urlscan.io logo urlscan.io
SecurityTrails logo

www.dropgears.com Open in urlscan Pro
2400:cb00:2048:1::6818:7c77  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30...
Submission: On October 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 124 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:7c77, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.dropgears.com.
This is the only time www.dropgears.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
60 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.68.185.137 16509 (AMAZON-02)
1 2 94.31.29.128 54104 (AS-NETDNA)
7 94.130.129.235 24940 (HETZNER-AS)
1 2a00:1450:401... 15169 (GOOGLE)
1 29 216.58.207.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.239.245.27 33070 (RMH-14)
1 107.170.212.46 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 94.130.102.124 24940 (HETZNER-AS)
1 2600:9000:204... 16509 (AMAZON-02)
124 14
60    2400:cb00:2048:1::6818:7c77 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.dropgears.com
video.dropgears.com
2    2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
pagead2.googlesyndication.com
1    54.68.185.137 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-68-185-137.us-west-2.compute.amazonaws.com
static.dropgears.com
2    94.31.29.128 (United Kingdom)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
js.entertainmentcrave.com
7    94.130.129.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.129.130.94.clients.your-server.de
coinhive.com
1    2a00:1450:401b:802::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.com
29    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    104.239.245.27 (San Antonio, United States)

ASN33070 (RMH-14 - Rackspace Hosting, US)
pf.entertainmentcrave.com
1    107.170.212.46 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US)
graph.dropgears.com
1    2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
4    94.130.102.124 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.124.102.130.94.clients.your-server.de
coinhive.com
1    2600:9000:2043:2e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
content.jwplatform.com
Domain Requested by
59 www.dropgears.com www.dropgears.com
27 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
11 coinhive.com www.dropgears.com
2 www.google-analytics.com www.dropgears.com
2 pubads.g.doubleclick.net 1 redirects www.dropgears.com
2 js.entertainmentcrave.com 1 redirects www.dropgears.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 content.jwplatform.com video.dropgears.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 video.dropgears.com www.dropgears.com
1 graph.dropgears.com www.dropgears.com
1 pf.entertainmentcrave.com js.entertainmentcrave.com
1 www.google.com www.dropgears.com
1 static.dropgears.com www.dropgears.com
1 www.googletagservices.com www.dropgears.com
124 15
Subject Issuer Validity Valid
*.g.doubleclick.net
Google Internet Authority G3		 2017-10-03 -
2017-12-26		 3 months crt.sh
*.coinhive.com
COMODO RSA Domain Validation Secure Server CA		 2017-09-28 -
2018-09-28		 a year crt.sh
www.google.com
Google Internet Authority G2		 2017-09-26 -
2017-12-19		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-09-26 -
2017-12-19		 3 months crt.sh
pf.entertainmentcrave.com
GeoTrust SSL CA - G3		 2017-03-20 -
2019-03-20		 2 years crt.sh
jwplayer.com
Amazon		 2017-02-22 -
2018-03-22		 a year crt.sh

This page contains 5 frames:

Primary Page: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Frame ID: 3338.1
Requests: 121 HTTP requests in this frame

Frame: http://video.dropgears.com/embed/target-dropped-pretense-subtlety.mp4?utm_source=eng
Frame ID: 3338.2
Requests: 2 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Frame ID: 3338.12
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Frame ID: 3338.15
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Frame ID: 3338.16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /.*Varnish/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

124
Requests

35 %
HTTPS

46 %
IPv6

9
Domains

15
Subdomains

14
IPs

4
Countries

1107 kB
Transfer

4580 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://js.entertainmentcrave.com/js/GrnhB58JZgM08Mi HTTP 307
  • http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977
Request Chain 61
  • http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273 HTTP 302
  • http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273&pre=1
Request Chain 62
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 96
  • http://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&ul=en-us&de=UTF-8&dt=Target%20Has%20Dropped%20All%20Pretense%20of%20Subtlety%20-%20Drop%20Gears&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEABI~&jid=353292144&gjid=1259345460&cid=312649980.1507820249&tid=UA-105801055-1&_gid=1781544222.1507820249&_r=1&z=886576005 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&ul=en-us&de=UTF-8&dt=Target%20Has%20Dropped%20All%20Pretense%20of%20Subtlety%20-%20Drop%20Gears&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEABI~&jid=353292144&gjid=1259345460&cid=312649980.1507820249&tid=UA-105801055-1&_gid=1781544222.1507820249&_r=1&z=886576005

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/ 		49 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
89e41c23976efcec98899fd6ca2e1430f488d5b83e6eaa738e4400aba03c924a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

X-Pingback
http://www.dropgears.com/xmlrpc.php
Date
Thu, 12 Oct 2017 14:57:26 GMT
Via
1.1 varnish
X-Cacheable
YES:Forced
Server
cloudflare-nginx
Age
202
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; expires=Fri, 12-Oct-18 14:57:26 GMT; path=/; domain=.dropgears.com; HttpOnly
CF-RAY
3acae95d81a126ae-FRA
Transfer-Encoding
chunked
X-Varnish
87157349 87156596
Connection
keep-alive
Content-Encoding
gzip
Link
<http://www.dropgears.com/wp-json/>; rel="https://api.w.org/", <http://www.dropgears.com/?p=70>; rel=shortlink
gpt.js
www.googletagservices.com/tag/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
007cf06ed3420c0d2bb55d57c09c423ebf9fb8d0bf6020972e59bab242e4dd36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tag/js/gpt.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagservices.com
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:scheme
https
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1507745118857158"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
4471
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2017 14:57:26 GMT
wpstats.js
static.dropgears.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.dropgears.com/js/wpstats.js?src=eng&dfpnid=58517704
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
54.68.185.137 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-68-185-137.us-west-2.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
22681e77089f2aaababbb1a228943ea364718688065aeac70c810f2d295bd7fb

