urlscan.io logo urlscan.io
SecurityTrails logo

dw.dwmv.biz Open in urlscan Pro
2606:4700:3037::6812:25f7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vndq.mymeriva.com/33031243217
Effective URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7b...
Submission: On October 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::6812:25f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is dw.dwmv.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.
This is the only time dw.dwmv.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.15.15.31 12876 (Online SAS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
23 9
1    51.15.15.31 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 51-15-15-31.rev.poneytelecom.eu
vndq.mymeriva.com
1    2606:4700:3030::6812:24f7 (United States)

ASN13335 (CLOUDFLARENET, US)
dwmv.biz
6    2606:4700:3037::6812:25f7 (United States)

ASN13335 (CLOUDFLARENET, US)
dw.dwmv.biz
2    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
4    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
6 mc.yandex.ru 1 redirects dw.dwmv.biz
mc.yandex.ru
6 dw.dwmv.biz dwmv.biz
dw.dwmv.biz
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
2 www.gstatic.com dw.dwmv.biz
translate.googleapis.com
2 cdnjs.cloudflare.com dw.dwmv.biz
1 translate.google.com dw.dwmv.biz
1 dwmv.biz vndq.mymeriva.com
1 vndq.mymeriva.com
23 8

This site contains links to these domains. Also see Links.

Domain
dwmv.biz
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-01 -
2021-08-01		 a year crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-30		 6 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Frame ID: 5258926DA00E57A292A429F84F1E77C4
Requests: 30 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 90691FF2136CEDC2BE4F788958EFB4F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://vndq.mymeriva.com/33031243217 Page URL
  2. https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_toke... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

23
Requests

87 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

9
IPs

4
Countries

303 kB
Transfer

947 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vndq.mymeriva.com/33031243217 Page URL
  2. https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://mc.yandex.ru/watch/54999154?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601949516261%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201006035837%3Aet%3A1601949517%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1384115435491%3Arqn%3A1%3Arn%3A634495278%3Ahid%3A123159121%3Ads%3A10%2C15%2C229%2C214%2C1%2C0%2C0%2C344%2C0%2C%2C%2C%2C603%3Afp%3A616%3Awn%3A35506%3Ahl%3A2%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601949517%3Au%3A16019495171011008119%3At%3AFind%20republican%20voter%20guide%20for%20nc%20%7C%20Yahoo%20Answers HTTP 302
  • https://mc.yandex.ru/watch/54999154/1?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601949516261%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201006035837%3Aet%3A1601949517%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1384115435491%3Arqn%3A1%3Arn%3A634495278%3Ahid%3A123159121%3Ads%3A10%2C15%2C229%2C214%2C1%2C0%2C0%2C344%2C0%2C%2C%2C%2C603%3Afp%3A616%3Awn%3A35506%3Ahl%3A2%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601949517%3Au%3A16019495171011008119%3At%3AFind%20republican%20voter%20guide%20for%20nc%20%7C%20Yahoo%20Answers

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
33031243217
vndq.mymeriva.com/ 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vndq.mymeriva.com/33031243217
Protocol
HTTP/1.1
Server
51.15.15.31 Haarlem, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-15-31.rev.poneytelecom.eu
Software
nginx / PHP/7.2.31
Resource Hash
59c101235ddcc891b86c4d287f3bcb477ca2642d21077f78b59686eaddce46e6

Request headers

Host
vndq.mymeriva.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 06 Oct 2020 01:58:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.31
s5tFcp
dwmv.biz/ 		670 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dwmv.biz/s5tFcp?subid1=242&subid2=mymeriva.com&subid3=pl8&subid4=20200805&frm=script&default_keyword=republican%20voter%20guide%20for%20nc&se_referrer=
Requested by
Host: vndq.mymeriva.com
URL: http://vndq.mymeriva.com/33031243217
Protocol
HTTP/1.1
Server
2606:4700:3030::6812:24f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.29
Resource Hash

Request headers

Referer
http://vndq.mymeriva.com/33031243217
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 06 Oct 2020 01:58:36 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PHP/7.2.29
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
059d3ad87900003244cdb2d200000001
Pragma
no-cache
Last-Modified
Tue, 06 Oct 2020 01:58:36 GMT
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949516"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
CF-RAY
5ddbc73a581f3244-FRA
Expires
0
Primary Request /
dw.dwmv.biz/dw/4_1/ 		90 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Requested by
Host: dwmv.biz
URL: http://dwmv.biz/s5tFcp?subid1=242&subid2=mymeriva.com&subid3=pl8&subid4=20200805&frm=script&default_keyword=republican%20voter%20guide%20for%20nc&se_referrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.31
Resource Hash
a2d72e7961a120998959405615428e7c547b2d155bd689c87bb4812bb30403e4

