secure.hi5.com Open in urlscan Pro
135.84.35.167  Public Scan

31 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://hi5.taggedmail.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=account_info_link_0 HTTP 302
   http://www.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=account_info_link_0 HTTP 302
   https://secure.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=account_info_link_0 HTTP 302
   https://secure.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9ucy0xLTEtMjMyLTIw&linkId=account_info_link_0 HTTP 302
   https://secure.hi5.com/phished.html Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20hi5&c7=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20hi5&c7=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&c9=

Request Chain 73

• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u HTTP 302
• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t

Request Chain 106

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 125

• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MzExMWIyMDMtZTI4ZC1iZThlLTAwMDAtMDAwMDAwMDAwMDAw&gdpr=0&gdpr_consent= HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESEJl4bKmpq4qQhKKuN_iU8L4&google_cver=1 HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESEJl4bKmpq4qQhKKuN_iU8L4&google_cver=1&mm_bnc&mm_bct&UUID=ed9b5df1-a1f4-4700-8bce-77910c9babc4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA&google_tc=

Request Chain 126

• https://dpm.demdex.net/ibs:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent=

Request Chain 127

• https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D&documentReferer=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ancestorOrigins=https%3A%2F%2Fsecure.hi5.com&random=2489818284264&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D&documentReferer=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ancestorOrigins=https%3A%2F%2Fsecure.hi5.com&random=2489818284264&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 128

• https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204 HTTP 302
• https://8019191.fls.doubleclick.net/activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204

Request Chain 144

• https://ap.lijit.com/beacon?informer=13388523&gdpr_consent= HTTP 302
• https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1