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
static.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:55:22 GMT
Last-Modified
Thu, 12 Oct 2017 14:55:22 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Expires
Thu, 12 Oct 2017 14:55:22 GMT
thegem-preloader.css
www.dropgears.com/wp-content/themes/thegem/css/ 		3 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-preloader.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
44894c90c53bf1daaccde5e899b278fa82e38ff5c719867dcd993a069d78141f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f52d526ae-FRA
Connection
keep-alive
Content-Length
718
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"c11-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725064 1321675019
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-reset.css
www.dropgears.com/wp-content/themes/thegem/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-reset.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1541f051e9e19325dbd867446c916e1e0b87f7c01ee7a7a5822fc85da23ed44a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f636a2780-FRA
Connection
keep-alive
Content-Length
1370
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"1001-5598233856b43"
Vary
Accept-Encoding
X-Varnish
1321725065 1321675020
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-grid.css
www.dropgears.com/wp-content/themes/thegem/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-grid.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
bba29f87f4915c6dfcff67d63b43ad69cc5b59f04e9378af044c8695b0ecc3a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f62d626ae-FRA
Connection
keep-alive
Content-Length
1566
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"2a59-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725069 1321675021
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
style.css
www.dropgears.com/wp-content/themes/thegem/ 		218 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/style.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e0113d51b7b9d7d9cd77c612c5bbbeb35ab07c071560a91787375fc57f71cecc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f60856433-FRA
Connection
keep-alive
Content-Length
29237
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"36847-5598233876ee3"
Vary
Accept-Encoding
X-Varnish
1321725066 1321675040
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
style.css
www.dropgears.com/wp-content/themes/thegem-child/ 		1 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem-child/style.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1a20c630b8b3b21a5a1fc1317afae688c880c40be6d19b6db64b9f9314d40c42

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f664e64f3-FRA
Connection
keep-alive
Content-Length
650
Last-Modified
Tue, 19 Sep 2017 09:24:10 GMT
Server
cloudflare-nginx
ETag
"5d3-559876bfa2ba3"
Vary
Accept-Encoding
X-Varnish
1321725068 1321675022
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-header.css
www.dropgears.com/wp-content/themes/thegem/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-header.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
656fe5c6d34218053534a3e9ffac21881e4bc6f49c6f7071f61f5be47ae0f22f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae95f65f70f63-FRA
Connection
keep-alive
Content-Length
2674
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"4427-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725067 1321675023
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-widgets.css
www.dropgears.com/wp-content/themes/thegem/css/ 		99 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-widgets.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
111e52649c01340383292cbe7afbc97902fb0017f9fa7d7c196083f377a2b0b2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96133ca26ae-FRA
Connection
keep-alive
Content-Length
15326
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"18c9c-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725070 1321675024
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-new-css.css
www.dropgears.com/wp-content/themes/thegem/css/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-new-css.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
54cb6adc83fe0a4d62465ad076f5540bcf160a828bae3d7163fb2d5a5c468bb7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae961376e64f3-FRA
Connection
keep-alive
Content-Length
8685
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"d001-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
164967524 164786889
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-perevazka-css.css
www.dropgears.com/wp-content/themes/thegem/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-perevazka-css.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
d86b504700fd2792e109692e8766782230faaecd3cb38ab367511fcace0b8ce9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae961449a2780-FRA
Connection
keep-alive
Content-Length
3371
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"4e6c-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
164967523 164786813
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
custom.css
www.dropgears.com/wp-content/themes/thegem-child/css/ 		100 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem-child/css/custom.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e12b98b79006d10c28cb032c7d80d23b5e45aa73f370609ff02a3f967ff8bb21

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96147000f63-FRA
Connection
keep-alive
Content-Length
13709
Last-Modified
Wed, 04 Oct 2017 12:53:41 GMT
Server
cloudflare-nginx
ETag
"18fe5-55ab818e0a6d1"
Vary
Accept-Encoding
X-Varnish
1321725073 1321675027
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
js_composer.min.css
www.dropgears.com/wp-content/plugins/js_composer/assets/css/ 		451 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
22f47477e87f4cdc5d05be90b75b5a91239e0324bcb2040001f07c1830a3f2d6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96143d726ae-FRA
Connection
keep-alive
Content-Length
45863
Last-Modified
Tue, 19 Sep 2017 04:36:13 GMT
Server
cloudflare-nginx
ETag
"70db1-5598366355223"
Vary
Accept-Encoding
X-Varnish
1321725075 1321674193
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-additional-blog-1.css
www.dropgears.com/wp-content/themes/thegem/css/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-additional-blog-1.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2e5d1ce52a320f7f03bfae01203a576d45f8a929192be100c057263ceceebfb0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96161c86433-FRA
Connection
keep-alive
Content-Length
4594
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"80cf-5598233854c03"
Vary
Accept-Encoding
X-Varnish
1321725076 1321675029
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-hovers.css
www.dropgears.com/wp-content/themes/thegem/css/ 		74 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-hovers.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f46a6f9afdba1a2234f29833829f01548d233cb0e1e62bb29272dea4c2a19694

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae963008464f3-FRA
Connection
keep-alive
Content-Length
5613
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"12605-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725074 1321675030
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-lazy-loading-animations.css
www.dropgears.com/wp-content/themes/thegem/css/ 		8 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-lazy-loading-animations.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e7e3a8beb0aaf8b515b6d1f7c0d0460ed20ce9c287f75710c8d8eae9693fe983

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96305b22780-FRA
Connection
keep-alive
Content-Length
830
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"1f85-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725077 1321675031
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
jquery.fancybox.css
www.dropgears.com/wp-content/themes/thegem/js/fancyBox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/fancyBox/jquery.fancybox.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
44ce7be5b22ba80e67c3f7cc0c3682ba98f3aab5def5332bff9fef1d83bac579