Request headers

:method
GET
:authority
dw.dwmv.biz
:scheme
https
:path
/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://vndq.mymeriva.com/33031243217
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://vndq.mymeriva.com/33031243217

Response headers

status
200
date
Tue, 06 Oct 2020 01:58:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d62f3f93e11d5b3baef54ded033ef13331601949516; expires=Thu, 05-Nov-20 01:58:36 GMT; path=/; domain=.dwmv.biz; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.2.31
cf-cache-status
DYNAMIC
cf-request-id
059d3ada0100001f313b1eb200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ddbc73ccdd81f31-FRA
content-encoding
gzip
style.css
dw.dwmv.biz/dw/4_1/css/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/dw/4_1/css/style.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc9fa5768d2a68da4bb0dda7de4b97490d830cae469ce6679a2935e0713be7c

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Sep 2019 09:54:57 GMT
server
cloudflare
etag
W/"5d8c8af1-6008"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ddbc73e5ef71f31-FRA
cf-request-id
059d3adaf200001f313b1f2200000001
normalize.css
dw.dwmv.biz/dw/4_1/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/dw/4_1/css/normalize.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306e3ebf53e9b1281405965a9b00d20cacbc050cdc58a6a119b8c0c2182c51d2

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Sep 2019 10:44:28 GMT
server
cloudflare
etag
W/"5d8c968c-cbf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ddbc73e5ef81f31-FRA
cf-request-id
059d3adaf200001f313b1f3200000001
lng.css
dw.dwmv.biz/dw/4_1/css/ 		683 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/dw/4_1/css/lng.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a7977ea981fd6b362f15a440df1ba8d860aaed4d9a0eeba692a866416c6a55

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 09 Dec 2019 12:38:31 GMT
server
cloudflare
etag
W/"5dee4047-2ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
text/css
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ddbc73e5ef91f31-FRA
cf-request-id
059d3adaf300001f313b1f4200000001
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
531946
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
cf-request-id
059d3adaf3000005f110184200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddbc73e585605f1-FRA
expires
Sun, 26 Sep 2021 01:58:36 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
451003
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
cf-request-id
059d3adaf3000005f110185200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddbc73e585805f1-FRA
expires
Sun, 26 Sep 2021 01:58:36 GMT
google-translate.js
dw.dwmv.biz/dw/4_1/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/dw/4_1/js/google-translate.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f266a1e3b66298420b2bc52dd957c63f34737039baee57c72fe352e9422b5628

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 09 Dec 2019 11:41:58 GMT
server
cloudflare
etag
W/"5dee3306-a89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5ddbc73e5efa1f31-FRA
cf-request-id
059d3adaf300001f313b1f5200000001
element.js
translate.google.com/translate_a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=TranslateInit
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
6da04176f57106c02612e19745d22ff69de16dab08a3f7509c5547877b50b9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 01:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
793
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2507
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 06 Oct 2020 02:16:49 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2732
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1610
x-xss-protection
0
last-modified
Wed, 30 Sep 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 06 Oct 2020 02:13:04 GMT
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ff5b9e9f511c5a85a686e90d86e806c8c338d602c25ed5828fe89cb537e3c59

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2e72d5dc930cd912c5ec677bbcc12a7486ce3566d9d7da78087dbe9a4f8fbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1311c37699a3fcd66650a055869de2d5371e8c03ecf32f95f07c78f00d5085c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
954c7d8c5ec160bc387bd3834c91e0e188a1e82ece693013ce7b244bb449994f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
processing.gif
dw.dwmv.biz/dw/4_1/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dw.dwmv.biz/dw/4_1/images/processing.gif
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3518213f72e691ac42e6fd374ba49d7504f9c4b8fc48b5b4c8fcf7e414efcb2

