMHIZuJtsg==
date: Thu, 11 May 2017 20:05:53 GMT
strict-transport-security: max-age=15552000; preload
public-key-pins-report-only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 40ms
12ms Script
text/javascript 2a00:1450:400e:802::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 01:31:56 GMT
server: Golfe2
age: 1250
date: Thu, 11 May 2017 19:45:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 12267
expires: Thu, 11 May 2017 21:45:03 GMT

GET like.php
www.facebook.com/plugins/ Frame 1058 0
0

GET JtmcTFxyLye.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1058 0
0

GET
H/1.1 200
OK _ate.track.config_resp Show response
m.addthisedge.com/live/boost/igive/ 27 B
47 B 27ms
9ms Script
application/javascript 104.16.27.235
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthisedge.com/live/boost/igive/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/152/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.27.235 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: m.addthisedge.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Content-Encoding: gzip
Surrogate-Key: igive
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
CF-Cache-Status: HIT
Cache-Control: public, max-age=60, s-maxage=86400
Content-Disposition: attachment; filename=1.txt
Connection: keep-alive
CF-RAY: 35d7c16fceeb0f87-FRA
Content-Length: 47

GET
H/1.1 200
OK yellow-line.png
208.100.26.92/welcome/lp16/images/ 946 B
946 B 530ms
113ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/yellow-line.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: fb32db18a6c31c45c3aad0e0f9879ddc71282c86a1877d134ba00bad9dfd0a6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:26:10 GMT
Server: Microsoft-IIS/8.5
ETag: "0c590cd83acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 946

GET
H/1.1 200
OK arial_narrow.woff
208.100.26.92/welcome/lp16/fonts/Arial_Narrow/ 67 KB
67 KB 725ms
320ms Font
font/x-woff 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://208.100.26.92/welcome/lp16/fonts/Arial_Narrow/arial_narrow.woff
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: d06b6349007bcfc03ed66cf3c53a391814e8839317b6920f4b4adf66b993278e

Request headers

Pragma: no-cache
Origin: https://208.100.26.92
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Origin: https://208.100.26.92

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0661ad83acf1:0"
Content-Type: font/x-woff
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 68972

GET
H/1.1 200
OK tress-bg2.png
208.100.26.92/welcome/lp16/images/ 154 KB
154 KB 702ms
318ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/tress-bg2.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 02aca2488674871ade1b2b9d8ee2e0d7bd358fa90d4172d5051318ba3daa4c3f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:26:10 GMT
Server: Microsoft-IIS/8.5
ETag: "0c590cd83acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 157852

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 25ms
6ms Font
application/font-woff2 94.31.29.55
Zayo Bandwidth Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.55 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth Inc, US),
Reverse DNS: 94.31.29.55.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

:path: /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
pragma: no-cache
origin: https://208.100.26.92
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: maxcdn.bootstrapcdn.com
referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://208.100.26.92

Response headers

date: Thu, 11 May 2017 20:05:53 GMT
last-modified: Fri, 27 Feb 2015 19:45:39 GMT
server: NetDNA-cache/2.2
status: 200
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
vary: Accept-Encoding
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31104000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
content-length: 56780
expires: Sun, 06 May 2018 20:05:53 GMT

GET
H/1.1 200
OK form-btn-bg.png
208.100.26.92/welcome/lp16/images/ 4 KB
4 KB 537ms
116ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/form-btn-bg.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: e44a4e6b2f3ac5981549ddd773986ffaf2b861d16d792770b2f9c17760d56ac8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:34 GMT
Server: Microsoft-IIS/8.5
ETag: "09b1bb883acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 3808

GET
H/1.1 200
OK form-bg2.jpg
208.100.26.92/welcome/lp16/images/ 1 KB
1 KB 598ms
124ms Image
image/jpeg 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/form-bg2.jpg
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 93a661ff9e3a17030a9f7e6c3427ec9657e7f8e8098fc3733968528ce0299484

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:32 GMT
Server: Microsoft-IIS/8.5
ETag: "06eeab683acf1:0"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1187

GET
H/1.1 200
OK bettty-shopping-img.png
208.100.26.92/welcome/lp16/images/ 72 KB
72 KB 319ms
318ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/bettty-shopping-img.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: f2dd45b73aa8b6b2bf65bfc761393c2cdc85e70f99b8098001ba2f4664f7e412