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96310090f63-FRA
Connection
keep-alive
Content-Length
1270
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"1124-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725078 1321675032
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
thegem-vc_elements.css
www.dropgears.com/wp-content/themes/thegem/css/ 		3 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/css/thegem-vc_elements.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2d3fdc1c233a7ca773265958fa943ebbf9a5c9d31ffd958bb24e51540c930e1e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96324cb26ae-FRA
Connection
keep-alive
Content-Length
780
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"cbf-5598233855ba3"
Vary
Accept-Encoding
X-Varnish
1321725080 1321674808
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
styles.css
www.dropgears.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96324cf26ae-FRA
Connection
keep-alive
Content-Length
634
Last-Modified
Tue, 19 Sep 2017 03:17:51 GMT
Server
cloudflare-nginx
ETag
"646-559824df349c3"
Vary
Accept-Encoding
X-Varnish
1321725081 1321674401
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
gglcptch.css
www.dropgears.com/wp-content/plugins/google-captcha/css/ 		1 KB
399 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/google-captcha/css/gglcptch.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3a212e79ce07e77d6f8b1c479540237ac25de277b20e2a7811f1a51bcdcf60a8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96332e46433-FRA
Connection
keep-alive
Content-Length
399
Last-Modified
Sat, 02 Sep 2017 05:15:21 GMT
Server
cloudflare-nginx
ETag
"46d-5582df6d1d123"
Vary
Accept-Encoding
X-Varnish
1321725079 1321674807
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:27 GMT
settings.css
www.dropgears.com/wp-content/plugins/revslider/public/assets/css/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/revslider/public/assets/css/settings.css
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae964d18d64f3-FRA
Connection
keep-alive
Content-Length
7205
Last-Modified
Tue, 19 Sep 2017 04:33:40 GMT
Server
cloudflare-nginx
ETag
"7578-559835d112c03"
Vary
Accept-Encoding
X-Varnish
1321725082 1321675037
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
text/css
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-settings-init.js
www.dropgears.com/wp-content/themes/thegem/js/ 		2 KB
748 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-settings-init.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
cad511b3096391740cb95ba32f4004e8d0bcec99c375638152ff6e29e89bfb18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae964d6b02780-FRA
Connection
keep-alive
Content-Length
748
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"8ba-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725083 1321675038
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-fullwidth-loader.js
www.dropgears.com/wp-content/themes/thegem/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-fullwidth-loader.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
85305bdd837f8ba63fcbe796e08660b76331629eae3874248acb087b49d7a785

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae964e1220f63-FRA
Connection
keep-alive
Content-Length
1247
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"13bb-5598233870183"
Vary
Accept-Encoding
X-Varnish
1321725084 1321675039
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
jquery.js
www.dropgears.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96505f326ae-FRA
Connection
keep-alive
Content-Length
34292
Last-Modified
Mon, 23 May 2016 09:00:29 GMT
Server
cloudflare-nginx
ETag
"17ba0-5337eac0d4540"
Vary
Accept-Encoding
X-Varnish
1321725085 1321673606
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
jquery-migrate.min.js
www.dropgears.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96505f426ae-FRA
Connection
keep-alive
Content-Length
4045
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
cloudflare-nginx
ETag
"2748-5333ff613c400"
Vary
Accept-Encoding
X-Varnish
1321725086 1321675041
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
GrnhB58JZgM08Mi
js.entertainmentcrave.com/x/
Redirect Chain
  • http://js.entertainmentcrave.com/js/GrnhB58JZgM08Mi
  • http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977
89 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
94.31.29.128 , United Kingdom, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c8858a1a521e725c25044b9437b87e80ce0464764f0e190c5c90a1060221f84d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
js.entertainmentcrave.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:27 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/plain; charset=utf-8
Cache-Control
public, max-age=7776000
Connection
keep-alive

Redirect headers

Pragma
no-cache
Date
Thu, 12 Oct 2017 14:57:27 GMT
Server
NetDNA-cache/2.2
X-Cache
MISS
Content-Type
text/html; charset=utf-8
Location
/x/GrnhB58JZgM08Mi?ts1505514977
Cache-Control
priviate, max-age=0, no-cache
Connection
keep-alive
Content-Length
67
Expires
-1
jquery.themepunch.tools.min.js
www.dropgears.com/wp-content/plugins/revslider/public/assets/js/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96503f36433-FRA
Connection
keep-alive
Content-Length
38828
Last-Modified
Tue, 19 Sep 2017 04:33:40 GMT
Server
cloudflare-nginx
ETag
"1afe3-559835d117a23"
Vary
Accept-Encoding
X-Varnish
1321725087 1321675042
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
jquery.themepunch.revolution.min.js
www.dropgears.com/wp-content/plugins/revslider/public/assets/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5bf19de4a1e69b7b3cce947da22702f074c0963192bf9eb3ea9210ac07c52f67

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae966a28964f3-FRA
Connection
keep-alive
Content-Length
18227
Last-Modified
Tue, 19 Sep 2017 04:33:40 GMT
Server
cloudflare-nginx
ETag
"fd80-559835d117a23"
Vary
Accept-Encoding
X-Varnish
1321725088 1321673431
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
zilla-likes.js
www.dropgears.com/wp-content/plugins/zilla-likes/scripts/ 		706 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/zilla-likes/scripts/zilla-likes.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
9892e46edf665b396b880eba6989cbd3120cb8a4ad4a7155ca6c02d1b73c2294

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae966a7cb2780-FRA
Connection
keep-alive
Content-Length
342
Last-Modified
Tue, 19 Sep 2017 03:17:53 GMT
Server
cloudflare-nginx
ETag
"2c2-559824e0bc363"
Vary
Accept-Encoding
X-Varnish
1321725089 1321675043
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
css-lazy-load.js
www.dropgears.com/wp-content/plugins/wp-disable/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/wp-disable/js/css-lazy-load.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1345f308e81b6e513b5d00c8abe307a49d77e48f6c3c60db492ad0139cd1e8d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae966b2150f63-FRA
Connection
keep-alive
Content-Length
1445
Last-Modified
Thu, 14 Sep 2017 04:58:17 GMT
Server
cloudflare-nginx
ETag
"c73-5591f1fe9cd03"
Vary
Accept-Encoding
X-Varnish
164967549 164787719
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
dropgears-logo2.png
www.dropgears.com/wp-content/uploads/2017/09/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/dropgears-logo2.png
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
39fe9ea8326aa5d44e08f925d8a7c6fa63eafd5bf20e75742f9b768ed049e424

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
23732
X-Varnish
1321725102 1321675068
Last-Modified
Wed, 20 Sep 2017 20:16:07 GMT
Server
cloudflare-nginx
ETag
"5cb4-559a4a55cf903"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96ae13926ae-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
Target-wine.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/Target-wine.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5bd9d2d2047595812b3f1a70e2f1210df8d85f001e3256e2076d80f9e8d714e9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
44616
X-Varnish
1321487035 1321353757
Last-Modified
Wed, 06 Sep 2017 22:05:03 GMT
Server
cloudflare-nginx
ETag
"ae48-5588c89283103"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96e01e56433-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
9274129830_82033fb5a7_b-thegem-post-thumb-small.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/9274129830_82033fb5a7_b-thegem-post-thumb-small.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3f33d100563d60dd05761d555ea0451d8d648ef6f2803ed32d353025ca1fcf4e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
3586
X-Varnish
1321725101 1321675070
Last-Modified
Tue, 19 Sep 2017 04:42:33 GMT
Server
cloudflare-nginx
ETag
"e02-559837cd5bd83"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96c31dc26ae-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
Dumb-fest-thegem-post-thumb-small.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/Dumb-fest-thegem-post-thumb-small.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a1af43e92c367581c2d64e19d536a6d72332809f93b61114b1781ac208000ba5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
2856
X-Varnish
1321725122 1321672668
Last-Modified
Tue, 19 Sep 2017 04:17:08 GMT
Server
cloudflare-nginx
ETag
"b28-5598321ed4783"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96cb22926ae-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
Space-Shark-and-Laser-Cat-featured-image-2-thegem-post-thumb-small.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/Space-Shark-and-Laser-Cat-featured-image-2-thegem-post-thumb-small.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fe3bf4c79e7725f16cd1e85ea6eb0b167b6cefffd8b2d50dcf558d94fb154586

