urlscan.io logo urlscan.io
SecurityTrails logo

googglet.com Open in urlscan Pro
216.158.229.70  Public Scan

Go To Rescan Add Verdict Report
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Submission: On December 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 24 HTTP transactions. The main IP is 216.158.229.70, located in Secaucus, United States and belongs to IS-AS-1, US. The main domain is googglet.com.
This is the only time googglet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 216.158.229.70 19318 (IS-AS-1)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 192.243.59.20 39572 (ADVANCEDH...)
2 139.45.196.9 9002 (RETN-AS)
1 143.204.214.106 16509 (AMAZON-02)
1 45.205.10.209 40065 (CNSERVERS)
4 99.86.7.43 16509 (AMAZON-02)
1 143.204.90.123 16509 (AMAZON-02)
1 104.22.53.65 13335 (CLOUDFLAR...)
1 104.22.52.65 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.86.7.18 16509 (AMAZON-02)
1 13.224.194.109 16509 (AMAZON-02)
24 14
4    216.158.229.70 (Secaucus, United States)

ASN19318 (IS-AS-1, US)
PTR: blogqpot.com
googglet.com
blogqpot.com
www.googglet.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl142218.puhtml.com
2    139.45.196.9 (Ascension Island)

ASN9002 (RETN-AS, EU)
otrwaram.com
1    143.204.214.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-106.fra53.r.cloudfront.net
d1rguclfwp7nc8.cloudfront.net
1    45.205.10.209 (United States)

ASN40065 (CNSERVERS, US)
theblueish.com
4    99.86.7.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-43.fra6.r.cloudfront.net
rseyebrown.fun
1    143.204.90.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-123.fra50.r.cloudfront.net
coperledsinhe.info
1    104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
1    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.86.7.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-18.fra6.r.cloudfront.net
ministedik.info
1    13.224.194.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-109.fra2.r.cloudfront.net
cepractliq.top
Domain Requested by
4 rseyebrown.fun d1rguclfwp7nc8.cloudfront.net
2 www.google-analytics.com googglet.com
www.google-analytics.com
2 otrwaram.com googglet.com
otrwaram.com
2 pl142218.puhtml.com googglet.com
2 maxcdn.bootstrapcdn.com googglet.com
2 googglet.com googglet.com
1 cepractliq.top googglet.com
1 ministedik.info googglet.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com googglet.com
1 coperledsinhe.info d1rguclfwp7nc8.cloudfront.net
1 theblueish.com googglet.com
1 www.googglet.com googglet.com
1 d1rguclfwp7nc8.cloudfront.net googglet.com
1 blogqpot.com googglet.com
1 ajax.googleapis.com googglet.com
24 16

This site contains links to these domains. Also see Links.

Domain
driverlayer.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
rseyebrown.fun
Amazon		 2020-10-22 -
2021-11-20		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Frame ID: FD0D71E7D734A51D84B976C6A783298A
Requests: 18 HTTP requests in this frame

Frame: http://theblueish.com/addGoog.php?word=army+ncoer+training+bullets+comments&title=&url=&img=&size=&title1=&url1=&img1=&size1=&title2=&url2=&img2=&size2=&title3=&url3=&img3=&size3=&title4=&url4=&img4=&size4=&title5=&url5=&img5=&size5=&title6=&url6=&img6=&size6=&title7=&url7=&img7=&size7=&title8=&url8=&img8=&size8=&title9=&url9=&img9=&size9=
Frame ID: C8A34CF8DF7F703C09E84813CDA71681
Requests: 1 HTTP requests in this frame

Frame: http://rseyebrown.fun/RktocXgnKQscRyd2ClcNNCdVVEoAblo3HHc5DwQbKi0fAU8oKFBfGyokHRUeNCQGBVYoLhxUSgA5PDUcCQUSIA4RCCojOzwjDTofKQgNIBxxDx87CR4fWSgvLDwjNxUEKSIWKSEZLidddAkNIDoiEQEdPicOJj4zBztNQz4DHQ8FLxUgIzQRKhEkIBcAKgQoCRAaBEU9EjsgJgElACRACAgHWSRAESclHikrIysnIAAqISRJIgIuAg4DLDE6OSsKIDQgcgMyHQgQB1lFHxd6G1RKABNaAj0iJgM3Hip+CT4+DyItFiJ+HAFILQMTXDkxExo6Fx8leS0WIn4JBlxNKQkwGRcjM1wjHiEoHiNIFyw9GxQVHQEVHQkjITY7IQFRMDo2blo3ORE4LjM/FCgiGjYcAio7QCIJLlRKBAkROx0eMgMiHgcvPDouFyc/M0k2CTBELR4PXSgxdwI6FxYAeSozCH4MMB4/BANQKx0HEjoXHyVyPh0xMhk7EisELAcyHhcKCRcPACQ5FhRyHhEGOQIIWDQcMR4gF0kcfykgSXYKOwI/AggAJx4hGiA6OX9yKiAtNw8PVxI1JAYBRR4cBxtLKDgJQzYIIToUCg
Frame ID: 46B7A7B4BBA208CD22AC5DBC47FCA6D9
Requests: 1 HTTP requests in this frame