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:22 GMT
Server: Microsoft-IIS/8.5
ETag: "08df4b083acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 73940

GET
H/1.1 200
OK frnds-img.png
208.100.26.92/welcome/lp16/images/ 20 KB
20 KB 321ms
321ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/frnds-img.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 838ee586ca38b78e9eb77e8b72999207b6c5fc688ec829f6ea96e1bc468b6e6a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:36 GMT
Server: Microsoft-IIS/8.5
ETag: "0c84cb983acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 20027

GET
H/1.1 200
OK bags.png
208.100.26.92/welcome/lp16/images/ 6 KB
6 KB 223ms
222ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/bags.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 4bd5d611a21580b4812b2cb97b3a40595155226623b4895cc12ded4569dd053e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:18 GMT
Server: Microsoft-IIS/8.5
ETag: "03392ae83acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 6177

GET
H/1.1 200
OK sheltor-icons.png
208.100.26.92/welcome/lp16/images/ 40 KB
40 KB 352ms
352ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/sheltor-icons.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 6a3ce8fdcc4a36a3abd05c18668bbd16319190f7f97ef699d7779b31304164b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:52 GMT
Server: Microsoft-IIS/8.5
ETag: "030d6c283acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 40941

GET
H/1.1 200
OK content2-bg2.png
208.100.26.92/welcome/lp16/images/ 12 KB
12 KB 332ms
331ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/content2-bg2.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 89ffbc103586f6f9784d4cc5978e7db34436023989ef903cd9990cfc0c93c950

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:28 GMT
Server: Microsoft-IIS/8.5
ETag: "01488b483acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 12545

GET
H/1.1 200
OK first-aid-box.png
208.100.26.92/welcome/lp16/images/ 18 KB
18 KB 317ms
316ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/first-aid-box.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: de77bed48187702c25205c3579dedea96cada4bf1c193d2f4271a5c1cc6053bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:55 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:32 GMT
Server: Microsoft-IIS/8.5
ETag: "06eeab683acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 18616

GET
H/1.1 200
OK join-now.png
208.100.26.92/welcome/lp16/images/ 4 KB
4 KB 137ms
136ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/join-now.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: 77a1617cb21dab1c8583a3a3d500252af3717479b6a4ccca0a42a2182d1dd7e8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:56 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:42 GMT
Server: Microsoft-IIS/8.5
ETag: "04fe0bc83acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 4223

GET
H/1.1 200
OK f-nav-li-bg.png
208.100.26.92/welcome/lp16/images/ 931 B
931 B 108ms
107ms Image
image/png 208.100.26.92
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://208.100.26.92/welcome/lp16/images/f-nav-li-bg.png
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 208.100.26.92 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip92.208-100-26.static.steadfastdns.net
Software: Microsoft-IIS/8.5 /
Resource Hash: eecaf36f0f3cff11e8243c83bee176ae84d622462f3bd18bb21bbbc1c06850a1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: 208.100.26.92
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
Cookie: __atuvc=1%7C19; __atuvs=5914c3ff4ceb4977000; _ga=GA1.1.1544033701.1494533153; _gid=GA1.1.1270172649.1494533153; _gat_MainTracker=1; __insp_wid=370040920; __insp_slim=1494533154390; __insp_nv=true; __insp_targlpu=aHR0cHM6Ly8yMDguMTAwLjI2LjkyL3dlbGNvbWUvbHAxNi9jcjY0YS5jZm0%3D; __insp_targlpt=Q2hhcml0eSBTaG9wIHwgT25saW5lIERvbmF0aW9uIFNpdGVzIHwgRnVuZHJhaXNpbmcgSWRlYXMgLSBpR2l2ZQ%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/css/style3.css?v=20160728
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:56 GMT
Last-Modified: Fri, 07 Mar 2014 13:25:28 GMT
Server: Microsoft-IIS/8.5
ETag: "01488b483acf1:0"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 931

GET
H2 200 collect
www.google-analytics.com/ 35 B
44 B 13ms
13ms Image
image/gif 2a00:1450:400e:802::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j54&a=246055348&t=pageview&_s=1&dl=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&ul=en-us&de=UTF-8&dt=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&sd=24-bit&sr=1600x1200&vp=1583x1132&je=0&fl=25.0%20r0&_u=YGBAgEAB~&jid=1532830882&cid=1544033701.1494533153&tid=UA-30089-1&_gid=1270172649.1494533153&cd1=STRANGER&cd4=N&z=379743638