Request Chain 149

• https://ap.lijit.com/beacon?informer=13388523&gdpr_consent= HTTP 302
• https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request phished.html Show response secure.hi5.com/ Redirect Chain http://hi5.taggedmail.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-2... http://www.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&t... https://secure.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1f53gqIABBhh.1tXwBi.5wphwY&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-... https://secure.hi5.com/account_info.html?ect=lgm7k2fo&fid=32EBE35E979D2A42&al=1&current_user_id=5912205372&email_log_id=336363782561&template_name=pets_suggestions-1-1-232-20&tn=cGV0c19zdWdnZXN0aW9... https://secure.hi5.com/phished.html	18 KB 6 KB	486ms 486ms	Document text/html	135.84.35.167 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.167 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 1df143b5dce671d84066b274166f584c627f40a8f4ccb5ec440b5dbedcc3a0fa Security Headers Name Value X-Frame-Options DENY Request headers Host secure.hi5.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Cookie S=3ravkidof34mdrl2d6jukejqek; B=b=9CE1F9FB7EBD3627&remember_me=; L=yzQzBgBNMm5J.1tYqwM.5wphwY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:41 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-FRAME-OPTIONS DENY Vary Accept-Encoding Content-Encoding gzip Content-Length 5709 Keep-Alive timeout=300 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Thu, 12 Dec 2019 02:38:41 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Location https://secure.hi5.com/phished.html Content-Length 0 Keep-Alive timeout=300 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	oUORqk0u6.css secure-static.tagged.com/dyn/css/z/	13 KB 4 KB	639ms 155ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/z/oUORqk0u6.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 2899bfd42faca1e75293701c0b599f5b41fb69a7d31ce540d9a6fe92cfa17e9e Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Tue, 22 Oct 2019 20:02:05 GMT Server Apache ETag "3397-59585464429e1-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 3249 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	KQGgB5jX3.css secure-static.tagged.com/dyn/css/z/	55 KB 10 KB	669ms 165ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/z/KQGgB5jX3.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 3e0cb5ce099eafbe7721452e37342fc584c1a5c5cb5bcb48c805619ea802ec1d Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Wed, 11 Dec 2019 21:28:59 GMT Server Apache ETag "db61-59974511d53d8-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 9793 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	mElnZ1Bk6_cl.js Show response secure-static.tagged.com/dyn/js/2/	110 KB 40 KB	676ms 171ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 17f11260e32fe25cb8c572482f049be5901fb39f26fdacfeca588c8e8f5e3c25 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Mon, 20 May 2019 18:30:15 GMT Server Apache ETag "1b69f-58955ec6d4ae6-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 40802 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	hi5_logo_basic.png secure-static.tagged.com/im/headers/default/	2 KB 3 KB	681ms 165ms	Image image/png	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Show image Full URL https://secure-static.tagged.com/im/headers/default/hi5_logo_basic.png Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 0b128d6ef5ebd2d4bfdbd729109160b4e1f01d216f12dd82103ddcc88bf10c91 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Last-Modified Wed, 20 Nov 2019 22:17:41 GMT Server Apache ETag "8e6-597ce8c986e56" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 2278 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	729 B 560 B	18ms 18ms	Script text/javascript	2a00:1450:4001:825::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash f56590ff7b66d0ef4efd7f17a3884b0a4a90da850ec6e561492b7f3fc1e72967 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:41 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 462 x-xss-protection 1; mode=block expires Thu, 12 Dec 2019 02:38:41 GMT
GET H/1.1	200 OK	I6qoNGT1-_cl.js Show response secure-static.tagged.com/dyn/js/O/	5 KB 2 KB	657ms 165ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/O/I6qoNGT1-_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash b95cabafcf9ef68db4877eaa8dd3672c8d0ecb1cded2fa380f0f594f5ebafbf4 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Mon, 29 Jan 2018 22:28:36 GMT Server Apache ETag "135f-563f1c4684e14-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 1656 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	KFAMSH5qx_cl.js Show response secure-static.tagged.com/dyn/js/d/	84 KB 26 KB	171ms 171ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/d/KFAMSH5qx_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash cd482bf9d79a63d4da5934807fec7afa2cfc0a459947235d3d0d7d6fa4be5ee6 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Mon, 20 May 2019 18:34:33 GMT Server Apache ETag "151e8-58955fbcc555f-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 25790 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	OZdSMA8xJ.css secure-static.tagged.com/dyn/css/H/	3 KB 1 KB	165ms 165ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/H/OZdSMA8xJ.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash efe5376f6eba8ac2fe298720db0b8323f8eae62a798ca0809325663fbcf0084d Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Thu, 29 Dec 2016 20:05:57 GMT Server Apache ETag "ad6-544d19d0c4e67-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 904 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	DSM1P_Rp6.css secure-static.tagged.com/dyn/css/y/	3 KB 1 KB	165ms 164ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash ea55489a5a88e01c3b3c70777df6747d0b7b415717721f6ba59ed87cf487bd80 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Thu, 29 Dec 2016 20:05:56 GMT Server Apache ETag "d07-544d19d03904e-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 1098 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	gUFKDV25i_cl.js Show response secure-static.tagged.com/dyn/js/I/	287 KB 86 KB	176ms 176ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/I/gUFKDV25i_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash a03c8a417fcb40a2ae380fca81931743b3f80f73296400ac75a2da38c94235e3 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Wed, 24 Jul 2019 15:11:10 GMT Server Apache ETag "47b8c-58e6eb82032d4-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	PLigaE1VH.css secure-static.tagged.com/dyn/css/h/	54 KB 11 KB	164ms 164ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/h/PLigaE1VH.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 7eef757b4075316d57944a1e25b9d9e64725f16a61479ebd3fd75918c17c44ae Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Mon, 23 Jul 2018 23:07:36 GMT Server Apache ETag "d763-571b2b616546d-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 11168 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	fP_hAz_Th_cl.js Show response secure-static.tagged.com/dyn/js/Y/	6 KB 3 KB	154ms 154ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/Y/fP_hAz_Th_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash e85be082883035d0bd23d3b6f8677291b3ae0222692d3e6109309bc30c41074e Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Mon, 29 Jan 2018 22:20:32 GMT Server Apache ETag "19f1-563f1a78393b8-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 2499 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	Ca3vfch-L_cl.js Show response secure-static.tagged.com/dyn/js/l/	56 KB 13 KB	177ms 172ms	Script application/javascript	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/js/l/Ca3vfch-L_cl.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 5756424ef4dee510d32a7d9f941c627f26f09ae3316f19e8af6916c069cd0f0d Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Wed, 25 Sep 2019 15:02:00 GMT Server Apache ETag "df37-59361ef5b7334-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 12885 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	6T0RdeYf7.css secure-static.tagged.com/dyn/css/X/	6 KB 2 KB	168ms 167ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/X/6T0RdeYf7.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash b6e4c223be8af717e51af2d91ea34a7cf4be4335fa46bfa933f16c34202bdcc5 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Tue, 10 Jul 2018 22:00:48 GMT Server Apache ETag "16d1-570ac433d8c1f-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 1613 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	s-BYpKi-0.css secure-static.tagged.com/dyn/css/H/	2 KB 985 B	338ms 165ms	Stylesheet text/css	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure-static.tagged.com/dyn/css/H/s-BYpKi-0.css Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash e88fb85018e41011e1a49b53734c086e1859627a01d6b36afad7b3f8ae6c68b2 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Thu, 29 Dec 2016 20:05:55 GMT Server Apache ETag "6c3-544d19cf51155-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 600 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H/1.1	200 OK	quant.js Show response edge.quantserve.com/	12 KB 6 KB	33ms 8ms	Script application/x-javascript	91.228.74.165 Quantcast Corpora...
General Check archive.org Show headers Download Go to Full URL https://edge.quantserve.com/quant.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.165 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US), Reverse DNS Software QS / Resource Hash 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Content-Encoding gzip Last-Modified Thu, 12-Dec-2019 02:38:42 GMT Server QS ETag M0-e2b9884a Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Connection keep-alive Content-Length 5456 Expires Thu, 19 Dec 2019 02:38:42 GMT
GET H2	200	pubfig.min.js Show response a.pub.network/hi5-com/	412 KB 114 KB	488ms 458ms	Script application/javascript	2606:4700:20::681a:18b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/hi5-com/pubfig.min.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a45218b1cc2171c0ffe34d95ab102baefa32ebe6404543ddcef4cde2335d42f5 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding br cf-cache-status REVALIDATED status 200 x-guploader-uploadid AEnB2UplGdSGKV2mWtA_zh1LmocbouufQJ-Fm5tPtYiGXH9ciaCFAk0AGvS8-RWfupetA7Etv-yeSUI4gE2dy1sVpSznkPQBQw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Mon, 09 Dec 2019 20:21:04 GMT server cloudflare etag W/"0821a98fb55622bf3a589db2ea9a5403" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=NXpGsg==, md5=CCGpj7VWIr86WJ2y6ppUAw== content-type application/javascript x-goog-generation 1575922864282208 cache-control public, max-age=1800 x-goog-stored-content-length 422037 cf-ray 543c52dd4cea59a0-VIE expires Thu, 12 Dec 2019 02:39:43 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	56 KB 21 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:808::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K46GKQ Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 64b3b0377b7a47c215dd878d869938724cb85e7da946f54f2fe70923e70fa37e Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:42 GMT content-encoding br last-modified Thu, 12 Dec 2019 00:00:00 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 21400 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:42 GMT
GET H/1.1	200 OK	blank.html Show response secure.hi5.com/ Frame 66CC	69 B 291 B	165ms 164ms	Document text/html	135.84.35.167 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure.hi5.com/blank.html Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.167 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 587cdc48d51a7732ad2019d0d9099c3d1c50ecbc25083cb607db301422373df1 Request headers Host secure.hi5.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site same-origin Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie S=3ravkidof34mdrl2d6jukejqek; B=b=9CE1F9FB7EBD3627&remember_me=; L=yzQzBgBNMm5J.1tYqwM.5wphwY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 63 Keep-Alive timeout=300 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	929 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7bb4911d3c669ad53701bf5223261d8c01d1f435fe7245e6d791f357b070b6f Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET H/1.1	200 OK	tag_icon_sprite_v4.1.png secure-static.tagged.com/im/icons/	104 KB 104 KB	302ms 154ms	Image image/png	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Show image Full URL https://secure-static.tagged.com/im/icons/tag_icon_sprite_v4.1.png Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 1649d4b9bdc31e9d7f6f96ce093ac3c8b35545192500835c1056cc00cdc45d94 Request headers Referer https://secure-static.tagged.com/dyn/css/z/KQGgB5jX3.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Last-Modified Wed, 20 Nov 2019 22:17:44 GMT Server Apache ETag "19fbd-597ce8cc70f90" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 106429 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/	254 KB 91 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:817::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash c2cca14e4dbf2994f90b91ef01ec4d6eb6b560b429d028317d624d9b5f4bdcb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Dec 2019 08:48:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 09 Dec 2019 05:03:14 GMT server sffe age 150613 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 92878 x-xss-protection 0 expires Wed, 09 Dec 2020 08:48:29 GMT
GET H2	200	all.js Show response connect.facebook.net/nl_NL/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/nl_NL/all.js Requested by Host: secure-static.tagged.com URL: https://secure-static.tagged.com/dyn/js/d/KFAMSH5qx_cl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash a328aa3e3b070dd41d9dcb714f3af6052694f5ac56c6385e95b0046d4ea2256e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 J9o3xrs3eNUWGdSzydq74w== status 200 date Thu, 12 Dec 2019 02:38:42 GMT expires Thu, 12 Dec 2019 02:50:39 GMT alt-svc h3-24=":443"; ma=3600 content-length 1779 x-fb-debug RIBKe5VG/TBprqgUPh5as2ICmGhbdzfzYxkZAxfzzEwkHRIhjcYVTVDR7vSoNuSkJc3/f1UIkmn5MPx1o4BGIw== x-fb-trip-id 420120009 x-fb-content-md5 acf1eefd0ce710c3772197b9d7c3d0d7 etag "938a5a6a2cb7b3eae05c826754d7b449" x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	dropup_triangle.png secure-static.tagged.com/im/chrome/	1 KB 2 KB	301ms 161ms	Image image/png	135.84.35.171 IFWE INC