Frame: http://coperledsinhe.info/QnI2M3EjEFVeTjcAWg5UcDQTATcmQ0RUBCEeUEQBdRxVC18hHllGFSQAWV0FbBxTR1RwNEV9HxgmUgMBFDViAyMmJ39VP3ICDndBBB9iXTgTOnVyKAg3bH87JT9ZdxgLKn9JSHMndVA/DhVCexUQAURkMwQHY2BIGzRhBjYgNFVgPBcCEwEzBzN7SiIrFmx3NS0QfF8VFitidVRwNHF2K3AgblwUBQh/ZjhzFXVjMBMbcwMkECdYVDYKCAZ3PXMCYmokIRxgSydwIG5DKwAqbHUUKUdiaiQmRXRaHSsjTmY1GkFsdRQuEXF6CTEEZ2E8Ojp1fTIXQBt2CSQFYHEXFyAOdkEQGG5KNyczXAcTIAVnAhUpJABkGXpGc15JByBcYiIJJAZpFC44AnEZF0V0YCcgNwVpNwYzA3UXFxZdchomGGR0IAMgBWk3Jxljaz8QKwJrQAwae2tJBCNuAjQkMHd3EyVUXEAeLAILRgUgSmJ3JTcx
Frame ID: CF466115B4E0CBEBC56ACDBD26015250
Requests: 1 HTTP requests in this frame

Frame: http://rseyebrown.fun/eWpCY3YYCCEOSRhXIEUDCwZ/RkQ/T3AlEkgYJRYVFQw1E0EXCXpNFRUFNwcQCwUsF1gXDzZGRD8eGA08OzsvJjAxOXoILhEjICkuQDIXNhJKDy4PNz4uCxcyATASL0UaDQgiMEwhcy4RKQ0qVTFJKwUsDyMJFFInDSM1WzQtWCENMg48EgAxKCsDCzRBDikAIjxZNRUyER0gLyVNKxNTNzEOclohL1kMGiUoGRYqHwo6BwtGACEpMSA0LRAUIyhSIS0lGiQTUzQBJjUiMC9ZDBoyETwaAEUwMBNTNAEJcyZDKFkXByA8UxoARTArBAQ/DSA6OjI8KW8MBD8/DCI0Sg4RNiABEyYmJCw7LwgGOjgLBTouDhYpIB0QIQRGKS0RMRgsWxs1PDovCSAgDQEhJTM/LSguAj0rDDsVDjgYNSABEiAlICE7LCkFL1smOxVKIxEhDigNDyIePTsDB0UsBgQAFRc4CiZGQFsIBDgrOSshDi4sECEVECQaNjMNXyYiJCE5KzYRLDwUITwhGhE1MzQEJxRQExktDQZEBHciNApSK1EwNSN6GQ
Frame ID: 5198D0D66ABEFD39FFD915864350D088
Requests: 1 HTTP requests in this frame