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
2979
X-Varnish
1321523357 1321490383
Last-Modified
Tue, 19 Sep 2017 04:17:08 GMT
Server
cloudflare-nginx
ETag
"ba3-5598321e8e283"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96c309f6433-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
Buncha-nobodies-thegem-post-thumb-small.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/Buncha-nobodies-thegem-post-thumb-small.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
04b8a89d0f9364ff2fc6709245145e2bf3826e4b7165167b3ad6802b168a17ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
2945
X-Varnish
1321473911 1321348849
Last-Modified
Tue, 19 Sep 2017 04:43:43 GMT
Server
cloudflare-nginx
ETag
"b81-5598380fecdc3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96c733b2780-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
1k-nikes-thegem-post-thumb-small.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/1k-nikes-thegem-post-thumb-small.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4efe448239c794efbca1163597edd0e3a5c7ac2fe7f33f3dece8f11dfd643003

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
1703
X-Varnish
1321475499 1321348852
Last-Modified
Tue, 19 Sep 2017 04:17:08 GMT
Server
cloudflare-nginx
ETag
"6a7-5598321e9ada3"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96c85430f63-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
coinhive.min.js
coinhive.com/lib/ 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/coinhive.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
39831bc68dddc4d22b7a0eea978a0193966d2cefda77a223c2b7140305e8b5fd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:15 GMT
Server
nginx
ETag
W/"59d24a2f-21e45"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
jquery.dlmenu.js
www.dropgears.com/wp-content/themes/thegem/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/jquery.dlmenu.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
bcf3b7824f01e6df13d4c6b789117e99589814b10e5c54289b824e9137c3b969

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae968a3320f63-FRA
Connection
keep-alive
Content-Length
2542
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"237f-5598233870183"
Vary
Accept-Encoding
X-Varnish
1321725091 1321675048
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-menu_init.js
www.dropgears.com/wp-content/themes/thegem/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-menu_init.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
468a4c6a62610dfe4e791149500ddfe263ba63ab7cee8e74afc6750c30dda924

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96890fa2780-FRA
Connection
keep-alive
Content-Length
5050
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"53b4-5598233870183"
Vary
Accept-Encoding
X-Varnish
1321725092 1321675049
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
comment-reply.min.js
www.dropgears.com/wp-includes/js/ 		0
0
svg4everybody.js
www.dropgears.com/wp-content/themes/thegem/js/ 		1 KB
542 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/svg4everybody.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
dacfd6e3a4dba21c4477b41192719929ba989ad0536d681c31ec69d6aa336216

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96896466433-FRA
Connection
keep-alive
Content-Length
542
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"488-5598233870183"
Vary
Accept-Encoding
X-Varnish
1321725094 1321672628
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-form-elements.js
www.dropgears.com/wp-content/themes/thegem/js/ 		2 KB
554 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-form-elements.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
d15d615b6462a7968a710eb65da45d6a2ccb17c98c1a6683ed4b4a3a78101740

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96897e926ae-FRA
Connection
keep-alive
Content-Length
554
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"6ca-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725095 1321675052
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
jquery.easing.js
www.dropgears.com/wp-content/themes/thegem/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/jquery.easing.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96897e626ae-FRA
Connection
keep-alive
Content-Length
2015
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"206d-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725096 1321675053
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-header.js
www.dropgears.com/wp-content/themes/thegem/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-header.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e667296fe027afc2fceea8f583db0ca3aa06030658d8a96fb37b2b48f48a7970

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=7785beeb8db1e05c:T=1507820248:S=ALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96e331d26ae-FRA
Connection
keep-alive
Content-Length
1614
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"179a-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725103 1321672629
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
thegem-lazyLoading.js
www.dropgears.com/wp-content/themes/thegem/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-lazyLoading.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
319d8af41b7f09110c6cf950ff36943c983b799263974a6b2b1cf5d1c624cbb4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=7785beeb8db1e05c:T=1507820248:S=ALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96e54352780-FRA
Connection
keep-alive
Content-Length
2641
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"2744-559823386f1e3"
Vary
Accept-Encoding
X-Varnish
1321725104 1321675055
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
jquery.transform.js
www.dropgears.com/wp-content/themes/thegem/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/jquery.transform.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4e529704bacba1a50034a78bbe2ae83dcb4361d2a56ade0726d060a8f480bb20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=7785beeb8db1e05c:T=1507820248:S=ALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96e564c0f63-FRA
Connection
keep-alive
Content-Length
5123
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"3b9d-559823386f1e3"
Vary
Accept-Encoding
X-Varnish
1321725105 1321674809
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
effect.min.js
www.dropgears.com/wp-includes/js/jquery/ui/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-includes/js/jquery/ui/effect.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=7785beeb8db1e05c:T=1507820248:S=ALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae96e934026ae-FRA
Connection
keep-alive
Content-Length
5264
Last-Modified
Thu, 03 Nov 2016 05:40:34 GMT
Server
cloudflare-nginx
ETag
"346c-5405eff119880"
Vary
Accept-Encoding
X-Varnish
1321725106 1321674816
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
effect-drop.min.js
www.dropgears.com/wp-includes/js/jquery/ui/ 		997 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-includes/js/jquery/ui/effect-drop.min.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae97003236433-FRA
Connection
keep-alive
Content-Length
570
Last-Modified
Sat, 07 Nov 2015 12:37:26 GMT
Server
cloudflare-nginx
ETag
"3e5-523f29f58ad80"
Vary
Accept-Encoding
X-Varnish
1321725108 1321675057
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
odometer.js
www.dropgears.com/wp-content/themes/thegem/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/odometer.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7ec853ce34bd953427fbbdb816ca1ef1ca7a20f70ef4881f25028475e37a1afb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae97045502780-FRA
Connection
keep-alive
Content-Length
5111
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"5255-559823386f1e3"
Vary
Accept-Encoding
X-Varnish
1321725107 1321672633
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
thegem-sticky.js
www.dropgears.com/wp-content/themes/thegem/js/ 		4 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-sticky.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2a33c73ff8f48cbf1b55b1e8d8f8b1f7f540dce4fa14c7e230fa6e72bc23b04e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae970544a26ae-FRA
Connection
keep-alive
Content-Length
940
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"fe0-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725109 1321672634
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
functions.js
www.dropgears.com/wp-content/themes/thegem/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/functions.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
d73766a4620dc6f41fb528938d0259a9edda7093d0fa18317197e373006bc562