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:58:37 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
3209
cf-request-id
059d3adbed00001f313b1fc200000001
last-modified
Mon, 09 Dec 2019 16:49:03 GMT
server
cloudflare
etag
"5dee7aff-c89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601949517"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5ddbc73fe85f1f31-FRA
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73d2a66966105a0f0a90572d87eef375e0079b2cc4a30df4e555ca37e8b86d9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27aab8322a08b5ca95d78ae11f23d73f69c0ef7c68d3412bb0e4eaaf61a60ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
739ba8f8c1a9a29c6a2797df4a07d7312df4675c778ee7523b1e02fb132a425d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2570fc8fbb62dff46ffc5ea787a3ebd1bcf333d8e84b4eefe1acd5f9e75656c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ae6f75806361f0aeefbac0debdfc60269bd60834fdcd2ff6655c6071740796e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/ 		368 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
37a0e81b1fbc136f79c15546064a99531ed5a52be9eb067f4f564668034c6b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 01:58:36 GMT
Content-Encoding
br
Last-Modified
Thu, 01 Oct 2020 15:14:59 GMT
Server
nginx/1.14.2
ETag
"5f632419-176c5"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
95941
Expires
Tue, 06 Oct 2020 02:58:36 GMT
element_main.js
translate.googleapis.com/element/TE_20200506_00/e/js/element/ 		238 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 15:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38511
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87186
x-xss-protection
0
last-modified
Wed, 06 May 2020 18:47:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 15:16:45 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 03:24:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
81263
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Tue, 05 Oct 2021 03:24:13 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 13:32:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
44747
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Tue, 05 Oct 2021 13:32:49 GMT
l
translate.googleapis.com/translate_a/ Frame 9069 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BbZJH6ZSwEqdmlCDI4MIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-BbZJH6ZSwEqdmlCDI4MIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
status
200
date
Tue, 06 Oct 2020 01:58:36 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/54999154/
Redirect Chain
  • https://mc.yandex.ru/watch/54999154?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_su...
  • https://mc.yandex.ru/watch/54999154/1?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_...
186 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/54999154/1?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601949516261%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201006035837%3Aet%3A1601949517%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1384115435491%3Arqn%3A1%3Arn%3A634495278%3Ahid%3A123159121%3Ads%3A10%2C15%2C229%2C214%2C1%2C0%2C0%2C344%2C0%2C%2C%2C%2C603%3Afp%3A616%3Awn%3A35506%3Ahl%3A2%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601949517%3Au%3A16019495171011008119%3At%3AFind%20republican%20voter%20guide%20for%20nc%20%7C%20Yahoo%20Answers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
01014856f82cd2612e7a0d55a4f7e529450ccc1f83967056c1038347a4ada224
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 01:58:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06-Oct-2020 01:58:37 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://dw.dwmv.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Tue, 06-Oct-2020 01:58:37 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 01:58:37 GMT
Last-Modified
Tue, 06-Oct-2020 01:58:37 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://dw.dwmv.biz
Strict-Transport-Security
max-age=31536000
Location
/watch/54999154/1?wmode=7&page-ref=http%3A%2F%2Fvndq.mymeriva.com%2F33031243217&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601949516261%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201006035837%3Aet%3A1601949517%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1384115435491%3Arqn%3A1%3Arn%3A634495278%3Ahid%3A123159121%3Ads%3A10%2C15%2C229%2C214%2C1%2C0%2C0%2C344%2C0%2C%2C%2C%2C603%3Afp%3A616%3Awn%3A35506%3Ahl%3A2%3Agdpr%3A14%3Av%3A1958%3Awv%3A2%3Arqnl%3A1%3Ast%3A1601949517%3Au%3A16019495171011008119%3At%3AFind%20republican%20voter%20guide%20for%20nc%20%7C%20Yahoo%20Answers
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 06-Oct-2020 01:58:37 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 01:58:37 GMT
Last-Modified
Mon, 06 Jul 2020 15:32:05 GMT
Server
nginx/1.14.2
ETag
"5f0343f5-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 06 Oct 2020 02:58:37 GMT
54999154
mc.yandex.ru/webvisor/ 		43 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/54999154?wmode=0&rn=970671241&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&wv-type=3&wv-hit=123159121&wv-part=1&browser-info=ti%3A8%3Aet%3A1601949517%3Aw%3A1600x1200%3Av%3A1958%3Az%3A120%3Ai%3A20201006035837%3Abt%3A1%3Ast%3A1601949520%3Au%3A16019495171011008119
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 01:58:39 GMT
Last-Modified
Tue, 06-Oct-2020 01:58:39 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://dw.dwmv.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 06-Oct-2020 01:58:39 GMT
54999154
mc.yandex.ru/webvisor/ 		43 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/54999154?wmode=0&rn=648231616&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fdw%2F4_1%2F%3Ffn%3Drepublican%2Bvoter%2Bguide%2Bfor%2Bnc%26_subid%3D30auk6vde5f7bcf4c2bd72%26_token%3Duuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058&wv-type=3&wv-hit=123159121&wv-part=1&browser-info=ti%3A8%3Aet%3A1601949518%3Aw%3A1600x1200%3Av%3A1958%3Az%3A120%3Ai%3A20201006035837%3Ast%3A1601949520%3Au%3A16019495171011008119
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/dw/4_1/?fn=republican+voter+guide+for+nc&_subid=30auk6vde5f7bcf4c2bd72&_token=uuid_30auk6vde5f7bcf4c2bd72_30auk6vde5f7bcf4c2bd725f7bcf4c368052.86949058
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 01:58:39 GMT
Last-Modified
Tue, 06-Oct-2020 01:58:39 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://dw.dwmv.biz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 06-Oct-2020 01:58:39 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| TranslateInit function| TranslateGetCode function| TranslateCookieHandler object| google function| loadData function| ym object| closure_lm_102664 object| Ya object| yaCounter54999154