Frame: http://rseyebrown.fun/a1pLR2EKOCgqXgpnKWEUGTZ2YlMtf3kBBVooLDICBzw8N1YFOXNpAgc1PiMHGTUlM08FPz9iUy0MKg8NHhcgCi0tPQkSByktGgQGUmsTdxkyGSU3Li4ieiMtOTIODQ06OwEEUSAYEzRWLDAvIyscCxoUJDJvDwIzDRwIfystLSAXOzpqEwMwUiMfLwYgDwNyAjMiPxMHDA8cAScYLAkFCScbChEFPWt/HwI9MhkGUCY9ChUCCgIfBiAzHHowOwcqAQVQHGkPFTcnGwMKJywbex8CPT0cDzMPIhwGJycbAwk7OA4OAwURPgYVGQ8iHAUGDgsify8vPWYzMCAbDgkyHBsNHzQbAAMPIw4CDTAiCi0GFSYHYj0TNBguDXQnMhwaIzshMXoLOQcPJgQZIhgMdTsKCRp2ACYLKBIiEz4zCwotPgMPLywOHX8iCB8RFzkTPjMQIAQKHQQoCh8ONCApDHoMNjkiPB8NUzgPdAImHXosKiI2PwY5Khw8BDRSAwh0FQ4SDX8qIS07DTk6HyUSJBs5Cj43OXwhNA4FKnYPBzIWHyNWUwkoHg4PNiI
Frame ID: 76677851AFAA760EB46CDA1C0ED06AC7
Requests: 1 HTTP requests in this frame

Frame: http://otrwaram.com/fac.php
Frame ID: 6C040B31DBB1F352B25E7D1D432B7677
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

24
Requests

21 %
HTTPS

21 %
IPv6

14
Domains

16
Subdomains

14
IPs

4
Countries

246 kB
Transfer

764 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request army%20ncoer%20training%20bullets%20comments
googglet.com/images/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
216.158.229.70 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed / PHP/5.6.40
Resource Hash
12075fcd75aaf214321a59b3a723e2487795691f0869dcd0d007c12505f8a03a

Request headers

Host
googglet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
content-encoding
gzip
vary
Accept-Encoding
content-length
2884
date
Tue, 15 Dec 2020 19:16:14 GMT
server
LiteSpeed
connection
Keep-Alive
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 19:16:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:34:07 GMT
ETag
"1544639647"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
19879
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8974
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Dec 2021 16:46:40 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 19:16:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:33:51 GMT
ETag
"1544639631"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
9743
jquery.popupoverlay.js
blogqpot.com/assets/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://blogqpot.com/assets/jquery.popupoverlay.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
216.158.229.70 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:16:14 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 18:39:43 GMT
server
LiteSpeed
etag
"7496-590a23ef-1a010e;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
5827
expires
Tue, 22 Dec 2020 19:16:14 GMT
styleDesk.css
googglet.com/imgs/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://googglet.com/imgs/assets/styleDesk.css
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
216.158.229.70 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:16:14 GMT
content-encoding
gzip
last-modified
Sat, 31 Oct 2015 14:41:58 GMT
server
LiteSpeed
etag
"136b-5634d336-2818b2;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
1388
expires
Tue, 22 Dec 2020 19:16:14 GMT
31fe1fe5f83e6133e93ac33071c5e50d.js
pl142218.puhtml.com/31/fe/1f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl142218.puhtml.com/31/fe/1f/31fe1fe5f83e6133e93ac33071c5e50d.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
apu.php
otrwaram.com/ 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://otrwaram.com/apu.php?zoneid=1190384
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
139.45.196.9 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
aab0170eeb2d99f89bf8d502f183602b5360d955d38b41754be64932fd2718a8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 19:16:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
c184f0402b3cbdaf0069320280482b28
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
/
d1rguclfwp7nc8.cloudfront.net/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
143.204.214.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-106.fra53.r.cloudfront.net
Software
/
Resource Hash
70a11b02891c74b85fa624cfe3e73b9ce43a8d2d04a3828018dad9ee6d1b0dbb

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Dec 2020 19:16:14 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
117561
Via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dLY6JmtupGhCbs4TFdOoHBdhB-5I8iRVjWfj_zXHhmhUdwaEYDyd9Q==
search.png
www.googglet.com/img/ 		378 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.googglet.com/img/search.png
Requested by
Host: googglet.com
URL: http://googglet.com/imgs/assets/styleDesk.css
Protocol
HTTP/1.1
Server
216.158.229.70 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e