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae970576f0f63-FRA
Connection
keep-alive
Content-Length
4562
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"43aa-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725110 1321672636
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:29 GMT
jquery.mousewheel.pack.js
www.dropgears.com/wp-content/themes/thegem/js/fancyBox/ 		1 KB
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/fancyBox/jquery.mousewheel.pack.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae970847b26ae-FRA
Connection
keep-alive
Content-Length
718
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"574-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725111 1321675061
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
jquery.fancybox.pack.js
www.dropgears.com/wp-content/themes/thegem/js/fancyBox/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/fancyBox/jquery.fancybox.pack.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3e366186c798c4ea66b36b7c19da53efddb835fe41a045bf659631fefb12b535

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae971e41a6433-FRA
Connection
keep-alive
Content-Length
8521
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"586f-559823386d2a3"
Vary
Accept-Encoding
X-Varnish
1321725112 1321675063
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
jquery.fancybox-init.js
www.dropgears.com/wp-content/themes/thegem/js/fancyBox/ 		927 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/fancyBox/jquery.fancybox-init.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
ab7671fe8daaeab204b145e20b7e0585502147c23f9ebc0afdb4bc527c28aacb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae972254e26ae-FRA
Connection
keep-alive
Content-Length
478
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"39f-559823386e243"
Vary
Accept-Encoding
X-Varnish
1321725113 1321675064
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
thegem-vc_elements_init.js
www.dropgears.com/wp-content/themes/thegem/js/ 		1 KB
505 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/js/thegem-vc_elements_init.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
496e70fe9fbe55e74be6c3c4432248c9e0f0a7267f16841409323d468ec928af

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae97220a00f63-FRA
Connection
keep-alive
Content-Length
505
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"49e-559823386f1e3"
Vary
Accept-Encoding
X-Varnish
1321725114 1321672638
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
scripts.js
www.dropgears.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae972364e2780-FRA
Connection
keep-alive
Content-Length
3967
Last-Modified
Tue, 19 Sep 2017 03:17:51 GMT
Server
cloudflare-nginx
ETag
"3654-559824df35963"
Vary
Accept-Encoding
X-Varnish
1321725115 1321675069
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
pre-api-script.js
www.dropgears.com/wp-content/plugins/google-captcha/js/ 		2 KB
590 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/google-captcha/js/pre-api-script.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f1a1e254261135196fde38cdb2b6baca9536ceb9dffb66d003110db7a6b0966a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae97365ea26ae-FRA
Connection
keep-alive
Content-Length
590
Last-Modified
Sat, 02 Sep 2017 05:15:21 GMT
Server
cloudflare-nginx
ETag
"6a1-5582df6d1e0c3"
Vary
Accept-Encoding
X-Varnish
1321725119 1321675066
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
api.js
www.google.com/recaptcha/ 		915 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=gglcptch_onload_callback&render=explicit
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:401b:802::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
GSE /
Resource Hash
46f148d119e3a4cd67ae855b15f276bdc3678bea791b4c37fbdf5b000c8ea270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api.js?onload=gglcptch_onload_callback&render=explicit
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google.com
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:scheme
https
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
445
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2017 14:57:28 GMT
script.js
www.dropgears.com/wp-content/plugins/google-captcha/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/plugins/google-captcha/js/script.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4f82846ffb895f36536ffd9e126f924bd910c277376e6e8d50ee78e8a8bb12b1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246; _ga=GA1.2.312649980.1507820249; _gid=GA1.2.1781544222.1507820249; _gat=1; __gads=ID=78e7d37b0f280b3e:T=1507820248:S=ALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:30 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
CF-RAY
3acae973b51a6433-FRA
Connection
keep-alive
Content-Length
3083
Last-Modified
Sat, 02 Sep 2017 05:15:21 GMT
Server
cloudflare-nginx
ETag
"3335-5582df6d1e0c3"
Vary
Accept-Encoding
X-Varnish
1321725120 1321674402
Via
1.1 varnish
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Thu, 12 Oct 2017 18:57:30 GMT
pubads_impl_158.js
securepubads.g.doubleclick.net/gpt/ 		186 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
29233270598cf30927ec37377abd6e3ff9ac86b212f7c152f86dc181cf77a2a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_158.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:scheme
https
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Oct 2017 14:00:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
63270
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2017 14:57:28 GMT
Cookie set ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273
  • http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273&pre=1
42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273&pre=1
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pubads.g.doubleclick.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
test_cookie=CheckForPermission
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2017 14:57:28 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
Google-Creative-Id
-2
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-cache, must-revalidate
Set-Cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; expires=Sat, 12-Oct-2019 14:57:28 GMT; path=/; domain=.doubleclick.net; HttpOnly
Content-Type
image/gif
Content-Length
42
X-XSS-Protection
1; mode=block
Google-LineItem-Id
-2

Redirect headers

Timing-Allow-Origin
*
Date
Thu, 12 Oct 2017 14:57:28 GMT
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://pubads.g.doubleclick.net/gampad/ad?iu=/58517704/dropgears_eng_pixel&sz=1x1&c=1507820247273&pre=1
Follow-Only-When-Prerender-Shown
1
Set-Cookie
test_cookie=CheckForPermission; expires=Thu, 12-Oct-2017 15:12:28 GMT; path=/; domain=.doubleclick.net
Content-Type
text/html; charset=UTF-8
Content-Length
0
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:scheme
https
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Sep 2017 22:31:34 GMT
server
Golfe2
age
1946
date
Thu, 12 Oct 2017 14:25:02 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
14089
expires
Thu, 12 Oct 2017 16:25:02 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cookie set /
pf.entertainmentcrave.com/ncrave/clientjs/ 		248 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pf.entertainmentcrave.com/ncrave/clientjs/?h=GrnhB58JZgM08Mi
Requested by
Host: js.entertainmentcrave.com
URL: http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.239.245.27 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7ffd3c538a80607101b021f12cdaa62133909106aea3ee33450f4c93740f11ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
pf.entertainmentcrave.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Content-Length
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Origin
http://www.dropgears.com