General Check archive.org Show headers Download Go to Show image Full URL https://secure-static.tagged.com/im/chrome/dropup_triangle.png Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.171 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 69bfe4c7727e5ae4b1d3985caad51225d832445b6988fb0998770d7c792e1009 Request headers Referer https://secure-static.tagged.com/dyn/css/y/DSM1P_Rp6.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:42 GMT Last-Modified Wed, 20 Nov 2019 22:17:37 GMT Server Apache ETag "4c1-597ce8c603784" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=300 Content-Length 1217 Expires Sat, 11 Jan 2020 02:38:42 GMT
GET H2	200	all.js Show response connect.facebook.net/nl_NL/	187 KB 56 KB	21ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/nl_NL/all.js?hash=8ef4ca64324ceb8e16674b57ca72e0eb&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/nl_NL/all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 57390edd734bf55fd170733c7b02d7404ef48e24531cb084749e9db339da1169 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 P/KNSs3k+IQrdVMfyiJQ+Q== status 200 date Thu, 12 Dec 2019 02:38:42 GMT expires Fri, 11 Dec 2020 01:30:14 GMT alt-svc h3-24=":443"; ma=3600 content-length 56913 x-fb-debug BzaCes/J0/a4aNq/tT3AFNzpYaF820ocK6xGxyNHr/VTj7Iy1keHEQbSP40c/5NSP6Rdus6iB2JYSUm5RCDE3A== x-fb-trip-id 420120009 x-fb-content-md5 87e330c34e7bbd8f3618cf2edf641f61 etag "bc5aec7dd8f92a8702ae5a290e4e33a2" x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:815::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K46GKQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 305 date Thu, 12 Dec 2019 02:33:37 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17803 expires Thu, 12 Dec 2019 04:33:37 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 111 B	13ms 13ms	Image image/gif	2a00:1450:4001:815::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1528417381&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ul=en-us&de=UTF-8&dt=Account%20Phished%20-%20hi5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=267780531&gjid=2077930077&cid=1807807780.1576118323&tid=UA-1982760-5&_gid=64530403.1576118323&_r=1&gtm=2wgc61K46GKQ&z=316731685 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xd_arbiter.php staticxx.facebook.com/connect/ Frame 8F6E	0 0	7ms 6ms	Document text/html	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://staticxx.facebook.com/connect/xd_arbiter.php?version=44 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/nl_NL/all.js?hash=8ef4ca64324ceb8e16674b57ca72e0eb&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority staticxx.facebook.com :scheme https :path /connect/xd_arbiter.php?version=44 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 content-type text/html; charset=utf-8 expires Wed, 09 Dec 2020 23:14:36 GMT strict-transport-security max-age=15552000; preload content-encoding br content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0 cache-control public,max-age=31536000,immutable x-fb-debug MkfjcRXJE+THBTvGb17X9C8KP4uTRgDpCpJdMr5uhW90ZuU1IPLYRa1L+fMTJiFLDmfa6l9oFLbjE0b4hzrOKg== content-length 12404 x-fb-trip-id 420120009 date Thu, 12 Dec 2019 02:38:42 GMT alt-svc h3-24=":443"; ma=3600
GET H2	200	status www.facebook.com/x/oauth/	0 0	45ms 45ms	Fetch text/plain	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=158845517509768&input_token&origin=1&redirect_uri=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&sdk=joey&wants_cookie_data=true Requested by Host: connect.facebook.net URL: https://connect.facebook.net/nl_NL/all.js?hash=8ef4ca64324ceb8e16674b57ca72e0eb&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/ Origin https://secure.hi5.com Response headers pragma no-cache x-fb-debug cQ+adrW8l8lW2wWu1BsQoC7hFfAl7QdPA2P6dkQTebzNtBJuWbKezsXKUaQ8YwhLjdrRbjornqVqKFtuO/p41g== fb-s unknown status 200 date Thu, 12 Dec 2019 02:38:42 GMT strict-transport-security max-age=15552000; preload content-type text/plain; charset=UTF-8 access-control-allow-origin https://secure.hi5.com access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3-24=":443"; ma=3600 content-length 0 x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	799 B 441 B	18ms 18ms	Stylesheet text/css	2a00:1450:4001:81f::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Signika Requested by Host: secure-static.tagged.com URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 1755c07b1340a87f8ad0f68fed664e8bc365ebe485ec52d1287afe438feab720 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Thu, 12 Dec 2019 02:38:43 GMT server ESF access-control-allow-origin * date Thu, 12 Dec 2019 02:38:43 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	rules-p-96ZHBHvG56-qg.js Show response rules.quantcount.com/	3 B 357 B	18ms 6ms	Script application/x-javascript	2600:9000:2057:4600:6:44e3:f8c0:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-96ZHBHvG56-qg.js Requested by Host: edge.quantserve.com URL: https://edge.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2057:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 20:39:03 GMT via 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront) last-modified Sat, 04 Mar 2017 20:15:51 GMT server AmazonS3 age 21581 etag "8a80554c91d9fca8acb82f023de02f11" x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=86400 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 3 x-amz-cf-id o2YA_A8O8kWsjvbCNfJFXll-EzT0851itK3pbmIHMMPNQnMgHBNS_Q==
GET H/1.1	200 OK	pixel;r=558888193;rf=3;uh=2b3ce8c3cdfa;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.hi5.com%2Fphished.html;fpan=1;fpa=P0-303375820-1576118323261;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=... pixel.quantserve.com/	35 B 494 B	29ms 7ms	Image image/gif	91.228.74.188 Quantcast Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=558888193;rf=3;uh=2b3ce8c3cdfa;a=p-96ZHBHvG56-qg;url=https%3A%2F%2Fsecure.hi5.com%2Fphished.html;fpan=1;fpa=P0-303375820-1576118323261;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1576118323261;tzo=-60;ogl= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.188 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US), Reverse DNS Software QS / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Server QS P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" Cache-Control private, no-cache, no-store, proxy-revalidate Connection keep-alive Content-Type image/gif Content-Length 35 Expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	7ms 6ms	Script application/x-javascript	2.16.31.65 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 901 Expires Fri, 13 Dec 2019 02:38:43 GMT
GET H/1.1	200 OK	cookie Show response d.pub.network/	36 B 517 B	453ms 111ms	XHR text/plain	35.188.71.214 Google LLC
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/cookie Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 214.71.188.35.bc.googleusercontent.com Software / Resource Hash 622b36657fac9c459c349d038694747a10447dae05d0981bfeeb42fbc89a2c0e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers Access-Control-Allow-Origin https://secure.hi5.com Date Thu, 12 Dec 2019 02:38:43 GMT Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 36 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type text/plain;charset=utf-8
GET H/1.1	200 OK	gallery.js Show response freestar-io.videoplayerhub.com/	65 KB 19 KB	28ms 7ms	Script application/javascript	13.35.253.108 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://freestar-io.videoplayerhub.com/gallery.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.108 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-108.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash f053035cb202d63277dc203d2e9ea1f3ec66d16f059172df5e540e1b8b1db0bc Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id 24IBuJegGjfhadHeTeJaUcVMmOPP6f8L Content-Encoding gzip Last-Modified Wed, 11 Dec 2019 19:49:43 GMT Server AmazonS3 X-Amz-Cf-Pop FRA6-C1 Date Thu, 12 Dec 2019 02:38:43 GMT Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront) Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id -E_Z2tWl5_rDgiYlfnPK-JRTSc7aVGbPFKOafGgNAZURd_VWnAmjOg==
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	51 KB 16 KB	52ms 39ms	Script text/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash bb04c107e7e5b02ea9721da2c50e5e5df6edaa72696c0726e614eb35f382464d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "364 / 393 of 1000 / last-modified: 1576101433" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15890 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	prebid-analytics-2.36.0.js Show response a.pub.network/core/	388 KB 115 KB	219ms 219ms	Script text/html	2606:4700:20::681a:18b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/prebid-analytics-2.36.0.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash bfe72f70491e02683bec82fe7cda296a7a06320675a7a5817d15860ea759e543 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding br cf-cache-status BYPASS status 200 x-guploader-uploadid AEnB2UqTKBaYjGDwcfnXOPWG07WOdpvuSsCKGNj2XOSJh5EwjagwjeK4IS5B9SBRGFasvcetXgk9D97W2l-35w-ovwYi2QElUQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Wed, 16 Oct 2019 23:02:18 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-goog-hash crc32c=nnhqqQ==, md5=PeE1fdvsEm8sSgUXo6/lZA== content-type text/html x-goog-generation 1571266938838346 cache-control private x-goog-stored-content-length 396951 cf-ray 543c52e0cd5b59a0-VIE expires Fri, 11 Dec 2020 02:38:43 GMT
GET H/1.1	200 OK	location Show response d.pub.network/	25 B 334 B	449ms 111ms	XHR application/json	35.188.71.214 Google LLC
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/location Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 214.71.188.35.bc.googleusercontent.com Software / Resource Hash 98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2 Request headers Accept application/json, text/plain, */* Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin https://secure.hi5.com Date Thu, 12 Dec 2019 02:38:43 GMT Access-Control-Allow-Credentials true Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Transfer-Encoding chunked Content-Type application/json
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phish... https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phis...	0 248 B	7ms 6ms	Image text/plain	2.16.31.65 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20hi5&c7=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&c9= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=7198000&c3=&c4=secure.hi5.com%2Fphished.html&c5=&c6=&c15=c5758939f52f0b761419d7ea213ed59afc9f77d4&ns__t=1576118323324&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20hi5&c7=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&c9= Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	/ Show response secure.hi5.com/api/	250 B 552 B	167ms 166ms	XHR application/json	135.84.35.167 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure.hi5.com/api/?application_id=user&format=JSON Requested by Host: secure-static.tagged.com URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.167 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 7825bc4223566a9f8c3a354abbf61bf6c07fc24cb5e26ef7f42d461e1b04aba6 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/json; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=300 Content-Length 206 Expires Thu, 19 Nov 1981 08:52:00 GMT
POST H/1.1	200 OK	/ Show response secure.hi5.com/api/	2 KB 918 B	340ms 173ms	XHR application/json	135.84.35.167 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure.hi5.com/api/?application_id=user&format=JSON Requested by Host: secure-static.tagged.com URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.167 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash cdcbe5425e3ffd78fe9550ef5eeef530fd8660fe441d4637af3e3d99d581786a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/json; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=300 Content-Length 572 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 7BB0	0 0	41ms 41ms	Document text/html	2a00:1450:4001:825::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUuaGk1LmNvbTo0NDM.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=normal&cb=pegzjfriqdod Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mu6iOTtptuziC0DbMWG71Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&co=aHR0cHM6Ly9zZWN1cmUuaGk1LmNvbTo0NDM.&hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=normal&cb=pegzjfriqdod pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 12 Dec 2019 02:38:43 GMT content-security-policy script-src 'report-sample' 'nonce-mu6iOTtptuziC0DbMWG71Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 8626 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	15ms 14ms	Script application/javascript	2a00:1450:4001:814::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=secure.hi5.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	14ms 14ms	Script application/javascript	2a00:1450:4001:814::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=secure.hi5.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2019121002.js Show response securepubads.g.doubleclick.net/gpt/	163 KB 60 KB	43ms 43ms	Script text/javascript	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash 216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 10 Dec 2019 17:29:18 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60922 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	87 KB 25 KB	19ms 6ms	Script application/javascript	99.86.0.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-99-86-0-120.fra6.r.cloudfront.net Software Server / Resource Hash 0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 16:30:17 GMT content-encoding gzip server Server age 36505 etag 6bed68e25cc35021d570267b56047ef8 x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=86400 x-amz-cf-pop FRA6-C1 accept-ranges bytes x-amz-cf-id sawJITFXfJnXZ9fp6uhyiWDO3YoMO_HZe9Ea1EzfX41OPmN3Cx0JPw== via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