Request headers

Referer
http://googglet.com/imgs/assets/styleDesk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:16:21 GMT
last-modified
Wed, 02 Sep 2015 04:50:14 GMT
server
LiteSpeed
etag
"17a-55e68006-240ec3;;;"
content-type
image/png
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
378
expires
Tue, 22 Dec 2020 19:16:21 GMT
addGoog.php
theblueish.com/ Frame C8A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://theblueish.com/addGoog.php?word=army+ncoer+training+bullets+comments&title=&url=&img=&size=&title1=&url1=&img1=&size1=&title2=&url2=&img2=&size2=&title3=&url3=&img3=&size3=&title4=&url4=&img4=&size4=&title5=&url5=&img5=&size5=&title6=&url6=&img6=&size6=&title7=&url7=&img7=&size7=&title8=&url8=&img8=&size8=&title9=&url9=&img9=&size9=
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
45.205.10.209 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
theblueish.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Server
nginx
Date
Tue, 15 Dec 2020 19:16:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
31fe1fe5f83e6133e93ac33071c5e50d.js
pl142218.puhtml.com/31/fe/1f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl142218.puhtml.com/31/fe/1f/31fe1fe5f83e6133e93ac33071c5e50d.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
utx
rseyebrown.fun/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rseyebrown.fun/utx?cb=9qYj91Clw2mb&top=googglet.com&tid=650586
Requested by
Host: d1rguclfwp7nc8.cloudfront.net
URL: http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-43.fra6.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:16:22 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://googglet.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
HIyVED6ZIVyHZElbFkhiAfJw-8ICY3Ia7f6V63mm6wkY4Glm6Khruw==
AggAJx4hGiA6OX9yKiAtNw8PVxI1JAYBRR4cBxtLKDgJQzYIIToUCg
rseyebrown.fun/RktocXgnKQscRyd2ClcNNCdVVEoAblo3HHc5DwQbKi0fAU8oKFBfGyokHRUeNCQGBVYoLhxUSgA5PDUcCQUSIA4RCCojOzwjDTofKQgNIBxxDx87CR4fWSgvLDwjNxUEKSIWKSEZLidddAkNIDoiEQEdPicOJj4zBztNQz4DHQ8FLxUgIzQRKh... Frame 46B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rseyebrown.fun/RktocXgnKQscRyd2ClcNNCdVVEoAblo3HHc5DwQbKi0fAU8oKFBfGyokHRUeNCQGBVYoLhxUSgA5PDUcCQUSIA4RCCojOzwjDTofKQgNIBxxDx87CR4fWSgvLDwjNxUEKSIWKSEZLidddAkNIDoiEQEdPicOJj4zBztNQz4DHQ8FLxUgIzQRKhEkIBcAKgQoCRAaBEU9EjsgJgElACRACAgHWSRAESclHikrIysnIAAqISRJIgIuAg4DLDE6OSsKIDQgcgMyHQgQB1lFHxd6G1RKABNaAj0iJgM3Hip+CT4+DyItFiJ+HAFILQMTXDkxExo6Fx8leS0WIn4JBlxNKQkwGRcjM1wjHiEoHiNIFyw9GxQVHQEVHQkjITY7IQFRMDo2blo3ORE4LjM/FCgiGjYcAio7QCIJLlRKBAkROx0eMgMiHgcvPDouFyc/M0k2CTBELR4PXSgxdwI6FxYAeSozCH4MMB4/BANQKx0HEjoXHyVyPh0xMhk7EisELAcyHhcKCRcPACQ5FhRyHhEGOQIIWDQcMR4gF0kcfykgSXYKOwI/AggAJx4hGiA6OX9yKiAtNw8PVxI1JAYBRR4cBxtLKDgJQzYIIToUCg
Requested by
Host: d1rguclfwp7nc8.cloudfront.net