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j54&a=246055348&t=pageview&_s=1&dl=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&ul=en-us&de=UTF-8&dt=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&sd=24-bit&sr=1600x1200&vp=1583x1132&je=0&fl=25.0%20r0&_u=YGBAgEAB~&jid=1532830882&cid=1544033701.1494533153&tid=UA-30089-1&_gid=1270172649.1494533153&cd1=STRANGER&cd4=N&z=379743638
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2017 10:04:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 208887
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/pagead/
Redirect Chain

https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354&slf_rd=1&random=1982816639

42 B
51 B

82ms
41ms

Image
image/gif

2a00:1450:401b:803::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354&slf_rd=1&random=1982816639

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:803::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354&slf_rd=1&random=1982816639
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30089-1&cid=1544033701.1494533153&jid=1532830882&_v=j54&z=326291354&slf_rd=1&random=1982816639
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5609b2fa421ea210c7000010.js Show response
tag.marinsm.com/serve/ 9 KB
3 KB 235ms
215ms Script
text/javascript 151.101.12.65
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5609b2fa421ea210c7000010.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQQRM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.65 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f38f9583cd04ce114acc1914aab692e66dd67ee2cd2664c7c732bea02622f53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: tag.marinsm.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Via: 1.1 vegur 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3111
X-Served-By: cache-fra1234-FRA
Server: Cowboy
X-Timer: S1494533153.325635,VS0,VE209
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 11 KB
4 KB 73ms
45ms Script
text/javascript 172.217.20.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTQQRM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.20.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

ams15s33-in-f2.1e100.net

Software

cafe /

Resource Hash

7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/conversion_async.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googleadservices.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 20:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7418607575082404417
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=86400
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 4406
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2017 20:05:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 27 KB
9 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2a97da4ba9e72041e34b3f9365737446af4bfdc775c7add6eadc7f08fe866afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /en_US/fbevents.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 8810
x-xss-protection: 0
pragma: private
x-fb-debug: HMI0tYeYa/tYj4CpD7EGepjn7Anr47s5DdkMlr4dZsmwu955/0hMvItVqm5peCdp58ArUc5m/FBbaqdwwtPtRw==
date: Thu, 11 May 2017 20:05:53 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 695513553804530 Show response
connect.facebook.net/signals/config/ 232 B
187 B 149ms
148ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695513553804530?v=2.7.7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

04ea54d6d9e1af9d22a8f6189d21e9b56e00a79c8fc0dcbee15024bf5e059df2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/695513553804530?v=2.7.7
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: aUkS6MR1fzNmF0PKjhuSorZlFNuN2h8lxNEMJKOdeXUr6TmmUFAMlYCEN+qiJBiuYMn6eaIX0rFPnJX44cJwaQ==
x-frame-options: DENY
date: Thu, 11 May 2017 20:05:53 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/ads/user-lists/1072683609/
Redirect Chain

https://www.google.com/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
https://www.google.de/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...

42 B
51 B

41ms
40ms

Image
image/gif

2a00:1450:401b:803::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=4228676878&fpvtc=/1072683609/%3Frandom%3D217740052%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:803::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=4228676878&fpvtc=/1072683609/%3Frandom%3D217740052%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/1072683609/?random=1494533153381&cv=8&fst=1494533153381&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=4228676878&fpvtc=/1072683609/%3Frandom%3D217740052%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1176
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2017 20:05:53 GMT

GET
H2

200

/
www.google.de/ads/user-lists/1072686309/
Redirect Chain

https://www.google.com/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
https://www.google.de/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...