GET H/1.1	200 OK	v2 Show response d.pub.network/floors/	2 KB 3 KB	474ms 202ms	XHR application/json	35.188.71.214 Google LLC
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/floors/v2?key=675desktop Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 214.71.188.35.bc.googleusercontent.com Software / Resource Hash 6747338d8f743349fd51ea9c17eb1f21ae1c0f4710c5a16b097180d8603023e8 Request headers Accept application/json, text/plain, */* Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin https://secure.hi5.com Date Thu, 12 Dec 2019 02:38:43 GMT Access-Control-Allow-Credentials true Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Transfer-Encoding chunked Content-Type application/json
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame 4B5D	0 0	30ms 30ms	Document text/html	2a00:1450:4001:825::2004 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=tyjrg64vafl Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/mhgGrlTs_PbFQOW4ejlxlxZn/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-28/pygB9HLVQf6C0Qlcs7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=mhgGrlTs_PbFQOW4ejlxlxZn&k=6LeRyAcTAAAAAG6QBlS1jhBJg0pcQtzIEdLAXXz3&cb=tyjrg64vafl pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 12 Dec 2019 02:38:43 GMT content-security-policy script-src 'report-sample' 'nonce-28/pygB9HLVQf6C0Qlcs7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1114 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	17ms 6ms	XHR application/javascript	99.86.0.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-99-86-0-120.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers date Wed, 11 Dec 2019 06:37:33 GMT content-encoding gzip vary Origin age 72071 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Fri, 01 Nov 2019 13:46:13 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA6-C1 x-amz-cf-id Czlf8886m_EWFpHqLmfv8YYIn_M4lyuCKenHsXt_gxQu_SX_9QJm_g==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	99 B 487 B	81ms 81ms	XHR text/javascript	99.86.0.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&pid=67hgIcuDaCKB5&cb=0&ws=1600x1200&v=7.45.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fhi5_Sticky_728x90%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-99-86-0-120.fra6.r.cloudfront.net Software Server / Resource Hash 2010678b589818b8347daf9ce515f75bc763def8c43e2c446be9ba66f50f5500 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip server Server x-amz-cf-pop FRA6-C1 status 200 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://secure.hi5.com access-control-allow-credentials true timing-allow-origin * content-length 113 via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) x-amz-cf-id Bj28lU6AJ2Eo_heuFz-y_3G-SPdojgRSIVclY5P430FoPnndOlaPEw==
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	141 B 1 KB	50ms 21ms	XHR application/json	185.33.223.80 AppNexus
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 418caf85e7d12921cb7b68841a45a6baf6c72560cc1cbf7101b672d4919973de Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:45 GMT X-Proxy-Origin 144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80 AN-X-Request-Uuid 1a110524-b59e-48ca-90d1-91d8e4459777 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 141 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 144 B	48ms 15ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=21&wv=2.36.0&cb=56936147146 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 12 Dec 2019 02:38:43 GMT access-control-allow-credentials true server Finatra access-control-allow-origin https://secure.hi5.com timing-allow-origin * vary Origin
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	24 B 903 B	72ms 60ms	XHR application/json	2.18.234.21 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=393532&v=7.2&r=%7B%22id%22%3A%229e4e2d29ae6586%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210f92620583bd96%22%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22id%22%3A%221188ae7f2ad5066%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2212172ba2cd478ab%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecure.hi5.com%2Fphished.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 603d7b15fd032b90420ae3bb56395357624c0cc83826998912c975e6f61d95e3 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 44 Expires Thu, 12 Dec 2019 02:38:43 GMT
POST H/1.1	200 OK	qchb Show response qcx.quantserve.com/	66 B 344 B	38ms 6ms	XHR application/json	91.228.72.10 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://qcx.quantserve.com:8443/qchb Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 91.228.72.10 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash 879e3658322daeb351409a034771917d548cadacd022c5ae8c6a187dd5a0f3e2 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache content-encoding gzip content-type application/json access-control-allow-origin https://secure.hi5.com cache-control no-cache access-control-allow-credentials true connection keep-alive content-length 89
POST H/1.1	200 OK	qchb Show response qcx.quantserve.com/	66 B 344 B	38ms 7ms	XHR application/json	91.228.72.10 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://qcx.quantserve.com:8443/qchb Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 91.228.72.10 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash 225983f404d4626d951ca953d65e650e8cd46c3cdc1378515f46562e1f36e0d6 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache content-encoding gzip content-type application/json access-control-allow-origin https://secure.hi5.com cache-control no-cache access-control-allow-credentials true connection keep-alive content-length 89
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	144 B 1 KB	45ms 19ms	XHR application/json	185.33.223.80 AppNexus
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash a606acd590a2a2925acf2c536161969b3b538b01492e586348948231182e7ea4 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:45 GMT X-Proxy-Origin 144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80 AN-X-Request-Uuid 649bc0e4-d31f-4e89-80df-95befb837512 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 144 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	imp Show response g2.gumgum.com/hbid/	123 B 661 B	96ms 37ms	XHR application/json	52.214.34.242 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-214-34-242.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 3037077b3cb18e902856f86107f67eb5253defd3e787447553afe82603102345 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://secure.hi5.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
GET H2	200	imp Show response g2.gumgum.com/hbid/	123 B 660 B	97ms 39ms	XHR application/json	52.214.34.242 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-214-34-242.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e9d8d0804265b4ea8135163fcd80190924a41491ccc3c678c4a46e75e910234b Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://secure.hi5.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
GET H2	200	imp Show response g2.gumgum.com/hbid/	123 B 662 B	101ms 43ms	XHR application/json	52.214.34.242 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?t=ikg7mqd8&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-214-34-242.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash d12801b439d34bac63b48513ad6512f93f9bf43f29bcfc0aeac158f9c2c7bab9 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://secure.hi5.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 115 B	90ms 64ms	XHR text/plain	185.64.189.112 PubMatic
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 12 Dec 2019 02:38:43 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-origin https://secure.hi5.com
POST H/1.1	200 OK	bid Show response ap.lijit.com/rtb/	46 B 559 B	70ms 41ms	XHR application/json	216.52.2.30 Internap Corporation
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.36.0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US), Reverse DNS Software nginx / Resource Hash 5883b9df2a8e423a647487c87d4ea84ce8732e25469e9cbfbc4d60bec913c339 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://secure.hi5.com Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 64
OPTIONS H2	204	v1 Show response dmx.districtm.io/b/	0 451 B	32ms 19ms	XHR text/plain	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Access-Control-Request-Method POST Origin https://secure.hi5.com Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers date Thu, 12 Dec 2019 02:38:43 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-origin https://secure.hi5.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST status 204 access-control-max-age 14400 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 543c52e2d888c2c7-FRA access-control-allow-headers origin, content-type
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	256 B 2 KB	85ms 60ms	XHR application/json	69.173.144.141 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1353760&size_id=2&alt_size_ids=55&gdpr=0&rf=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&tk_flint=pbjs_lite_v2.36.0&x_source.tid=280259de-a9a9-4160-9fc9-cc03cb5fdd02&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5311564749702609 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash 14f6d0b1ecdfbe988219263d07f1e722300e77af7df68d9d19a176d1c4b8e3cd Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection Keep-Alive Content-Type application/json Keep-Alive timeout=5, max=385 Content-Length 256 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	arj Show response freestar-d.openx.net/w/1.0/	173 B 543 B	52ms 23ms	XHR application/json	34.95.120.147 Google LLC
General Check archive.org Show headers Download Go to Full URL https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=280259de-a9a9-4160-9fc9-cc03cb5fdd02&nocache=1576118323642&gdpr_consent=&gdpr=0&pubcid=e0733bc7-b4df-4955-b5e7-5f00602454d2&aus=1x1%2C728x90%2C970x90&divIds=hi5_Sticky_728x90&auid=539181725& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.170.0 / Resource Hash 7cbe75a522a0259cc1fac4102240c6a3a52264b9815fc250833340abaa36e877 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT via 1.1 google server OXGW/16.170.0 status 200 vary Accept p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://secure.hi5.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 173 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/	12 KB 6 KB	35ms 7ms	Script application/x-javascript	91.228.74.232 Quantcast Corpora...
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.232 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US), Reverse DNS Software QS / Resource Hash 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Last-Modified Thu, 12-Dec-2019 02:38:43 GMT Server QS ETag M0-e2b9884a Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Connection keep-alive Content-Length 5456 Expires Thu, 19 Dec 2019 02:38:43 GMT
GET H2	200	bxl.js Show response hbx.media.net/	16 KB 7 KB	32ms 8ms	Script text/javascript	2.18.235.93 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.hi5.com&version=&https=1 Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 328a89a0c3fa752bb7e22905a60635ebf2d366042ee47d69438ba2092c100dfd Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control max-age=86400 content-length 6649 x-mnet-hl2 E expires Fri, 13 Dec 2019 02:38:43 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	99 B 489 B	81ms 81ms	XHR text/javascript	99.86.0.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&pid=x0NxQwnU4rB2J&cb=1&ws=1600x1200&v=7.45.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fhi5_970x90_728x90_320x100_300x250_320x50_top%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-99-86-0-120.fra6.r.cloudfront.net Software Server / Resource Hash 16e2fcb13280a0725db0a3accef13282403ed3d485128f286d8df13f4eae6c1a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip server Server x-amz-cf-pop FRA6-C1 status 200 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://secure.hi5.com access-control-allow-credentials true timing-allow-origin * content-length 113 via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) x-amz-cf-id aXDJ6IgPklYTKv9e4Ppn87F0XdmD38UopbVVvgwuFQjX8aMKIiUKPg==
GET H/1.1	200 OK	null Show response d.pub.network/rfm/cookie/	3 B 311 B	400ms 114ms	XHR application/json	35.188.71.214 Google LLC
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/rfm/cookie/null Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 214.71.188.35.bc.googleusercontent.com Software / Resource Hash 8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede Request headers Accept application/json, text/plain, */* Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin https://secure.hi5.com Date Thu, 12 Dec 2019 02:38:43 GMT Access-Control-Allow-Credentials true Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Transfer-Encoding chunked Content-Type application/json
GET H/1.1	200 OK	classification Show response d.pub.network/	3 B 311 B	414ms 111ms	XHR application/json	35.188.71.214 Google LLC
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/classification?siteId=675&pageUrl=https://secure.hi5.com/phished.html Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 214.71.188.35.bc.googleusercontent.com Software / Resource Hash 8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede Request headers Accept application/json, text/plain, */* Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin https://secure.hi5.com Date Thu, 12 Dec 2019 02:38:44 GMT Access-Control-Allow-Credentials true Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Transfer-Encoding chunked Content-Type application/json