URL: http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Protocol
HTTP/1.1
Server
99.86.7.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-43.fra6.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Host
rseyebrown.fun
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Content-Type
text/html
Content-Length
1270
Connection
keep-alive
Date
Tue, 15 Dec 2020 19:16:22 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
q20RGApXOASSaWfqpY2S6gRjQ14K8v6XmA0eISxtzVy4SvdjvzqDYQ==
ZjhzFXVjMBMbcwMkECdYVDYKCAZ3PXMCYmokIRxgSydwIG5DKwAqbHUUKUdiaiQmRXRaHSsjTmY1GkFsdRQuEXF6CTEEZ2E8Ojp1fTIXQBt2CSQFYHEXFyAOdkEQGG5KNyczXAcTIAVnAhUpJABkGXpGc15JByBcYiIJJAZpFC44AnEZF0V0YCcgNwVpNwYzA3UXF...
coperledsinhe.info/QnI2M3EjEFVeTjcAWg5UcDQTATcmQ0RUBCEeUEQBdRxVC18hHllGFSQAWV0FbBxTR1RwNEV9HxgmUgMBFDViAyMmJ39VP3ICDndBBB9iXTgTOnVyKAg3bH87JT9ZdxgLKn9JSHMndVA/DhVCexUQAURkMwQHY2BIGzRhBjYgNFVgPBcCEw... Frame CF46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://coperledsinhe.info/QnI2M3EjEFVeTjcAWg5UcDQTATcmQ0RUBCEeUEQBdRxVC18hHllGFSQAWV0FbBxTR1RwNEV9HxgmUgMBFDViAyMmJ39VP3ICDndBBB9iXTgTOnVyKAg3bH87JT9ZdxgLKn9JSHMndVA/DhVCexUQAURkMwQHY2BIGzRhBjYgNFVgPBcCEwEzBzN7SiIrFmx3NS0QfF8VFitidVRwNHF2K3AgblwUBQh/ZjhzFXVjMBMbcwMkECdYVDYKCAZ3PXMCYmokIRxgSydwIG5DKwAqbHUUKUdiaiQmRXRaHSsjTmY1GkFsdRQuEXF6CTEEZ2E8Ojp1fTIXQBt2CSQFYHEXFyAOdkEQGG5KNyczXAcTIAVnAhUpJABkGXpGc15JByBcYiIJJAZpFC44AnEZF0V0YCcgNwVpNwYzA3UXFxZdchomGGR0IAMgBWk3Jxljaz8QKwJrQAwae2tJBCNuAjQkMHd3EyVUXEAeLAILRgUgSmJ3JTcx
Requested by
Host: d1rguclfwp7nc8.cloudfront.net
URL: http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Protocol
HTTP/1.1
Server
143.204.90.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-123.fra50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Host
coperledsinhe.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Content-Type
text/html
Content-Length
1207
Connection
keep-alive
Date
Tue, 15 Dec 2020 19:16:22 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
NZzu1WwOUclptabW4yF32lfIkYspRrCpv9I9qh3obVGsBqP0RszDDw==
LSguAj0rDDsVDjgYNSABEiAlICE7LCkFL1smOxVKIxEhDigNDyIePTsDB0UsBgQAFRc4CiZGQFsIBDgrOSshDi4sECEVECQaNjMNXyYiJCE5KzYRLDwUITwhGhE1MzQEJxRQExktDQZEBHciNApSK1EwNSN6GQ
rseyebrown.fun/eWpCY3YYCCEOSRhXIEUDCwZ/RkQ/T3AlEkgYJRYVFQw1E0EXCXpNFRUFNwcQCwUsF1gXDzZGRD8eGA08OzsvJjAxOXoILhEjICkuQDIXNhJKDy4PNz4uCxcyATASL0UaDQgiMEwhcy4RKQ0qVTFJKwUsDyMJFFInDSM1WzQtWCENMg48EgAxKC... Frame 5198 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rseyebrown.fun/eWpCY3YYCCEOSRhXIEUDCwZ/RkQ/T3AlEkgYJRYVFQw1E0EXCXpNFRUFNwcQCwUsF1gXDzZGRD8eGA08OzsvJjAxOXoILhEjICkuQDIXNhJKDy4PNz4uCxcyATASL0UaDQgiMEwhcy4RKQ0qVTFJKwUsDyMJFFInDSM1WzQtWCENMg48EgAxKCsDCzRBDikAIjxZNRUyER0gLyVNKxNTNzEOclohL1kMGiUoGRYqHwo6BwtGACEpMSA0LRAUIyhSIS0lGiQTUzQBJjUiMC9ZDBoyETwaAEUwMBNTNAEJcyZDKFkXByA8UxoARTArBAQ/DSA6OjI8KW8MBD8/DCI0Sg4RNiABEyYmJCw7LwgGOjgLBTouDhYpIB0QIQRGKS0RMRgsWxs1PDovCSAgDQEhJTM/LSguAj0rDDsVDjgYNSABEiAlICE7LCkFL1smOxVKIxEhDigNDyIePTsDB0UsBgQAFRc4CiZGQFsIBDgrOSshDi4sECEVECQaNjMNXyYiJCE5KzYRLDwUITwhGhE1MzQEJxRQExktDQZEBHciNApSK1EwNSN6GQ