42 B
51 B

40ms
40ms

Image
image/gif

2a00:1450:401b:803::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=2029837877&fpvtc=/1072686309/%3Frandom%3D1748433099%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:803::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=2029837877&fpvtc=/1072686309/%3Frandom%3D1748433099%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 May 2017 20:05:53 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/1072686309/?random=1494533153384&cv=8&fst=1494533153384&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&tiba=Charity%20Shop%20%7C%20Online%20Donation%20Sites%20%7C%20Fundraising%20Ideas%20-%20iGive&async=1&cdct=2&random=2029837877&fpvtc=/1072686309/%3Frandom%3D1748433099%26cv%3D8%26fst%3D1494532800000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252F208.100.26.92%252Fwelcome%252Flp16%252Fcr64a.cfm%26tiba%3DCharity%2520Shop%2520%257C%2520Online%2520Donation%2520Sites%2520%257C%2520Fundraising%2520Ideas%2520-%2520iGive%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1177
x-xss-protection: 1; mode=block
expires: Thu, 11 May 2017 20:05:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
53 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=695513553804530&ev=PageView&dl=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&rl=&if=false&ts=1494533153472&v=2.7.7&ec=0&o=4
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=695513553804530&ev=PageView&dl=https%3A%2F%2F208.100.26.92%2Fwelcome%2Flp16%2Fcr64a.cfm&rl=&if=false&ts=1494533153472&v=2.7.7&ec=0&o=4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 20:05:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: fr=0VTyllqbm833F1hDu..BZFMQh...1.0.BZFMQh.; expires=Wednesday, 09-Aug-2017 20:05:53 GMT; path=/; domain=.facebook.com; HttpOnly
content-length: 44
expires: Thu, 11 May 2017 20:05:53 GMT

GET
H/1.1

200
OK

Cookie set tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=51592&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=51592&source=js_tag

102 B
102 B

29ms
29ms

Script
text/javascript

46.51.169.47
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=51592&source=js_tag
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.169.47 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-169-47.eu-west-1.compute.amazonaws.com
Software: Jetty(9.2.21.v20170120) /
Resource Hash: c8f93fa879626d395d5cd1c74c79bdc91559817f97607b098df7dbf3d252bd0f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel-geo.prfct.co
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: pa_uid=pa_27YYAo7lftzfuQCyT
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 102
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=51592&source=js_tag
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set cb
pixel.prfct.co/
Redirect Chain

https://cs.marinsm.com/mrin
https://pixel.prfct.co/cb?partnerId=mrin

43 B
43 B

454ms
106ms

Image
image/gif

23.23.243.116
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=mrin
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.243.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-243-116.compute-1.amazonaws.com
Software: Jetty(9.2.21.v20170120) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel.prfct.co
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: pa_mrin_ts=1494533153709; pa_twitter_ts=1494533153740; pa_yahoo_ts=1494533153770; pa_pubmatic_ts=1494533153788; pa_openx_ts=1494533153786; pa_rubicon_ts=1494533153787; pa_google_ts=1494533153858; pa_uid=pa_27YYAo7lftzfuQCyT
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:54 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:54 GMT AWSELB=B91D518304C41D26F2E262C1B04B163CFB753805FF6E7DB033878BD2120D94348D18A60897328178C757BC7CF027E82E199FBBE973D37DD664500AA2B30767972A4C51BDFA;PATH=/
Cache-Control: no-store, no-cache, private no-cache="set-cookie"
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://pixel.prfct.co/cb?partnerId=mrin
Date: Thu, 11 May 2017 20:05:54 GMT
Cache-Control: no-store, no-cache, private
Server: Jetty(9.2.21.v20170120)
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_27YYAo7lftzfuQCyT

43 B
92 B

125ms
109ms

Image
image/gif

104.244.42.131
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_27YYAo7lftzfuQCyT

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_id=48571&p_user_id=pa_27YYAo7lftzfuQCyT
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: analytics.twitter.com
referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
:scheme: https
:method: GET
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Thu, 11 May 2017 20:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
x-connection-hash: 1124df78b8749b4968a6d70656b3ddc8
x-xss-protection: 1; mode=block
x-response-time: 102
pragma: no-cache
last-modified: Thu, 11 May 2017 20:05:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
set-cookie: guest_id=v1%3A149453315382472499; Domain=.twitter.com; Path=/; Expires=Sat, 11-May-2019 20:05:53 UTC
x-transaction: 005ce7580058f53d
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_27YYAo7lftzfuQCyT
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT pa_twitter_ts=1494533153740;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_27YYAo7lftzfuQCyT%26sigv%3D1%26esig%3D2%7E398428d75320154581df99ff7fb8478...