GET H/1.1	204 No Content	b sb.scorecardresearch.com/	0 248 B	7ms 7ms	Image text/plain	2.16.31.65 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1576118323659&ns_c=UTF-8&cv=3.1&c8=Account%20Phished%20-%20hi5&c7=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&c9= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	beacon.js Show response ad-delivery.net/	1 KB 990 B	20ms 6ms	Script application/x-javascript	13.35.253.87 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ad-delivery.net/beacon.js Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-87.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip last-modified Tue, 31 Jan 2017 15:06:54 GMT server AmazonS3 age 3460 date Thu, 12 Dec 2019 01:41:26 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA6-C1 x-amz-cf-id UjYmNX23Y8aX-spuNq9zRJc1iI1datBlT2FDonUtP5dcgEaQIOYHMA== via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
POST H2	204	v1 Show response dmx.districtm.io/b/	0 429 B	25ms 13ms	XHR text/plain	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers date Thu, 12 Dec 2019 02:38:43 GMT cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST access-control-allow-origin https://secure.hi5.com access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 543c52e30e49c303-FRA access-control-allow-headers origin, content-type
GET H2	200	checksync.php hbx.media.net/ Frame 1A61	0 0	12ms 11ms	Document text/html	2.18.235.93 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C10000&https=1&gdpr=1&gdprconsent=2 Requested by Host: hbx.media.net URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=secure.hi5.com&version=&https=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers :method GET :authority hbx.media.net :scheme https :path /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C186%2C201%2C10000&https=1&gdpr=1&gdprconsent=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br cookie gdpr_status=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 server Apache content-type text/html; charset=UTF-8 set-cookie gdpr_status=1; Expires=Sun, 14 Jun 2020 02:38:43 GMT; domain=.media.net; Path=/; visitor-id=2191199232777459000V10; Expires=Fri, 11 Dec 2020 02:38:43 GMT; domain=.media.net; Path=/; x-mnet-hl2 E p3p CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA vary Accept-Encoding content-encoding gzip cache-control max-age=28341 expires Thu, 12 Dec 2019 10:31:04 GMT date Thu, 12 Dec 2019 02:38:43 GMT content-length 6757
GET H/1.1	200 OK	Cookie set iu3 aax-eu.amazon-adsystem.com/s/ Frame E0BE Redirect Chain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t	0 0	196ms 195ms	Document text/html	52.94.216.48 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Server / Resource Hash Request headers Host aax-eu.amazon-adsystem.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie ad-id=AzhwqoN8akzKs1i2jRDEayo|t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server Server Date Thu, 12 Dec 2019 02:38:44 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 182 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Set-Cookie ad-id=AzhwqoN8akzKs1i2jRDEayo; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 02:38:43 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 02:38:44 GMT; Path=/; HttpOnly Vary Accept-Encoding,User-Agent Content-Encoding gzip Redirect headers Server Server Date Thu, 12 Dec 2019 02:38:43 GMT Content-Length 0 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=r1u&dcc=t Set-Cookie ad-id=AzhwqoN8akzKs1i2jRDEayo|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 02:38:43 GMT; Path=/; HttpOnly Vary User-Agent
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	262 B 1 KB	57ms 56ms	XHR application/json	69.173.144.141 The Rubicon Project
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1353760&size_id=2&alt_size_ids=1%2C55&gdpr=0&rf=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&tk_flint=pbjs_lite_v2.36.0&x_source.tid=6e71f17a-8e69-46eb-8d68-2773d94132c7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6363961252160899 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software RAS 2.4 / Resource Hash 0e001fdabc56acf7a4694e115c7320589f8a3253965b208d8b242502fcf1ec0c Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection Keep-Alive Content-Type application/json Keep-Alive timeout=5, max=488 Content-Length 262 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	imp Show response g2.gumgum.com/hbid/	123 B 405 B	39ms 38ms	XHR application/json	52.214.34.242 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-214-34-242.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash a541a47bcbfa8373d5854fc4fe5f5ed75b4e31d8cd29f0cddf5ab7f53e792862 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://secure.hi5.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
GET H2	200	imp Show response g2.gumgum.com/hbid/	123 B 402 B	37ms 36ms	XHR application/json	52.214.34.242 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=9626& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-214-34-242.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 37d6b9d4d7f22d0d506e6c1174e7958d61e2c9f0c42c64ba54901eb7ff0190c4 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://secure.hi5.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	1 KB 2 KB	62ms 61ms	XHR application/json	2.18.234.21 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=393532&v=7.2&r=%7B%22id%22%3A%224282396df2fd7b9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224389ca0f03bae61%22%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22id%22%3A%22445d39e2ad950b%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%224510c510302f2ea%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393532%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsecure.hi5.com%2Fphished.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 3c0ff429dd877fd0f170fce361bbab54af6768b9e34a342400d858abc7d156e7 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 997 Expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	arj Show response freestar-d.openx.net/w/1.0/	173 B 357 B	24ms 24ms	XHR application/json	34.95.120.147 Google LLC
General Check archive.org Show headers Download Go to Full URL https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=6e71f17a-8e69-46eb-8d68-2773d94132c7&nocache=1576118323736&gdpr_consent=&gdpr=0&pubcid=e0733bc7-b4df-4955-b5e7-5f00602454d2&aus=468x60%2C728x90%2C970x90&divIds=hi5_970x90_728x90_320x100_300x250_320x50_top&auid=539181725& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.170.0 / Resource Hash f9b539018b01e2d6474fed233a77e14c15c707f4bc669571b047ad1fcca22d77 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT via 1.1 google server OXGW/16.170.0 status 200 vary Accept p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://secure.hi5.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 173 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	144 B 1 KB	24ms 24ms	XHR application/json	185.33.223.80 AppNexus
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 1bdd1883f3fe25fa80fa853a59713c193dbe4018f0ca2909e857c2e04e054ee6 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:45 GMT X-Proxy-Origin 144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80 AN-X-Request-Uuid bd11359b-6ced-43ae-8d38-5cae2b51e4cd Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 144 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	translator Show response hbopenbid.pubmatic.com/	12 KB 12 KB	66ms 66ms	XHR application/json	185.64.189.112 PubMatic
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US), Reverse DNS Software / Resource Hash d6a4fb75f154af71c60a114e61100f89f7ab2601dea62dd5abe697aa70ea3c6e Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers status 200 access-control-allow-origin https://secure.hi5.com cache-control no-cache, no-store, must-revalidate x-openrtb-version 2.3 access-control-allow-credentials true date Thu, 12 Dec 2019 02:38:43 GMT content-type application/json
POST H2	204	cdb Show response bidder.criteo.com/	0 144 B	15ms 15ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=21&wv=2.36.0&cb=9093799395 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers status 204 date Thu, 12 Dec 2019 02:38:42 GMT access-control-allow-credentials true server Finatra access-control-allow-origin https://secure.hi5.com timing-allow-origin * vary Origin
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	19ms 19ms	XHR application/json	185.33.223.80 AppNexus
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash fa46d471ca24f7bb787e051ecab3089bdf843d0c0b4f219da27725f4ed38a60c Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:45 GMT X-Proxy-Origin 144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80 AN-X-Request-Uuid 65e62f68-4591-4b29-b6ae-8eadc0bbef28 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://secure.hi5.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	bid Show response ap.lijit.com/rtb/	47 B 560 B	74ms 47ms	XHR application/json	216.52.2.30 Internap Corporation
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.36.0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US), Reverse DNS Software nginx / Resource Hash 3d16e6d750bb5a7ca3c4caef6af118c8e473309f435b84d5117db41e6e282cc2 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Date Thu, 12 Dec 2019 02:38:43 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://secure.hi5.com Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 65
OPTIONS H2	204	v1 Show response dmx.districtm.io/b/	0 40 B	20ms 20ms	XHR text/plain	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Access-Control-Request-Method POST Origin https://secure.hi5.com Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers date Thu, 12 Dec 2019 02:38:43 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-origin https://secure.hi5.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST status 204 access-control-max-age 14400 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 543c52e3696ac2c7-FRA access-control-allow-headers origin, content-type
POST H/1.1	200 OK	qchb Show response qcx.quantserve.com/	66 B 344 B	6ms 6ms	XHR application/json	91.228.72.10 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://qcx.quantserve.com:8443/qchb Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 91.228.72.10 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash d8230cfa7e4df3abef9655b53207b879115596d340753811ce633636ff240bee Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache content-encoding gzip content-type application/json access-control-allow-origin https://secure.hi5.com cache-control no-cache access-control-allow-credentials true connection keep-alive content-length 89
POST H/1.1	200 OK	qchb Show response qcx.quantserve.com/	66 B 344 B	7ms 6ms	XHR application/json	91.228.72.10 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://qcx.quantserve.com:8443/qchb Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 91.228.72.10 , United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash 376b7578c8b1a663fcd51c1a20079db4500f82139866729729ee8fe6ac1ed15a Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache content-encoding gzip content-type application/json access-control-allow-origin https://secure.hi5.com cache-control no-cache access-control-allow-credentials true connection keep-alive content-length 89
GET H/1.1	204 No Content	v1 Show response btlr.sharethrough.com/WYu2BXv1/	0 158 B	36ms 12ms	XHR text/plain	3.124.23.215 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wVJpZJEpwGVQ1fG7wrAWU4sW&bidId=66ecea56618f213&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0& Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.23.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-124-23-215.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://secure.hi5.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	37 KB 9 KB	183ms 182ms	XHR text/plain	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1330704296187972&correlator=1459323092145007&output=ldjh&impl=fifs&adsid=NT&eid=21065312%2C21065203&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191212&iu_parts=15184186%2Chi5_Sticky_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1576118323&dt=1576118323747&dlt=1576118321719&idt=1748&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1199&adks=2891844225&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&dssz=46&icsg=35184383098880&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1807807780.1576118323&ga_sid=1576118324&ga_hid=1528417381&fws=512&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 31bd5d9e4522b22b99ecd50e03b4b5006b13a5f9d61343e20738d55c99db52bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9158 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://secure.hi5.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2019121002.js Show response securepubads.g.doubleclick.net/gpt/	64 KB 24 KB	42ms 41ms	Script text/javascript	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash 4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 10 Dec 2019 17:29:18 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24811 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	19ms 6ms	Other text/html	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
POST H2	204	v1 Show response dmx.districtm.io/b/	0 38 B	14ms 14ms	XHR text/plain	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers date Thu, 12 Dec 2019 02:38:43 GMT cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, Accept-Encoding access-control-allow-methods OPTIONS, POST access-control-allow-origin https://secure.hi5.com access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 543c52e38eedc303-FRA access-control-allow-headers origin, content-type