Response headers

Pragma
no-cache
Date
Thu, 12 Oct 2017 14:57:28 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://www.dropgears.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Set-Cookie
X-Mapping-fjhppofk=4CFDEC9E3887AE1A9F3CAA9C93CA2347; path=/ JSESSIONID=A123C1F69E2C90105F3E6F6B6EDEF12E; Path=/ncrave/; HttpOnly
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-Authorization
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
graph.dropgears.com/statsd/c/experiments.dropgears_eng.pageview/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://graph.dropgears.com/statsd/c/experiments.dropgears_eng.pageview/
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
107.170.212.46 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
graph.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:25 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
thegem-icons.woff
www.dropgears.com/wp-content/themes/thegem/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/fonts/thegem-icons.woff?-yiqymz
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fe0debb209876b41f5eeaff2214d7a9d4bdfc227df6106ac8ffe8a61bf3915e9

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/wp-content/themes/thegem/style.css
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
http://www.dropgears.com/wp-content/themes/thegem/style.css
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Via
1.1 varnish
CF-Cache-Status
MISS
X-Cacheable
YES:Forced
Connection
keep-alive
Content-Length
16824
X-Varnish
87157387 87156311
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"41b8-559823385b963"
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96a677e6433-FRA
Expires
Thu, 12 Oct 2017 18:57:28 GMT
thegem-socials.ttf
www.dropgears.com/wp-content/themes/thegem/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/fonts/thegem-socials.ttf
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
46a836bbc5a1168a1c6c48ddded65e5b2f8fea39f58d4aa090c6456698a589b8

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/wp-content/themes/thegem/style.css
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
http://www.dropgears.com/wp-content/themes/thegem/style.css
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES:Forced
Connection
keep-alive
Content-Length
16528
X-Varnish
1321725099
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"4090-559823385b963"
Vary
Accept-Encoding
Content-Type
application/x-font-ttf
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96a60ef26ae-FRA
Expires
Thu, 12 Oct 2017 18:57:28 GMT
03.jpg
www.dropgears.com/wp-content/uploads/2017/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.dropgears.com/wp-content/uploads/2017/09/03.jpg
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c63ae5322089c0ff482b2057e445d3e1ea5a5e0fc71392533e393e47294474b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES
Connection
keep-alive
Content-Length
33525
X-Varnish
1321725100 1321675074
Last-Modified
Tue, 19 Sep 2017 06:55:45 GMT
Server
cloudflare-nginx
ETag
"82f5-55985592c9c83"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96aa2332780-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
target-dropped-pretense-subtlety.mp4
video.dropgears.com/embed/ Frame 3338 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://video.dropgears.com/embed/target-dropped-pretense-subtlety.mp4?utm_source=eng
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
18b4720f422d2bff307352a9a5810f25ba0261f9532cc385fb93478ddb6463e4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
video.dropgears.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 12 Oct 2017 14:55:23 GMT
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
public, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3acae968c3da64f3-FRA
Expires
Thu, 12 Oct 2017 15:27:28 GMT
montserrat-ultralight.woff
www.dropgears.com/wp-content/themes/thegem/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dropgears.com/wp-content/themes/thegem/fonts/montserrat-ultralight.woff
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6818:7c77 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
www.dropgears.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/wp-content/themes/thegem-child/style.css
Cookie
__cfduid=da6de0118b27255293e6d0b9b82f0fbb11507820246
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Referer
http://www.dropgears.com/wp-content/themes/thegem-child/style.css
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:29 GMT
Via
1.1 varnish
CF-Cache-Status
REVALIDATED
X-Cacheable
YES:Forced
Connection
keep-alive
Content-Length
54036
X-Varnish
1321725098
Last-Modified
Tue, 19 Sep 2017 03:10:28 GMT
Server
cloudflare-nginx
ETag
"d314-559823385a9c3"
Vary
Accept-Encoding
Content-Type
application/x-font-woff
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3acae96aa43f0f63-FRA
Expires
Thu, 12 Oct 2017 18:57:29 GMT
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
df7197d9f56dd4d697cb8a64cc76cf628f0b6597b177437f4b2a904742551e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Accept-Encoding
gzip, deflate
Host
tpc.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Cache-Control
no-cache
Purpose
prefetch
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 05 Oct 2017 17:39:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Sep 2017 20:57:39 GMT
Server
sffe
Age
595050
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1576
X-XSS-Protection
1; mode=block
Expires
Fri, 05 Oct 2018 17:39:58 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		475 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248547&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=30&icsg=146788339&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
bbcc7115d61d9d2c6a803e4d7c8074fe1735d875cda78771f5aa0c6ce36cbd14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248547&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=30&icsg=146788339&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
339
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_158.js
securepubads.g.doubleclick.net/gpt/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_158.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
ca514433afa86466ec7b14fc4f844aee103d63b3d11683f494bfad48b214cbf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_rendering_158.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 04 Oct 2017 14:00:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
10499
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2017 14:57:28 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		475 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248557&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=32&icsg=10884206579&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
df5f7be1f21502143c158393ca7a6a03e9a3521ba81e77b3b38b8319c8629545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248557&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=32&icsg=10884206579&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
338
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		477 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248561&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=33&icsg=45243944947&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
8f93fa04c183f4e74489d06ee841a91faab72db9356525f931d09251c8b4a6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248561&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=33&icsg=45243944947&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
337
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		477 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248568&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=34&icsg=182682898419&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
9d696f91497b27a658362835e0b5323dcf164c4c1e3539490955aa367a2265a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248568&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=34&icsg=182682898419&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
339
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		477 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248572&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=35&icsg=732438712307&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
2a8ae1ff34234d31918cb385d4884b7fcf11f8b8c3bc8f8b57553f6efafd8d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2786022194634298&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&scp=multi%3D10&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248572&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=35&icsg=732438712307&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
340
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
3p_cookie.html
securepubads.g.doubleclick.net/static/ 		223 B
185 B 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/3p_cookie.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/3p_cookie.html
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Purpose
prefetch
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 07:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27894
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
176
x-xss-protection
1; mode=block
server
sffe
etag
"1502910952331160"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=43200
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Oct 2017 19:12:34 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.102.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.124.102.130.94.clients.your-server.de
Software
nginx /
Resource Hash
47d299593572faf8941351f3ef8e46bc18eb684f679d87f9194bb635dd8aabc0