0
0

131ms
31ms

Image
text/plain

2a00:1288:110:422::3000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_27YYAo7lftzfuQCyT%26sigv%3D1%26esig%3D2%7E398428d75320154581df99ff7fb847854e6a61ec

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ads.yahoo.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: ATS
Connection: keep-alive
Age: 0
Content-Length: 0
Strict-Transport-Security: max-age=0

Redirect headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_27YYAo7lftzfuQCyT%26sigv%3D1%26esig%3D2%7E398428d75320154581df99ff7fb847854e6a61ec
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT pa_yahoo_ts=1494533153770;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_27YYAo7lftzfuQCyT
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_27YYAo7lftzfuQCyT

43 B
43 B

14ms
13ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_27YYAo7lftzfuQCyT
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.75.6 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: us-u.openx.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: i=ba00e10f-2649-4522-6225-e2fe7428e95d|1494533153
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:53 GMT
Server: OXGW/11.75.6
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_27YYAo7lftzfuQCyT
Date: Thu, 11 May 2017 20:05:53 GMT
Server: OXGW/11.75.6
Set-Cookie: i=ba00e10f-2649-4522-6225-e2fe7428e95d|1494533153; Version=1; Expires=Fri, 11-May-2018 20:05:53 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Cookie set Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=pub
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNDMmdGw9MTI5NjAw&piggybackCookie=uid:pa_27YYAo7lftzfuQCyT

42 B
42 B

51ms
13ms

Image
image/gif

198.47.127.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNDMmdGw9MTI5NjAw&piggybackCookie=uid:pa_27YYAo7lftzfuQCyT
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.15 Redwood City, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: image2.pubmatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:53 GMT
X-lat: Pug22056:0:327
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie: KRTBCOOKIE_931=18118-uid:pa_27YYAo7lftzfuQCyT; domain=pubmatic.com; expires=Wed, 09-Aug-2017 20:05:53 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Thu, 11-May-2017 20:05:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Wed, 09-Aug-2017 20:05:53 GMT; path=/
Cache-Control: no-store, no-cache, private
Connection: close
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNDMmdGw9MTI5NjAw&piggybackCookie=uid:pa_27YYAo7lftzfuQCyT
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT pa_pubmatic_ts=1494533153788;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT

42 B
42 B

13ms
13ms

Image
image/gif

62.67.193.85
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel.rubiconproject.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: c=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:52 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=189868%3D1; Domain=.rubiconproject.com; Expires=Sat, 10-Jun-2017 20:05:53 GMT; Path=/ rpx=189868%3D64500%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Sat, 10-Jun-2017 20:05:53 GMT; Path=/ put_4106=pa_27YYAo7lftzfuQCyT; Domain=.rubiconproject.com; Expires=Sat, 10-Jun-2017 19:59:59 GMT; Path=/ khaos=J2KUG9WU-1F-33NY; Domain=.rubiconproject.com; Expires=Fri, 10-Nov-2017 08:05:53 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: dYTTO0IavJH-PBIUPWTEJg
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:52 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: /tap.php?cookie_redirect=1&v=189868&nid=4106&expires=30&put=pa_27YYAo7lftzfuQCyT
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: c=1; Path=/
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

Cookie set cb
pixel-geo.prfct.co/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfMjdZWUFvN2xmdHpmdVFDeVQ
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
43 B

26ms
26ms

Image
image/gif

54.217.219.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.219.154 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-219-154.eu-west-1.compute.amazonaws.com
Software: Jetty(9.2.21.v20170120) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel-geo.prfct.co
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: pa_mrin_ts=1494533153709; pa_twitter_ts=1494533153740; pa_yahoo_ts=1494533153770; pa_pubmatic_ts=1494533153788; pa_openx_ts=1494533153786; pa_rubicon_ts=1494533153787; pa_uid=pa_27YYAo7lftzfuQCyT; pa_google_ts=1494533153858
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 May 2017 20:05:53 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
set-cookie: id=22c9dd53751900a5||t=1494533153|et=730|cs=002213fd487e17e4dc300bacd2; expires=Sat, 11-May-2019 20:05:53 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUkfAxnJJy7cCEDohMLjAl4gh2WVnTmtvBGdZ-ybZYa_UwGCVRofHg; expires=Sat, 11-May-2019 20:05:53 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 240
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set /
pixel-geo.prfct.co/seg/ 43 B
43 B 128ms
127ms Image
image/gif 54.217.219.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=3460836&source=js_tag&a_id=51592
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.219.154 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-219-154.eu-west-1.compute.amazonaws.com
Software: Jetty(9.2.21.v20170120) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel-geo.prfct.co
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: pa_mrin_ts=1494533153709; pa_twitter_ts=1494533153740; pa_yahoo_ts=1494533153770; pa_pubmatic_ts=1494533153788; pa_openx_ts=1494533153786; pa_uid=pa_27YYAo7lftzfuQCyT; pa_rubicon_ts=1494533153787
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:53 GMT
Server: Jetty(9.2.21.v20170120)
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_27YYAo7lftzfuQCyT;Path=/;Domain=.prfct.co;Expires=Sat, 11-May-2019 20:05:53 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=3460836
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D3460836