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	4 KB 3 KB	244ms 244ms	XHR text/plain	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1330704296187972&correlator=1459323092145007&output=ldjh&impl=fifs&adsid=NT&eid=21065312%2C21065203&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191212&iu_parts=15184186%2Chi5_970x90_728x90_320x100_300x250_320x50_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%26path%3D%252Fphished.html%26domain%3Dhi5.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Dix_468x60%26hb_format%3Dbanner%26hb_size%3D468x60%26hb_pb%3D0.13%26hb_adid%3D68c02b27fccb4c9%26hb_bidder%3Dix&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1576118323&dt=1576118323820&dlt=1576118321719&idt=1748&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=52&adks=812470297&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&dssz=47&icsg=35184383098880&std=3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x70&msz=1600x60&ga_vid=1807807780.1576118323&ga_sid=1576118324&ga_hid=1528417381&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 06ee9fe8141d5c2290504b03eb70daa3366f90717c5c45bbe4556e68e33c26be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com Response headers date Thu, 12 Dec 2019 02:38:44 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2384 x-xss-protection 0 google-lineitem-id 4721360308 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138237496034 content-type text/plain; charset=UTF-8 access-control-allow-origin https://secure.hi5.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 667 B	32ms 14ms	Image image/gif	2a00:1450:4001:818::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1330704296187972&r=1x1%7C728x90%7C970x90&w=728&h=90 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:43 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/011911070201440/	20 KB 7 KB	43ms 18ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 26837 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 7132 x-xss-protection 0 server sffe date Wed, 11 Dec 2019 19:11:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "796f98bb73f13f89" accept-ranges bytes timing-allow-origin * expires Thu, 10 Dec 2020 19:11:27 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/011911070201440/ Frame 44EC	200 KB 55 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 32097 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 55611 x-xss-protection 0 server sffe date Wed, 11 Dec 2019 17:43:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d3c4309c2c9fce1d" accept-ranges bytes timing-allow-origin * expires Thu, 10 Dec 2020 17:43:47 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/011911070201440/v0/ Frame 44EC	15 KB 6 KB	39ms 18ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 50050 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5592 x-xss-protection 0 server sffe date Wed, 11 Dec 2019 12:44:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "9ac5c138bfec1b90" accept-ranges bytes timing-allow-origin * expires Thu, 10 Dec 2020 12:44:34 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/011911070201440/v0/ Frame 44EC	151 KB 41 KB	36ms 16ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 32079 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 41358 x-xss-protection 0 server sffe date Wed, 11 Dec 2019 17:44:05 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ed96f4a845755c74" accept-ranges bytes timing-allow-origin * expires Thu, 10 Dec 2020 17:44:05 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/011911070201440/v0/ Frame 44EC	3 KB 1 KB	35ms 15ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 117684 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1402 x-xss-protection 0 server sffe date Tue, 10 Dec 2019 17:57:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "49ed1549bef9ee2d" accept-ranges bytes timing-allow-origin * expires Wed, 09 Dec 2020 17:57:20 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/011911070201440/v0/ Frame 44EC	44 KB 14 KB	32ms 13ms	Script text/javascript	2a00:1450:4001:824::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding br x-content-type-options nosniff age 50071 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14180 x-xss-protection 0 server sffe date Wed, 11 Dec 2019 12:44:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "15a9b640489a7720" accept-ranges bytes timing-allow-origin * expires Thu, 10 Dec 2020 12:44:13 GMT
GET DATA	200 OK	truncated / Frame 44EC	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d819330523b32abacb77429aac7765ca9d5d138dcd9cff27bcd4dc9e5f5a0a68 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	16148871544098052819 tpc.googlesyndication.com/simgad/ Frame 44EC	6 KB 7 KB	7ms 5ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16148871544098052819?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql4fc5mSxFGxCB32erLtqswTvQQqw Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d7bd02558e8ae08f870eaefd3b77ae37a8a1ec5e25c37f1814603e313f2ebc5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 20 Nov 2019 23:28:09 GMT x-content-type-options nosniff last-modified Fri, 01 Feb 2019 15:06:19 GMT server sffe age 1825834 content-type image/png status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 6555 x-xss-protection 0 expires Thu, 19 Nov 2020 23:28:09 GMT
GET H2	200	nl.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 44EC	1 KB 1 KB	8ms 6ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/nl.png Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 9dec75c59d0eb10579f7b74b239fb5221d95644e06918578edaf6437c7929f9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 23:52:23 GMT x-content-type-options nosniff content-type image/png server cafe age 9980 etag 6078843621408983719 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1241 x-xss-protection 0 expires Thu, 12 Dec 2019 23:52:23 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 44EC	295 B 514 B	7ms 5ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 21:53:21 GMT x-content-type-options nosniff content-type image/png server cafe age 17122 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Dec 2019 21:53:21 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 44EC	0 0	17ms 16ms	Image text/html	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CsI_yM6jxXb6CMNav3gOSkYLgBMf4q9FarZSp9MwKvr-b-rkYEAEg2tfFOWCVAqAB2puDlAPIAQLgAgCoAwHIAwiqBNYBT9CzJKWjIqTwKElv34bg5Yixl8vf-xjjMQciwzSh4mMTqiM-OOY2dRgZC-nqlkwDQu9a87LHGU18cabaGQz7rOYmArpZoV1YGu6gjBr5_VhuEvxn9iOB4Ny6vz8yzE5AsJv8H-IWmZ8SYNq-poar2v_9ZK2dKUXXiYedTMm9Lqv-mUhDg8LVDNyUWJ_m3cekNrFWufZN3NMIMFNP9iUwwX9XMB6ufczPi-HAT6wRaYHGLIf0Yv8AsSsx6VmpzDi9jm23vnxcbBTO8pbvg9coJvmjJuzJysAE-9uD4tYC4AQBkgUECAQYAZIFBAgFGASgBgKAB47k_GuoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPvXCNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzEyMTE5NzQwNDI5MTYzNIAKA8gLAdgTDA&sigh=D_C1Zel7OoI&tpd=AGWhJmuNldvnjsGKkp1jbvMmpaYQc9mnADK4CJAB0pu9j2ghLQ Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 44EC Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	15ms 14ms	Image text/html	2a00:1450:4001:808::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers date Thu, 12 Dec 2019 02:38:44 GMT x-content-type-options nosniff server safe location https://googleads.g.doubleclick.net/pagead/drt/si content-type text/html; charset=UTF-8 status 302 cache-control private alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	121 KB 26 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: a.pub.network URL: https://a.pub.network/hi5-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 content-length 26702 x-xss-protection 0 pragma public x-fb-debug 4OFeWR+sWqZ+UfTWlpSlfshuVsXUvY+Hbgk4cyWzm6s4Dg4wkduxJUDgT0XOs4KN8n9u76P0AVdFPLdYn/3Liw== x-fb-trip-id 420120009 date Thu, 12 Dec 2019 02:38:44 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 9795	0 0	16ms 15ms	Fetch image/gif	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvycou7dQwDpe95VBcokMPsK2X2_QP10L6eDI0hrWN90maLPm1Lk7l-Grt9VIL4KtGTuiQdhV_-YBYZnl63VgKwS3aZ0fVh3XnbgB_sBR25jEgnRHJhiSxvlEtruI0RDY7FGFE7kiOffJ8K47niMToaRLDPmFB5QQwEm9HJEku4b-O_VyWMw1YZc6NVXdbwN89XWXfQ7sqOewl4q85xl0IDiWApOB7zP-7MbJbUyulK5vDFp9KHKc1PqfZCaMKrEwtfZ8lt2qU21zNT3RUudVxbKiQm6nuXmVwMcSERj4KCPw_0yBMxfGU&sai=AMfl-YSTfJNI9NDYig4pMOJKOr0IrmNWEA508q0EXQ2XR7wvTnnlHWdjFHMOJ36-fZ0cVv0xAiQnlfUkBOcW6M5vjd4w0K1in8keQ_WkOc_zzw&sig=Cg0ArKJSzBIIiWy5iLB7EAE&urlfix=1&adurl= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Thu, 12 Dec 2019 02:38:44 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:44 GMT
GET H/1.1	200 OK	Cookie set ifnotify a3226.casalemedia.com/ Frame A0F9	0 0	185ms 12ms	Document text/html	185.80.38.195 Index Exchange Inc.
General Check archive.org Show headers Download Go to Full URL https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1323447&r=30FBD073&t=5DF1A833&u=WGZHb003bFFKc01BQUJoOUlKY0FBQUFF&m=0dee24b1ff0214d3e820549ae39276aa&wp=11&aid=8B033CC64D1C481D&tid=15063&s=6013C&cp=0.17&n=secure.hi5.com&pr=xx&epr=4282396df2fd7b9 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA), Reverse DNS Software Apache / Resource Hash Request headers Host a3226.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie CMID=XfGoM7lQJsMAABh9IJcAAAAE; CMPS=3226; CMST=XfGoM13xqDMB; CMDD=AAXkogE*; CMPRO=1190 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server Apache Pragma no-cache Cache-Control no-cache Expires 0 Set-Cookie CMST=XfGoM13xqDQB;domain=casalemedia.com;path=/;expires=Fri, 13 Dec 2019 02:38:44 GMT CMDD=AAXkogE*;domain=casalemedia.com;path=/;expires=Fri, 13 Dec 2019 02:38:44 GMT CMRUM3=275df1a8340b40&405df1a83405a0&045df1a83405a0&585df1a83405a0&2e5df1a83405a0&2d5df1a83405a0&af5df1a83405a0&415df1a83405a0;domain=casalemedia.com;path=/;expires=Fri, 11 Dec 2020 02:38:44 GMT Keep-Alive timeout=1, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	js Show response tags.mathtag.com/notify/ Frame 9795	2 KB 2 KB	140ms 85ms	Script application/x-javascript	185.29.133.52 MediaMath Inc
General Check archive.org Show headers Download Go to Full URL https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTXpFeE1XSXlNRE10WlRJNFpDMWlaVGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0NDEyNzA2NDg2NDYxNjc4NTkvNjg2NDA1Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGFUYzVocjlWM1loZmVwanZkMUZPRFUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0NDEyNzA2NDg2NDYxNjc4NTkvYW1zLzAvODc2LzE1Lzk5OS80MC8xNDQuNzYuMTA5LjAvMC4wMDAvMTU3NjExODMyMy8/iElwEL7ABZs33V_zshUD9HC3TfQ&nodeid=357&auctionid=6441270648646167859&exch=cas&sid=4802372&cid=6864052&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.161.0 / Resource Hash 88340bc320e07c8f1103b65da73c3a8ed9820e80cecb3c734346dd79aa6a6b44 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Content-Encoding gzip x-mm-bid-request-time 1576118323 Last-Modified Thu, 12 Dec 2019 02:38:43 GMT Server MMBD/3.161.0 x-mm-latency 60 (0) P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" x-mm-dbg count Cache-Control no-cache x-mm-host zrh-router-x40, cdg-bidder-x54 Connection close x-mm-pending-bid-state eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOmZhbHNlLCJQQlN0YXRlIjoiV2luIiwiRHVwTm90aWZ5IjpmYWxzZSwiQmlkQ2xhaW1lZCI6ZmFsc2UsIlBCU1dvcmtlZCI6ZmFsc2UsIlBCU1dpblBheWxvYWQiOiIifQ Content-Type application/x-javascript; charset=UTF-8 Expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 9795	77 KB 29 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1575654529893506" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29272 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:44 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	78 KB 29 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:44 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1575654529893506" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29463 x-xss-protection 0 expires Thu, 12 Dec 2019 02:38:44 GMT
GET H2	200	134240187179576 Show response connect.facebook.net/signals/config/	437 KB 109 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/134240187179576?v=2.9.14&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash bd81b0ddb62abf3da2eab7053e4c8eeb66dbb02b493b23c045d3958b9e755f71 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 content-length 111012 x-xss-protection 0 pragma public x-fb-debug VYmDA0W8+1r71q8fZHBBAn9INv8luxUcwdPHgxVkUCdDt8WI0qE2cuD1DmvBHHQPOdU0uQ35vyFNYFxbEvfOBw== x-fb-trip-id 420120009 date Thu, 12 Dec 2019 02:38:44 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 206 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&rl=&if=false&ts=1576118324116&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1576118324115.535467260&it=1576118324086&coo=false&rqm=GET Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:44 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 12 Dec 2019 02:38:44 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 252 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&rl=&if=false&ts=1576118324117&cd[freestar]=1818d42a-26c2-4b73-8dfc-dc734f4ec431&cd[client]=423&cd[site]=675&cd[page]=6fd7cfc95091683c8af265cf221ee06d&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1576118324115.535467260&it=1576118324086&coo=false&rqm=GET Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:44 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 12 Dec 2019 02:38:44 GMT
GET H/1.1	200 OK	jquery.color-2.1.2.min.js Show response cluster-na.cdnjquery.com/color/	92 B 356 B	367ms 88ms	Script text/javascript	52.1.154.127 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1576118324123&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fsecure.hi5.com%2Fphished.html%22%2C%22aa%22%3A3%2C%22pgid%22%3A%228378324b-1c88-11ea-8d6a-0513adee2850%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&csVersion=1.21.6&clearThroughOptions=undefined Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.154.127 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-1-154-127.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash 8ae973c343fcb01656a4f7369a4b3c2c4cfaceae54c2a28c2a6d3b33d9299802 Security Headers Name Value X-Frame-Options DENY Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Content-Encoding gzip Server nginx/1.12.1 ETag W/"5c-OHe2msIv/2f0lKcvxCQ4TsAZqv0" X-Frame-Options DENY Content-Type text/javascript; charset=utf-8 Charset utf8 Connection keep-alive Content-Length 84