5 Cookies

Domain/Path Name / Value
.dwmv.biz/ Name: _ym_d
Value: 1601949517
.dwmv.biz/ Name: __cfduid
Value: d62f3f93e11d5b3baef54ded033ef13331601949516
.dwmv.biz/ Name: _ym_uid
Value: 16019495171011008119
.dw.dwmv.biz/dw/4_1 Name: googtrans
Value: null
dw.dwmv.biz/dw/4_1 Name: googtrans
Value: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dw.dwmv.biz
dwmv.biz
mc.yandex.ru
translate.google.com
translate.googleapis.com
vndq.mymeriva.com
www.gstatic.com
2606:4700:3030::6812:24f7
2606:4700:3037::6812:25f7
2606:4700::6811:4e6b
2a00:1450:4001:801::200a
2a00:1450:4001:820::200e
2a00:1450:4001:824::2003
2a02:6b8::1:119
51.15.15.31
01014856f82cd2612e7a0d55a4f7e529450ccc1f83967056c1038347a4ada224
0ae6f75806361f0aeefbac0debdfc60269bd60834fdcd2ff6655c6071740796e
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1ff5b9e9f511c5a85a686e90d86e806c8c338d602c25ed5828fe89cb537e3c59
2570fc8fbb62dff46ffc5ea787a3ebd1bcf333d8e84b4eefe1acd5f9e75656c5
306e3ebf53e9b1281405965a9b00d20cacbc050cdc58a6a119b8c0c2182c51d2
37a0e81b1fbc136f79c15546064a99531ed5a52be9eb067f4f564668034c6b14
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59c101235ddcc891b86c4d287f3bcb477ca2642d21077f78b59686eaddce46e6
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6da04176f57106c02612e19745d22ff69de16dab08a3f7509c5547877b50b9b5
739ba8f8c1a9a29c6a2797df4a07d7312df4675c778ee7523b1e02fb132a425d
73d2a66966105a0f0a90572d87eef375e0079b2cc4a30df4e555ca37e8b86d9e
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
954c7d8c5ec160bc387bd3834c91e0e188a1e82ece693013ce7b244bb449994f
9b2e72d5dc930cd912c5ec677bbcc12a7486ce3566d9d7da78087dbe9a4f8fbe
a2d72e7961a120998959405615428e7c547b2d155bd689c87bb4812bb30403e4
a6a7977ea981fd6b362f15a440df1ba8d860aaed4d9a0eeba692a866416c6a55
b27aab8322a08b5ca95d78ae11f23d73f69c0ef7c68d3412bb0e4eaaf61a60ff
bfc9fa5768d2a68da4bb0dda7de4b97490d830cae469ce6679a2935e0713be7c
c0648ba8796353bb375ea5e03ed43dcbb5a6ff711d2dd87c9639ff6ff52f1216
c3518213f72e691ac42e6fd374ba49d7504f9c4b8fc48b5b4c8fcf7e414efcb2
d1311c37699a3fcd66650a055869de2d5371e8c03ecf32f95f07c78f00d5085c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
f266a1e3b66298420b2bc52dd957c63f34737039baee57c72fe352e9422b5628