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:33 GMT
Server
nginx
ETag
W/"59d24a41-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.102.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.124.102.130.94.clients.your-server.de
Software
nginx /
Resource Hash
47d299593572faf8941351f3ef8e46bc18eb684f679d87f9194bb635dd8aabc0

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:33 GMT
Server
nginx
ETag
W/"59d24a41-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.102.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.124.102.130.94.clients.your-server.de
Software
nginx /
Resource Hash
47d299593572faf8941351f3ef8e46bc18eb684f679d87f9194bb635dd8aabc0

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:33 GMT
Server
nginx
ETag
W/"59d24a41-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.129.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.129.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:14 GMT
Server
nginx
ETag
W/"59d24a2e-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:28 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_camp...
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_cam...
35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&ul=en-us&de=UTF-8&dt=Target%20Has%20Dropped%20All%20Pretense%20of%20Subtlety%20-%20Drop%20Gears&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEABI~&jid=353292144&gjid=1259345460&cid=312649980.1507820249&tid=UA-105801055-1&_gid=1781544222.1507820249&_r=1&z=886576005
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&ul=en-us&de=UTF-8&dt=Target%20Has%20Dropped%20All%20Pretense%20of%20Subtlety%20-%20Drop%20Gears&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEABI~&jid=353292144&gjid=1259345460&cid=312649980.1507820249&tid=UA-105801055-1&_gid=1781544222.1507820249&_r=1&z=886576005
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:scheme
https
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2017 14:57:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j64&a=1618241&t=pageview&_s=1&dl=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&ul=en-us&de=UTF-8&dt=Target%20Has%20Dropped%20All%20Pretense%20of%20Subtlety%20-%20Drop%20Gears&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEABI~&jid=353292144&gjid=1259345460&cid=312649980.1507820249&tid=UA-105801055-1&_gid=1781544222.1507820249&_r=1&z=886576005
Non-Authoritative-Reason
HSTS
ads
securepubads.g.doubleclick.net/gampad/ 		314 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2298451726268053&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=1&scp=multi%3D10&eri=1&cookie=ID%3Dcce51ea2abb26ba7%3AT%3D1507820248%3AS%3DALNI_MZYG6Axr_g8iuL_TqEIkVljoFAUGQ&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248806&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=38&icsg=46903391485759&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
37a60916d9df6e6e76b3fbfc35c73903468afae0ab8360d0ee1b71161cfe5966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2298451726268053&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=1&scp=multi%3D10&eri=1&cookie=ID%3Dcce51ea2abb26ba7%3AT%3D1507820248%3AS%3DALNI_MZYG6Axr_g8iuL_TqEIkVljoFAUGQ&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248806&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=38&icsg=46903391485759&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
225
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UmalgH1Z.js
content.jwplatform.com/libraries/ Frame 3338 		161 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/UmalgH1Z.js
Requested by
Host: video.dropgears.com
URL: http://video.dropgears.com/embed/target-dropped-pretense-subtlety.mp4?utm_source=eng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:2e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
6245f904e0fc183277d8e4b2d6bddfbd7d48f98d24d9de47040fa5806d22f71d