GET H2	200	px.gif ad-delivery.net/	43 B 385 B	6ms 6ms	Image image/gif	13.35.253.87 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.2226766354947649 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-87.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id null via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) last-modified Thu, 27 Jul 2017 18:59:05 GMT server AmazonS3 age 40767 etag "ad4b0f606e0f8465bc4c4c170b37e1a3" x-cache Hit from cloudfront content-type image/gif status 200 date Wed, 11 Dec 2019 16:44:46 GMT x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 43 x-amz-cf-id cgTB9_1ur3EOMUnOauSVl3n9TyIILunjGCxybpEJjQhxU6dTCK45vQ==
GET H2	200	16148871544098052819 tpc.googlesyndication.com/simgad/ Frame 44EC	6 KB 6 KB	6ms 5ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16148871544098052819?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql4fc5mSxFGxCB32erLtqswTvQQqw Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d7bd02558e8ae08f870eaefd3b77ae37a8a1ec5e25c37f1814603e313f2ebc5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 20 Nov 2019 23:28:09 GMT x-content-type-options nosniff last-modified Fri, 01 Feb 2019 15:06:19 GMT server sffe age 1825835 content-type image/png status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 6555 x-xss-protection 0 expires Thu, 19 Nov 2020 23:28:09 GMT
GET H2	200	nl.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 44EC	1 KB 1 KB	6ms 6ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/nl.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 9dec75c59d0eb10579f7b74b239fb5221d95644e06918578edaf6437c7929f9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 23:52:23 GMT x-content-type-options nosniff content-type image/png server cafe age 9981 etag 6078843621408983719 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1241 x-xss-protection 0 expires Thu, 12 Dec 2019 23:52:23 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 44EC	295 B 360 B	6ms 6ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 11 Dec 2019 21:53:21 GMT x-content-type-options nosniff content-type image/png server cafe age 17123 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Thu, 12 Dec 2019 21:53:21 GMT
GET H/1.1	200 OK	9y7byyg60m6k Show response hal9000.redintelligence.net/zone/ Frame 9795	10 KB 3 KB	7ms 2ms	Script text/html	136.243.54.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/9y7byyg60m6k?subid=&rnd=6441270648646167859&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.54.216 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.54.243.136.clients.your-server.de Software Apache / Resource Hash d75bfa7d3aa817c18353a41da87e28733c6887dafb9b553e2dcb038f2bf7d421 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2745 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	img pixel.mathtag.com/event/ Frame 9795	43 B 360 B	18ms 17ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=15&v2=6441270648646167859&v3=651871&v4=4802372&v5=6864052&mt_nsync=1&no_attr=1 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTXpFeE1XSXlNRE10WlRJNFpDMWlaVGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0NDEyNzA2NDg2NDYxNjc4NTkvNjg2NDA1Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGFUYzVocjlWM1loZmVwanZkMUZPRFUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0NDEyNzA2NDg2NDYxNjc4NTkvYW1zLzAvODc2LzE1Lzk5OS80MC8xNDQuNzYuMTA5LjAvMC4wMDAvMTU3NjExODMyMy8/iElwEL7ABZs33V_zshUD9HC3TfQ&nodeid=357&auctionid=6441270648646167859&exch=cas&sid=4802372&cid=6864052&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1913 979072d master zrh-pixel-x15 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server MT3 1913 979072d master zrh-pixel-x15 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 12 Dec 2019 02:38:43 GMT
GET H/1.1	200 OK	img tags.mathtag.com/event/ Frame 9795	49 B 329 B	113ms 66ms	Image image/gif	185.29.133.52 MediaMath Inc
General Check archive.org Show headers Download Go to Show image Full URL https://tags.mathtag.com/event/img?type=mmImpTrack&exch=cas&bid=6441270648646167859&st=4802372&time=1576118324&nodeid=357 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTXpFeE1XSXlNRE10WlRJNFpDMWlaVGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0NDEyNzA2NDg2NDYxNjc4NTkvNjg2NDA1Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGFUYzVocjlWM1loZmVwanZkMUZPRFUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0NDEyNzA2NDg2NDYxNjc4NTkvYW1zLzAvODc2LzE1Lzk5OS80MC8xNDQuNzYuMTA5LjAvMC4wMDAvMTU3NjExODMyMy8/iElwEL7ABZs33V_zshUD9HC3TfQ&nodeid=357&auctionid=6441270648646167859&exch=cas&sid=4802372&cid=6864052&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.29.133.52 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US), Reverse DNS Software MMBD/3.161.0 / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server MMBD/3.161.0 Content-Type image/gif Cache-Control no-cache x-mm-host zrh-router-x43, cdg-bidder-x54 Connection keep-alive Keep-Alive timeout=360 Content-Length 49 Expires Thu, 12 Dec 2019 02:38:43 GMT
GET H/1.1	200 OK	js Show response pixel.mathtag.com/sync/ Frame 9795	1 KB 2 KB	33ms 20ms	Script text/javascript	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5 Requested by Host: tags.mathtag.com URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTXpFeE1XSXlNRE10WlRJNFpDMWlaVGhsTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0NDEyNzA2NDg2NDYxNjc4NTkvNjg2NDA1Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGFUYzVocjlWM1loZmVwanZkMUZPRFUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY0NDEyNzA2NDg2NDYxNjc4NTkvYW1zLzAvODc2LzE1Lzk5OS80MC8xNDQuNzYuMTA5LjAvMC4wMDAvMTU3NjExODMyMy8/iElwEL7ABZs33V_zshUD9HC3TfQ&nodeid=357&auctionid=6441270648646167859&exch=cas&sid=4802372&cid=6864052&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1913 979072d master zrh-pixel-x22 / Resource Hash 41fb9dfb8c2e15ee8c96a058fa7127e0721af1886464cc5408a976dd7649147a Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server MT3 1913 979072d master zrh-pixel-x22 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type text/javascript Content-Length 1347 Expires Thu, 12 Dec 2019 02:38:43 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9795 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MzExMWIyMDMtZTI4ZC1iZThlLTAwMDAtMDAwMDAwMDAwMDAw&gdpr=0&gdpr_consent= https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESEJl4bKmpq4qQhKKuN_iU8L4&google_cver=1 https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&gdpr=0&gdpr_consent=&google_gid=CAESEJl4bKmpq4qQhKKuN_iU8L4&google_cver=1&mm_bnc&mm_bct&UUID=ed9b5df1-a1f4-4700-8bce-77910c9babc4 https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA&google_tc=	170 B 246 B	16ms 15ms	Image image/png	172.217.23.98 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA&google_tc= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:44 GMT server HTTP server (unknown) content-type image/png status 200 cache-control no-cache, must-revalidate alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 12 Dec 2019 02:38:44 GMT server HTTP server (unknown) location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=7Ztd8aH0RwCLzneRDJurxA&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 9795 Redirect Chain https://dpm.demdex.net/ibs:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent=	42 B 915 B	30ms 29ms	Image image/gif	52.213.129.52 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent= Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.129.52 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-213-129-52.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers DCS dcs-prod-irl1-v055-098077ddb.edge-irl1.demdex.com 5.64.1.20191128093837 0ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID lo7RZpGoRF4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID W23Oj+RaSnc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=269&dpuuid=3111b203-e28d-be8e-0000-000000000000&gdpr=0&gdpr_consent= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	request.php Show response hal900028.redintelligence.net/ Frame 9795 Redirect Chain https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	3 KB 2 KB	60ms 59ms	Script application/x-javascript	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D&documentReferer=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ancestorOrigins=https%3A%2F%2Fsecure.hi5.com&random=2489818284264&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash da48a97cf588a57b55e8cd713fea7c000fba46c01ebb44ab62a62bff5d93eb62 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:44 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 16751700011593301049052011075028 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 972 Expires Thu, 12 Dec 2019 02:38:44 +0100 Redirect headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:44 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D&documentReferer=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ancestorOrigins=https%3A%2F%2Fsecure.hi5.com&random=2489818284264&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Thu, 12 Dec 2019 02:38:44 +0100
GET H2	200	activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204 8019191.fls.doubleclick.net/ Frame 62BC Redirect Chain https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204? https://8019191.fls.doubleclick.net/activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204?	0 0	21ms 21ms	Document text/html	172.217.22.6 Google LLC
General Check archive.org Show headers Download Go to Full URL https://8019191.fls.doubleclick.net/activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204? Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s14-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 8019191.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br cookie IDE=AHWqTUmhgJoeN4l6UPwDjKoVNfQzKEThaQ5OAolFywGqUgkq-5H7NI-IPv17KKbf Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Thu, 12 Dec 2019 02:38:44 GMT expires Thu, 12 Dec 2019 02:38:44 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 321 x-xss-protection 0 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 Redirect headers status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Thu, 12 Dec 2019 02:38:44 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://8019191.fls.doubleclick.net/activityi;dc_pre=CKeu5qaKr-YCFQ7zdwodvmMMEg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8054779047475.204? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H/1.1	200 OK	request_content.php hal900028.redintelligence.net/ Frame D216	0 0	6ms 2ms	Document text/html	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900028.redintelligence.net/request_content.php?s=16751700011593301049052011075028&a=c7cd8047 Requested by Host: hal900028.redintelligence.net URL: https://hal900028.redintelligence.net/request.php?zone=9y7byyg60m6k&nw=20&renderingType=javascript&namespace=ca89e5b71e&subid=&uid=f4c1593bf4178a59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6441270648646167859%26mt_id%3D6864052%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D543c5df1-9fff-4200-9f1c-bd9fd1e9d388%26redirect%3D&documentReferer=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&ancestorOrigins=https%3A%2F%2Fsecure.hi5.com&random=2489818284264&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash Request headers Host hal900028.redintelligence.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie 8lcfmzhxc8d6_uid=9745409bb6e5ecf8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Thu, 12 Dec 2019 02:38:44 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 892 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 9795	43 B 622 B	68ms 48ms	Image image/gif	104.111.239.246 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519520&v=14098&q=368694&r=296283&pref1=16751700011593301049052011075028&pv=1 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.239.246 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-239-246.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:44 GMT Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H/1.1	200 OK	iframe pixel.mathtag.com/sync/ Frame 00E6	0 0	29ms 28ms	Document text/html	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://pixel.mathtag.com/sync/iframe?mt_uuid=543c5df1-9fff-4200-9f1c-bd9fd1e9d388&no_iframe=1&mt_lim=5 Requested by Host: pixel.mathtag.com URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1913 979072d master zrh-pixel-x16 / Resource Hash Request headers Host pixel.mathtag.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie uuid=ed9b5df1-a1f4-4700-8bce-77910c9babc4; mt_mop=4:1576118324; uuidc=GAlRBn6AkCU0MZ5ojzxBIH6xnTgD7ZxM/Ue1ayojVjG1kjVNWJWgjV7v4BauIpCTRgBqEewT6BIbyF5yt/2P+leOFBdOM0FQxMot5NrkCk0= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Content-Type text/html Cache-Control no-cache P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server MT3 1913 979072d master zrh-pixel-x16 Expires Thu, 12 Dec 2019 02:38:43 GMT Vary Accept-Encoding Content-Encoding gzip Content-Length 1160 Date Thu, 12 Dec 2019 02:38:44 GMT Connection keep-alive
GET DATA	200 OK	truncated / Frame 9795	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d12fae9ef7fdbff29f568ef216814ae49116046647bc73050cfa0937b85617ad Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 9795	43 B 472 B	26ms 16ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0 Requested by Host: secure.hi5.com URL: https://secure.hi5.com/phished.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1913 979072d master zrh-pixel-x21 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:44 GMT Server MT3 1913 979072d master zrh-pixel-x21 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 12 Dec 2019 02:38:43 GMT
POST H/1.1	200 OK	/ Show response secure.hi5.com/api/	69 B 629 B	166ms 166ms	XHR application/json	135.84.35.167 IFWE INC