0
0

15ms
15ms

Image
text/html

185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D3460836

Requested by

Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: sess=1; uuid2=4383377216235578134
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:55 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.240:80
AN-X-Request-Uuid: 0ab7ce10-f622-4813-b562-6625b2e4e76e
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: sess=1; Path=/; Max-Age=86400; Expires=Fri, 12-May-2017 20:05:55 GMT; Domain=.adnxs.com; HttpOnly uuid2=4383377216235578134; Path=/; Max-Age=7776000; Expires=Wed, 09-Aug-2017 20:05:55 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 May 2017 20:05:55 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.22:80
AN-X-Request-Uuid: 08b929cf-143d-4f25-ba7f-6ba614ae67db
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D3460836
Cache-Control: no-store, no-cache, private
Set-Cookie: sess=1; Path=/; Max-Age=86400; Expires=Fri, 12-May-2017 20:05:55 GMT; Domain=.adnxs.com; HttpOnly uuid2=4383377216235578134; Path=/; Max-Age=7776000; Expires=Wed, 09-Aug-2017 20:05:55 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set inspectlet.js Show response
cdn.inspectlet.com/ 192 KB
65 KB 35ms
11ms Script
text/javascript 2400:cb00:2048:1::6814:b609
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js
Requested by: Host: 208.100.26.92
URL: https://208.100.26.92/welcome/lp16/cr64a.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:b609 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2c8e27263234465a13ca1d4bae4c01455651b04c419a114553db1e5548e1cff4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.inspectlet.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Thu, 11 May 2017 20:05:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Set-Cookie: __cfduid=d53558ddadfd7404583e51be0e52dc2cb1494533154; expires=Fri, 11-May-18 20:05:54 GMT; path=/; domain=.inspectlet.com; HttpOnly
Cache-Control: public, max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 35d7c1768e232708-FRA
Expires: Fri, 12 May 2017 08:05:54 GMT

POST
H/1.1 200
OK 370040920 Show response
hn.inspectlet.com/ginit/ 26 B
26 B 434ms
116ms XHR
application/json 107.22.197.50
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/370040920
Requested by: Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.197.50 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-107-22-197-50.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e

Request headers

Pragma: no-cache
Origin: https://208.100.26.92
Accept-Encoding: gzip, deflate, br
Host: hn.inspectlet.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Cookie: __cfduid=d53558ddadfd7404583e51be0e52dc2cb1494533154
Connection: keep-alive
Content-Length: 1054
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://208.100.26.92/welcome/lp16/cr64a.cfm
Origin: https://208.100.26.92
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 11 May 2017 20:05:54 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://208.100.26.92
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 26

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/dir_scripts/functions.js

Domain: 100.26.0.92
URL: https://100.26.0.92/res/js/jquery-ui-1.10.4.custom/css/bluedialog/jquery-ui-1.10.4.custom.css

Domain: 100.26.0.92
URL: https://100.26.0.92/res/js/selectbox/css/jquery.selectbox.css

Domain: 100.26.0.92
URL: https://100.26.0.92/res/js/jquery-ui-1.10.4.custom/js/jquery-1.10.2.js

Domain: 100.26.0.92
URL: https://100.26.0.92/res/js/jquery-ui-1.10.4.custom/js/jquery-ui-1.10.4.custom.min.js

Domain: 100.26.0.92
URL: https://100.26.0.92/res/js/selectbox/js/jquery.selectbox-0.2.js

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/logo.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/fb.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/tw.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/girl1.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/girl2.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/walmart-screen.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/best-buy.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/lowes.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/walmart.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/createbarrel.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/orbitz.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/jcp.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/lowes-computer.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/blue-sheltor.png

Domain: 100.26.0.92
URL: https://100.26.0.92/welcome/lp16/images/man-with-dog.png

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com%2Figive&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=21

Domain: staticxx.facebook.com
URL: https://staticxx.facebook.com/connect/xd_arbiter/r/JtmcTFxyLye.js?version=42