Requested by
Host: d1rguclfwp7nc8.cloudfront.net
URL: http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Protocol
HTTP/1.1
Server
99.86.7.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-43.fra6.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Host
rseyebrown.fun
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Content-Type
text/html
Content-Length
1248
Connection
keep-alive
Date
Tue, 15 Dec 2020 19:16:22 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
qKfnJ-2hcN_qkA8p7mPRBo8SbgFkbl124boRdnpkrz10HcRig6P0JA==
HwI9MhkGUCY9ChUCCgIfBiAzHHowOwcqAQVQHGkPFTcnGwMKJywbex8CPT0cDzMPIhwGJycbAwk7OA4OAwURPgYVGQ8iHAUGDgsify8vPWYzMCAbDgkyHBsNHzQbAAMPIw4CDTAiCi0GFSYHYj0TNBguDXQnMhwaIzshMXoLOQcPJgQZIhgMdTsKCRp2ACYLKBIiE...
rseyebrown.fun/a1pLR2EKOCgqXgpnKWEUGTZ2YlMtf3kBBVooLDICBzw8N1YFOXNpAgc1PiMHGTUlM08FPz9iUy0MKg8NHhcgCi0tPQkSByktGgQGUmsTdxkyGSU3Li4ieiMtOTIODQ06OwEEUSAYEzRWLDAvIyscCxoUJDJvDwIzDRwIfystLSAXOzpqEwMwUi... Frame 7667 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rseyebrown.fun/a1pLR2EKOCgqXgpnKWEUGTZ2YlMtf3kBBVooLDICBzw8N1YFOXNpAgc1PiMHGTUlM08FPz9iUy0MKg8NHhcgCi0tPQkSByktGgQGUmsTdxkyGSU3Li4ieiMtOTIODQ06OwEEUSAYEzRWLDAvIyscCxoUJDJvDwIzDRwIfystLSAXOzpqEwMwUiMfLwYgDwNyAjMiPxMHDA8cAScYLAkFCScbChEFPWt/HwI9MhkGUCY9ChUCCgIfBiAzHHowOwcqAQVQHGkPFTcnGwMKJywbex8CPT0cDzMPIhwGJycbAwk7OA4OAwURPgYVGQ8iHAUGDgsify8vPWYzMCAbDgkyHBsNHzQbAAMPIw4CDTAiCi0GFSYHYj0TNBguDXQnMhwaIzshMXoLOQcPJgQZIhgMdTsKCRp2ACYLKBIiEz4zCwotPgMPLywOHX8iCB8RFzkTPjMQIAQKHQQoCh8ONCApDHoMNjkiPB8NUzgPdAImHXosKiI2PwY5Khw8BDRSAwh0FQ4SDX8qIS07DTk6HyUSJBs5Cj43OXwhNA4FKnYPBzIWHyNWUwkoHg4PNiI
Requested by
Host: d1rguclfwp7nc8.cloudfront.net
URL: http://d1rguclfwp7nc8.cloudfront.net/?cugrd=650586
Protocol
HTTP/1.1
Server
99.86.7.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-43.fra6.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Host
rseyebrown.fun
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Content-Type
text/html
Content-Length
1253
Connection
keep-alive
Date
Tue, 15 Dec 2020 19:16:22 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
SiKKPNAfCjAtZ2VweTkDsdEIWiI1biocNpIPsP-5FNJ-S_bhL8HuZQ==
fac.php
otrwaram.com/ Frame 6C04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://otrwaram.com/fac.php
Requested by
Host: otrwaram.com
URL: http://otrwaram.com/apu.php?zoneid=1190384
Protocol
HTTP/1.1
Server
139.45.196.9 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
otrwaram.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments

Response headers

Server
nginx
Date
Tue, 15 Dec 2020 19:16:22 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
bd0cd9d0cea519380060bd6c10b71378
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
counter.js
www.statcounter.com/counter/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2524af2b088e9e507daa0eabe0bcfb9c530fe853dc8cd6b77412f9577e5eb100

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 15 Dec 2020 19:16:22 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 15 Dec 2020 16:29:03 GMT
Server
cloudflare
Age
9745
ETag
W/"5fd8e44f-9685"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
60227faa39789bfd-AMS
cf-request-id
07096e1e5f00009bfdca31d000000001
Expires
Wed, 16 Dec 2020 04:33:57 GMT
t.php
c.statcounter.com/ 		162 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?u1=143C13FA8F2D4F52BCF8A96E2F29EFF8&sc_project=10602885&java=1&security=41f8c692&sc_snum=1&sess=e3f67a&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//googglet.com/images/army%2520ncoer%2520training%2520bullets%2520comments&t=Army%20ncoer%20training%20bullets%20comments&invisible=1&sc_rum_e_s=9629&sc_rum_e_e=9632&sc_rum_f_s=0&sc_rum_f_e=9628&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:16:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
60227fab3b811fba-AMS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://googglet.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
07096e1f0700001fbabca21000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5147
date
Tue, 15 Dec 2020 17:50:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 15 Dec 2020 19:50:35 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/j/ 		2 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=28472190&t=pageview&_s=1&dl=http%3A%2F%2Fgoogglet.com%2Fimages%2Farmy%2520ncoer%2520training%2520bullets%2520comments&ul=en-us&de=UTF-8&dt=Army%20ncoer%20training%20bullets%20comments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=889798364&gjid=1286479600&cid=1813589113.1608059783&tid=UA-67149883-1&_gid=1391140357.1608059783&_r=1&_slc=1&z=157198757
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:16:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://googglet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
AlcxGCxHBDFReQFXKwIrXExxVXwVB39dYwNfcUJ9FQUyDSoOQGQzcAJHclR9Bkh1VH8LRXA
ministedik.info/cUJsTTNefQ8+DhMVPgBgJBAJD10Bdgg6CiYOAjUCNQMueXhCF0o5WhV/WnQERHtUa0MYJlF/ 		0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ministedik.info/cUJsTTNefQ8+DhMVPgBgJBAJD10Bdgg6CiYOAjUCNQMueXhCF0o5WhV/WnQERHtUa0MYJlF/AlcxGCxHBDFReQFXKwIrXExxVXwVB39dYwNfcUJ9FQUyDSoOQGQzcAJHclR9Bkh1VH8LRXA
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
99.86.7.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-18.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 15 Dec 2020 19:16:23 GMT
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection
keep-alive
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
tQxFH1JCl9_R8pIyouo09xRIGi8mi7AqRTE76fdy7BfXvBfTIVsHbg==
X-Cache
Miss from cloudfront
popunder.gif
cepractliq.top/ 		35 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cepractliq.top/popunder.gif
Requested by
Host: googglet.com
URL: http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
Protocol
HTTP/1.1
Server
13.224.194.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-109.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://googglet.com/images/army%20ncoer%20training%20bullets%20comments
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Tue, 15 Dec 2020 19:16:23 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
Via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
X-Amz-Cf-Id
s7mKWgTz4FjPfA00IzDG0S-mFm3CT5Up30giv7LeYycwiNrhziLpKA==

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery111305054767404354994 function| Fingerprint2 number| LAST_CORRECT_EVENT_TIME number| _4176568148 number| _448764338 object| win function| onClickTrigger object| ktwztte5x5g object| zfgformats boolean| zfgloadedpopup number| sc_project number| sc_invisible string| sc_security string| scJsHost function| _statcounter string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.googglet.com/ Name: _gid
Value: GA1.2.1391140357.1608059783
.googglet.com/ Name: _ga
Value: GA1.2.1813589113.1608059783
.googglet.com/ Name: _gat
Value: 1
.googglet.com/ Name: sc_is_visitor_unique
Value: rx10602885.1608059783.143C13FA8F2D4F52BCF8A96E2F29EFF8.1.1.1.1.1.1.1.1.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
blogqpot.com
c.statcounter.com
cepractliq.top
coperledsinhe.info
d1rguclfwp7nc8.cloudfront.net
googglet.com
maxcdn.bootstrapcdn.com
ministedik.info
otrwaram.com
pl142218.puhtml.com
rseyebrown.fun
theblueish.com
www.googglet.com
www.google-analytics.com
www.statcounter.com
104.22.52.65
104.22.53.65
13.224.194.109
139.45.196.9
143.204.214.106
143.204.90.123
192.243.59.20
2001:4de0:ac19::1:b:1b
216.158.229.70
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
45.205.10.209
99.86.7.18
99.86.7.43
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13
12075fcd75aaf214321a59b3a723e2487795691f0869dcd0d007c12505f8a03a
2524af2b088e9e507daa0eabe0bcfb9c530fe853dc8cd6b77412f9577e5eb100
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
70a11b02891c74b85fa624cfe3e73b9ce43a8d2d04a3828018dad9ee6d1b0dbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
aab0170eeb2d99f89bf8d502f183602b5360d955d38b41754be64932fd2718a8
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b