General Check archive.org Show headers Download Go to Full URL https://secure.hi5.com/api/?application_id=user&format=JSON Requested by Host: secure-static.tagged.com URL: https://secure-static.tagged.com/dyn/js/2/mElnZ1Bk6_cl.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.84.35.167 San Francisco, United States, ASN36080 (TAGGED-ASN - IFWE INC, US), Reverse DNS Software Apache / Resource Hash 214205f4ae52a081664b8aacbec6b4c36c473a35915017a98985fe332d757815 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://secure.hi5.com/phished.html Origin https://secure.hi5.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Thu, 12 Dec 2019 02:38:44 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/json; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=300 Content-Length 80 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	42 KB 14 KB	19ms 18ms	Script text/javascript	178.250.0.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:44 GMT content-encoding gzip last-modified Tue, 05 Nov 2019 14:27:52 GMT server nginx access-control-allow-origin * etag W/"5dc186e8-a744" content-type text/javascript status 200 cache-control max-age=86400, public timing-allow-origin * expires Fri, 13 Dec 2019 02:38:44 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 44EC	42 B 115 B	15ms 15ms	Image image/gif	2a00:1450:4001:818::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTWXixtLQMWVb5VqCUFuxASixvek2qPM9JoRbSYKXssvdJg9bNGYgLR72Jr2Ythi2SyN5fNEP8fIHcNtdbINkKiuRZ9R8lVuffyydKHWbir_VXBexBc8oLZ50T6g&sai=AMfl-YSuW3rJ-DZTxNIlw2jxqYxNsrtD-EcYFwwdPnvgL3-cjhMBglm7-AgooR9xR8rK494qS0gK5EVhAqaVAq9TjpzMSFw42Ndj13GiRL-V&sig=Cg0ArKJSzOCHDo74CFbCEAE&id=ampim&o=436,1070&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=129&tls=1129&g=100&h=100&tt=1129&r=v&adk=2891844225&avms=ampa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:45 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 9795	42 B 110 B	14ms 14ms	Image image/gif	2a00:1450:4001:818::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4WPdTnV1AEGCJtJZ5tV6wG6SJsHD1pEtl98mxgN4Puk32iDmodkV2_NZ5K4j9Lpxh7tN_W602pPSEX22XrED9Z3hUSoVobGV4zZIjuJ4&sig=Cg0ArKJSzCVHAV8tfhtjEAE&adk=812470297&tt=-1&bs=1600%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=52,566,112,1034&mcvt=1016&rs=3&ht=0&tfs=70&tls=1086&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1576118324073&dlt&rpt=285&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C471&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-11-14-10-10-0-0-0&tvt=1073&is=468%2C60&iframe_loc=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 12 Dec 2019 02:38:45 GMT x-content-type-options nosniff content-type image/gif server cafe access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 252 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=134240187179576&ev=Microdata&dl=https%3A%2F%2Fsecure.hi5.com%2Fphished.html&rl=&if=false&ts=1576118325619&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(5)%20Account%20Phished%20-%20hi5%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=2&o=30&fbp=fb.1.1576118325618.376777723&it=1576118324086&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 12 Dec 2019 02:38:45 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 12 Dec 2019 02:38:45 GMT
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame C0A7	0 0	22ms 6ms	Document text/html	23.37.55.184 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent= Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-37-55-184.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Mon, 09 Dec 2019 19:59:07 GMT Content-Encoding gzip Content-Length 7450 Content-Type text/html; charset=UTF-8 Cache-Control max-age=12612 Expires Thu, 12 Dec 2019 06:09:01 GMT Date Thu, 12 Dec 2019 02:38:49 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	Cookie set showad.js ads.pubmatic.com/AdServer/js/ Frame DB33	0 0	26ms 9ms	Document text/html	2.18.233.180 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie KRTBCOOKIE_27=16735-uid:ed9b5df1-a1f4-4700-8bce-77910c9babc4&KRTB&16736-uid:ed9b5df1-a1f4-4700-8bce-77910c9babc4; PugT=1576118327; PUBMDCID=3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Last-Modified Tue, 12 Nov 2019 06:59:02 GMT ETag "13006b6-97cd-59720c88c16d1" Server Apache/2.2.15 (CentOS) Set-Cookie KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000; Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 14515 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=84102 Expires Fri, 13 Dec 2019 02:00:31 GMT Date Thu, 12 Dec 2019 02:38:49 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	index.html cdn.districtm.io/ids/ Frame AB23	0 0	105ms 98ms	Document text/html	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 date Thu, 12 Dec 2019 02:38:49 GMT content-type text/html set-cookie __cfduid=dda4c254ed75001b7f1d2880cb21c73691576118329; expires=Sat, 11-Jan-20 02:38:49 GMT; path=/; domain=.districtm.io; HttpOnly cf-ray 543c53091855c303-FRA cache-control s-maxage=1209600, max-age=14400 last-modified Thu, 10 Jan 2019 16:50:48 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare content-encoding br
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame B7DD	0 0	20ms 15ms	Document text/html	34.95.120.147 Google LLC
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.170.0 / Resource Hash Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br cookie i=b6d75683-bdec-4247-a864-c57e704d31c5|1576118327 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 vary Accept set-cookie i=b6d75683-bdec-4247-a864-c57e704d31c5|1576118327; Version=1; Expires=Fri, 11-Dec-2020 02:38:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576118329|mOsLgqgikin0fcmWiygu; Version=1; Expires=Fri, 27-Dec-2019 02:38:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/ server OXGW/16.170.0 p3p CP="CUR ADM OUR NOR STA NID" date Thu, 12 Dec 2019 02:38:49 GMT content-type text/html content-length 862 via 1.1 google alt-svc clear
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 781F	0 0	21ms 6ms	Document text/html	151.101.113.108 Fastly
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Thu, 12 Dec 2019 02:38:49 GMT Age 11033813 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4068-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 822588 X-Timer S1576118330.800944,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	Cookie set beacon ap.lijit.com/ Frame 5916 Redirect Chain https://ap.lijit.com/beacon?informer=13388523&gdpr_consent= https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1	0 0	15ms 13ms	Document text/html	216.52.2.30 Internap Corporation
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US), Reverse DNS Software nginx / raptor Resource Hash Request headers Host ap.lijit.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie ljt_reader=e9bc863a43612486bd7796f1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx Date Thu, 12 Dec 2019 02:38:49 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Vary Accept-Encoding X-Application-Context application:prod:9080 Set-Cookie tpro=eJxNUMtuhDAM%2FBefI%2BTw2i2%2F0b1VVRQFA5FCggJUqlb8e52wi3qb8UzGnjwhbBNF6J7gNjsTdChgDr0yYffbya75D8XVBg8dlAXCISDSQDFaP36SjmZ6UJxX6L6%2BBSwxDNZRyrXehDkjiagWt7MFi%2FImoELV4pu0qFjP7C4AVZWxvPMaE5yjMUdcEItawBh1r1YzZWcjwAd%2FSg2%2FGsn3Z7OBZu2ywJ4Lpvu1OVP1btKMF7%2B%2BAwuUAvQQlZ4zY0mvVvtMOGay65Jxmw6crOsj%2BZTlQ05n%2Fy%2FlpnXJDn2eL%2B%2BqqtOw4vZKlu80yeSWW%2FC8UfXHy9P8%2B7DmOI4%2FvRJ50A%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 ljtrtb_refresh=false;Path=/;Domain=.lijit.com;Expires=Mon, 16-Dec-2019 02:38:49 GMT;Max-Age=345600 ljtrtbexp=eJxdkDsOgEAIBe%2BytQUgLODVjHc30Yoph%2FA%2BcC9dl0bmadnWx7KJe08%2BJybUIYKJChQwVAR2d2EDioJjwaHQsRwcuBj79udtE8%2BPEy9AH0e%2Bw88bP4I%2BeK%2FMRs8LXxFTSA%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor Content-Encoding gzip X-Sovrn-Pod ad_ap6ams1 Redirect headers Server nginx Date Thu, 12 Dec 2019 02:38:49 GMT Content-Length 0 X-Application-Context application:prod:9080 Set-Cookie ljt_reader=e9bc863a43612486bd7796f1;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" Location https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1 X-Powered-By raptor X-Sovrn-Pod ad_ap6ams1
GET H2	200	pd eu-u.openx.net/w/1.0/ Frame 3550	0 0	16ms 15ms	Document text/html	34.95.120.147 Google LLC
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.170.0 / Resource Hash Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br cookie i=b6d75683-bdec-4247-a864-c57e704d31c5|1576118327; pd=v2|1576118329|mOsLgqgikin0fcmWiygu Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 vary Accept set-cookie i=b6d75683-bdec-4247-a864-c57e704d31c5|1576118327; Version=1; Expires=Fri, 11-Dec-2020 02:38:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576118329|rskimWfcvmsHqGgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Fri, 27-Dec-2019 02:38:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/ server OXGW/16.170.0 p3p CP="CUR ADM OUR NOR STA NID" date Thu, 12 Dec 2019 02:38:49 GMT content-type text/html content-length 825 via 1.1 google alt-svc clear
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 6271	0 0	18ms 6ms	Document text/html	151.101.113.108 Fastly
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Thu, 12 Dec 2019 02:38:49 GMT Age 11033813 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4068-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 822589 X-Timer S1576118330.807432,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame F07E	0 0	16ms 5ms	Document text/html	151.101.113.108 Fastly
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Thu, 12 Dec 2019 02:38:49 GMT Age 11033813 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4029-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 4255928 X-Timer S1576118330.812030,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame B4EE	0 0	13ms 6ms	Document text/html	151.101.113.108 Fastly
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Fastly-Debug-Digest e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055 Content-Length 506 Accept-Ranges bytes Date Thu, 12 Dec 2019 02:38:49 GMT Age 11033814 Connection keep-alive X-Served-By cache-jfk8123-JFK, cache-hhn4057-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 3849823 X-Timer S1576118330.814236,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	Cookie set beacon ap.lijit.com/ Frame 3E4D Redirect Chain https://ap.lijit.com/beacon?informer=13388523&gdpr_consent= https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1	0 0	15ms 15ms	Document text/html	216.52.2.30 Internap Corporation
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US), Reverse DNS Software nginx / raptor Resource Hash Request headers Host ap.lijit.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie ljt_reader=95b407a4d909148bbf0bdb77 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Server nginx Date Thu, 12 Dec 2019 02:38:49 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Vary Accept-Encoding X-Application-Context application:prod:9080 Set-Cookie tpro=eJxNUMtuhDAM%2FBefI%2BTw2i2%2F0b1VVRQFA5FCggJUqlb8e52wi3qb8UzGnjwhbBNF6J7gNjsTdChgDr0yYffbya75D8XVBg8dlAXCISDSQDFaP36SjmZ6UJxX6L6%2BBSwxDNZRyrXehDkjiagWt7MFi%2FImoELV4pu0qFjP7C4AVZWxvPMaE5yjMUdcEItawBh1r1YzZWcjwAd%2FSg2%2FGsn3Z7OBZu2ywJ4Lpvu1OVP1btKMF7%2B%2BAwuUAvQQlZ4zY0mvVvtMOGay65Jxmw6crOsj%2BZTlQ05n%2Fy%2FlpnXJDn2eL%2B%2BqqtOw4vZKlu80yeSWW%2FC8UfXHy9P8%2B7DmOI4%2FvRJ50A%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 ljtrtb_refresh=false;Path=/;Domain=.lijit.com;Expires=Mon, 16-Dec-2019 02:38:49 GMT;Max-Age=345600 ljtrtbexp=eJxdkEEOgDAIBP%2FSs4dCaRf8mvHvJnqxc5zsMhCuZu20KQ1XeR3Nd1xr5wFELNis7xzQB3yCz9CvqkQDE8mNhRzGxAUZ4In%2FoD%2Bx3z9e3kNvjntdf74fOG5MQA%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor Content-Encoding gzip X-Sovrn-Pod ad_ap6ams1 Redirect headers Server nginx Date Thu, 12 Dec 2019 02:38:49 GMT Content-Length 0 X-Application-Context application:prod:9080 Set-Cookie ljt_reader=95b407a4d909148bbf0bdb77;Path=/;Domain=.lijit.com;Expires=Fri, 11-Dec-2020 02:38:49 GMT;Max-Age=31536000 Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" Location https://ap.lijit.com/beacon?informer=13388523&gdpr_consent=&dnr=1 X-Powered-By raptor X-Sovrn-Pod ad_ap6ams1
GET H2	200	index.html cdn.districtm.io/ids/ Frame F4A2	0 0	351ms 351ms	Document text/html	104.16.190.66 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://secure.hi5.com/phished.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers status 200 date Thu, 12 Dec 2019 02:38:50 GMT content-type text/html set-cookie __cfduid=dda4c254ed75001b7f1d2880cb21c73691576118329; expires=Sat, 11-Jan-20 02:38:49 GMT; path=/; domain=.districtm.io; HttpOnly cf-ray 543c530958c0c303-FRA cache-control s-maxage=1209600, max-age=14400 last-modified Thu, 10 Jan 2019 16:50:48 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare content-encoding br
GET H/1.1	200 OK	Cookie set showad.js ads.pubmatic.com/AdServer/js/ Frame EEDF	0 0	45ms 6ms	Document text/html	2.18.233.180 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-2.36.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://secure.hi5.com/phished.html Accept-Encoding gzip, deflate, br Cookie KRTBCOOKIE_27=16735-uid:ed9b5df1-a1f4-4700-8bce-77910c9babc4&KRTB&16736-uid:ed9b5df1-a1f4-4700-8bce-77910c9babc4; PugT=1576118327; PUBMDCID=3; KTPCACOOKIE=YES Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://secure.hi5.com/phished.html Response headers Last-Modified Tue, 12 Nov 2019 06:59:02 GMT ETag "13006b6-97cd-59720c88c16d1" Server Apache/2.2.15 (CentOS) Set-Cookie KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000; Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 14515 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=84102 Expires Fri, 13 Dec 2019 02:00:31 GMT Date Thu, 12 Dec 2019 02:38:49 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	img pixel.mathtag.com/misc/ Frame 9795	43 B 481 B	28ms 16ms	Image image/gif	2.18.233.201 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-201.deploy.static.akamaitechnologies.com Software MT3 1913 979072d master zrh-pixel-x20 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://secure.hi5.com/phished.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 12 Dec 2019 02:38:54 GMT Server MT3 1913 979072d master zrh-pixel-x20 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 12 Dec 2019 02:38:53 GMT