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100.26.0.92
ads.yahoo.com
analytics.twitter.com
cdn.inspectlet.com
cdn.optimizely.com
connect.facebook.net
hn.inspectlet.com
image2.pubmatic.com
m.addthisedge.com
maxcdn.bootstrapcdn.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
s7.addthis.com
secure.adnxs.com
staticxx.facebook.com
tag.marinsm.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
100.26.0.92
staticxx.facebook.com
www.facebook.com
104.16.22.35
104.16.27.235
104.244.42.131
107.22.197.50
151.101.12.65
172.217.20.66
173.241.240.143
185.33.223.202
198.47.127.15
208.100.26.92
23.23.243.116
2400:cb00:2048:1::6814:b609
2a00:1288:110:422::3000
2a00:1450:400e:802::2008
2a00:1450:400e:802::200e
2a00:1450:401b:803::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
46.51.169.47
54.217.219.154
62.67.193.85
94.31.29.55
95.101.241.136
02aca2488674871ade1b2b9d8ee2e0d7bd358fa90d4172d5051318ba3daa4c3f
04ea54d6d9e1af9d22a8f6189d21e9b56e00a79c8fc0dcbee15024bf5e059df2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16ea0cf66d51efdbbc2a62b11ab0419fa72fb3320844f1d0d710480245ac9925
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
2a97da4ba9e72041e34b3f9365737446af4bfdc775c7add6eadc7f08fe866afd
2c8e27263234465a13ca1d4bae4c01455651b04c419a114553db1e5548e1cff4
4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19
4bd5d611a21580b4812b2cb97b3a40595155226623b4895cc12ded4569dd053e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6a3ce8fdcc4a36a3abd05c18668bbd16319190f7f97ef699d7779b31304164b8
77a1617cb21dab1c8583a3a3d500252af3717479b6a4ccca0a42a2182d1dd7e8
7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838ee586ca38b78e9eb77e8b72999207b6c5fc688ec829f6ea96e1bc468b6e6a
89ffbc103586f6f9784d4cc5978e7db34436023989ef903cd9990cfc0c93c950
93a661ff9e3a17030a9f7e6c3427ec9657e7f8e8098fc3733968528ce0299484
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5a2e1815cffa7f06c9aa68e21e3c0a43433ca18a1f526a3fd604dcffca5907b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b615abc6c4aba7b597ecdeedef8406a2ccae63ef65b1d636410055e41cb49b44
c8f93fa879626d395d5cd1c74c79bdc91559817f97607b098df7dbf3d252bd0f
ca607a355fd02f82a5ec74f282225b1b3bf9ff46051f47c986003410e5edda67
cad241a2e05e7e9d0723b74d70ad5b2b67cacf9339f8ff892d4fa9e4e9b91a75
cd38d30b55757eb5452e2b80d0601f8a6c767a9763667c8cae162efc2ef19e24
ced37fcda72bd7e0f2ed2522d3924ef2991c6a43ae16dca8d21f909cec0ff278
d06b6349007bcfc03ed66cf3c53a391814e8839317b6920f4b4adf66b993278e
d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e
de77bed48187702c25205c3579dedea96cada4bf1c193d2f4271a5c1cc6053bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a4e6b2f3ac5981549ddd773986ffaf2b861d16d792770b2f9c17760d56ac8
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
eecaf36f0f3cff11e8243c83bee176ae84d622462f3bd18bb21bbbc1c06850a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dd45b73aa8b6b2bf65bfc761393c2cdc85e70f99b8098001ba2f4664f7e412
f38f9583cd04ce114acc1914aab692e66dd67ee2cd2664c7c732bea02622f53d
fb32db18a6c31c45c3aad0e0f9879ddc71282c86a1877d134ba00bad9dfd0a6b

208.100.26.92 Open in urlscan Pro 208.100.26.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

70 Requests

43 %HTTPS

33 %IPv6

20 Domains

23 Subdomains

25 IPs

4 Countries

903 kBTransfer

1609 kBSize

0 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

208.100.26.92 Open in urlscan Pro
208.100.26.92 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

43 %
HTTPS

33 %
IPv6

20
Domains

23
Subdomains

25
IPs

4
Countries

903 kB
Transfer

1609 kB
Size

0
Cookies

70 HTTP transactions
0 data transactions