Request headers

:path
/libraries/UmalgH1Z.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
content.jwplatform.com
referer
http://video.dropgears.com/embed/target-dropped-pretense-subtlety.mp4?utm_source=eng
:scheme
https
:method
GET
Referer
http://video.dropgears.com/embed/target-dropped-pretense-subtlety.mp4?utm_source=eng
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
server
openresty
status
200
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
50364
via
1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront)
x-amz-cf-id
2qc9idqshHPv_tWABKouqoa5hh9F9AE5RYz-psDsRtklzDBickwlGg==
expires
Thu, 12 Oct 2017 14:59:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		800 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2883461923464713&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248977&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=38&icsg=187640879841087&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
80fe4d6532cc035a9ff4afe7c5f390ebeaae1eb62338c62e51005bb0eca65f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2883461923464713&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248977&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=38&icsg=187640879841087&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
578
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		314 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3926522805520055&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248995&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=39&icsg=750590833262399&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
fa0d3d606f56e4f008eb6c74a30fc64756fb8631f66f981eed7015093a466600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3926522805520055&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820248&dt=1507820248995&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=39&icsg=750590833262399&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
226
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3364003616638926&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249153&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=40&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f30694ebb89db2c4fa47715a3d56b19e9e55241ca2956c9ef2a09a6e16af01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3364003616638926&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90a&sz=728x90&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D6ee89590642faf91%3AT%3D1507820248%3AS%3DALNI_MbwsJda0q82drnpwvhS1wzw-GVuaA&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249153&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=562&adk=2610262158&gut=v2&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=40&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
22964
x-xss-protection
1; mode=block
google-lineitem-id
226109064
pragma
no-cache
server
cafe
google-creative-id
99669292584
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2327091315438161&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D56db3184721a474c%3AT%3D1507820248%3AS%3DALNI_Mb8BUdpnKooGWg5h847y3owde1XOg&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249161&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=40&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
0beab1ba62912dbd28060d54a9e17ddc4eed936bf0cd0bbb7817ad44f70ee6dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2327091315438161&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D56db3184721a474c%3AT%3D1507820248%3AS%3DALNI_Mb8BUdpnKooGWg5h847y3owde1XOg&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249161&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=40&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
229
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		315 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1539550397616938&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D56db3184721a474c%3AT%3D1507820248%3AS%3DALNI_Mb8BUdpnKooGWg5h847y3owde1XOg&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249165&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=41&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
49b2a597ebd748366efaca05237527eb1a6a75c1720f0c450f3ff63f5fffe098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=1539550397616938&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D56db3184721a474c%3AT%3D1507820248%3AS%3DALNI_Mb8BUdpnKooGWg5h847y3owde1XOg&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249165&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=41&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
228
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		795 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=143367088203854&output=json_html&callback=googletag.impl.pubads.callbackProxy12&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249285&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=41&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
9fd22d28727510f24053783e0da94e16e7fc9721c9cdecf84c25a6998014ba24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=143367088203854&output=json_html&callback=googletag.impl.pubads.callbackProxy12&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249285&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=41&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
571
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ Frame 3338 		0
0
osd.js
pagead2.googlesyndication.com/pagead/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
474cceb742da08619dbc6c9b40ff638ddfb815f5c344a1261b312fb9c29c7174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 12 Oct 2017 14:49:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
494
ETag
6136735409331968910
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
29867
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Oct 2017 15:49:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		315 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4468701997569192&output=json_html&callback=googletag.impl.pubads.callbackProxy13&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249420&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=43&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
20b0c85dd497c64ee1dadbe9372ef90a5da006918b7e4b3796cd85507eedc4bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4468701997569192&output=json_html&callback=googletag.impl.pubads.callbackProxy13&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249420&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=43&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
226
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=284737433973290&output=json_html&callback=googletag.impl.pubads.callbackProxy14&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249423&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=44&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
683a31a2f1130f523da2ea8a2b8eb44f447957b2f5ff33cc18576430739b86fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=284737433973290&output=json_html&callback=googletag.impl.pubads.callbackProxy14&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249423&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=44&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
230
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4140536194910534&output=json_html&callback=googletag.impl.pubads.callbackProxy15&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249441&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=45&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
fdc50ff93aef249caf93d34b01aebd065c6712192a5ab6f6b69619ebf5f3d99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4140536194910534&output=json_html&callback=googletag.impl.pubads.callbackProxy15&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D7785beeb8db1e05c%3AT%3D1507820248%3AS%3DALNI_MZtUoeu59hOlUWCqI9e4UHv4Gxoiw&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249441&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=45&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
229
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		791 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4109984095092938&output=json_html&callback=googletag.impl.pubads.callbackProxy16&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249567&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=45&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
6b3bdf6e4e7501dd6be54840d6324cb4842b092bab0243ab833d2ba599de1f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4109984095092938&output=json_html&callback=googletag.impl.pubads.callbackProxy16&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=1&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249567&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=45&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
569
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		315 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4036053146392715&output=json_html&callback=googletag.impl.pubads.callbackProxy17&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=5&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249622&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=46&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
46507adcb1cf2a17c6bd449fa07bd9088680266f454464e2fd67a7878f43d6e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4036053146392715&output=json_html&callback=googletag.impl.pubads.callbackProxy17&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_728x90b&sz=728x90&rc=5&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249622&frm=20&biw=1585&bih=1200&oid=3&adx=277&ady=1162&adk=3908426918&gut=v2&ifi=17&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=46&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
229
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=683205674038239&output=json_html&callback=googletag.impl.pubads.callbackProxy18&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249666&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=47&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1989d75362aa60afa281ef363d10ae4856afa839e2c357cb0121f05e92140d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=683205674038239&output=json_html&callback=googletag.impl.pubads.callbackProxy18&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249666&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=18&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=47&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
230
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4499794931819793&output=json_html&callback=googletag.impl.pubads.callbackProxy19&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249669&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=48&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
b47911ebe6a8ad13c46cdcf1e72837e4969842ae9395d0f595cc166951cafd94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4499794931819793&output=json_html&callback=googletag.impl.pubads.callbackProxy19&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250b&sz=300x250&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249669&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=806&adk=1631844106&gut=v2&ifi=19&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=48&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
8303
x-xss-protection
1; mode=block
google-lineitem-id
226109064
pragma
no-cache
server
cafe
google-creative-id
99669292584
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3497873702544359&output=json_html&callback=googletag.impl.pubads.callbackProxy20&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249811&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=49&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
f8116889f7539a2b8e3fca912deeda9177f34682b4fc4ae1dd06a70eae0b7f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3497873702544359&output=json_html&callback=googletag.impl.pubads.callbackProxy20&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=2&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249811&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=49&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; DSID=NO_DATA
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
229
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b9afda715fbcfd9867ddfad5b8249a7c6a3f97c723f7dedfceb9e8980cfcd6e

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4458011558501944&output=json_html&callback=googletag.impl.pubads.callbackProxy21&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249851&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=50&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1e262fcf639b556b1f7a8e6d837c297d3138ee17539037a4f3a6f388a4471d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=4458011558501944&output=json_html&callback=googletag.impl.pubads.callbackProxy21&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249851&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=21&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=50&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; DSID=NO_DATA
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
224
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ Frame 3338 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1126955235530974&output=json_html&callback=googletag.impl.pubads.callbackProxy22&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249984&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=51&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
171d362f9e67922587b81aae1742eca692a40d497a8b5a0846c268fba1211aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=1126955235530974&output=json_html&callback=googletag.impl.pubads.callbackProxy22&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=3&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820249&dt=1507820249984&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=22&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=51&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; DSID=NO_DATA
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
226
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
988d5805138b65bbf979736b58c517450fb7fce671421be2e41c8c6904514305

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2589884111684766&output=json_html&callback=googletag.impl.pubads.callbackProxy23&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=5&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820250&dt=1507820250047&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=23&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=52&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
151301fefcf9cdb7985018e0ce19e3f992251693f5ea54d76555453db7c5aade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2589884111684766&output=json_html&callback=googletag.impl.pubads.callbackProxy23&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250a&sz=300x250&rc=5&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820250&dt=1507820250047&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=526&adk=1738825107&gut=v2&ifi=23&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=52&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; DSID=NO_DATA
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
225
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2791327135336737&output=json_html&callback=googletag.impl.pubads.callbackProxy24&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820250&dt=1507820250164&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=24&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=53&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_158.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1f87a33756ed74f633614ac493f0f1f370ca3b0f1cbcebed150983983fcb0251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2791327135336737&output=json_html&callback=googletag.impl.pubads.callbackProxy24&impl=fif&eid=108809107&sc=0&sfv=1-0-13&iu=%2F58517704%2Fdropgears_eng_300x250c&sz=300x250%7C300x600%7C160x600&rc=4&scp=multi%3D10&eri=1&cookie=ID%3D78e7d37b0f280b3e%3AT%3D1507820248%3AS%3DALNI_MYX_zvgNMR9fMcwOYfLZtd5jkC81Q&cookie_enabled=1&abxe=1&lmt=1507820250&dt=1507820250164&frm=20&biw=1585&bih=1200&oid=3&adx=1117&ady=1086&adk=3089379921&gut=v2&ifi=24&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.dropgears.com%2F2017%2F09%2F06%2Ftarget-dropped-pretense-subtlety%2F%3Futm_source%3Deng%26utm_campaign%3Ddropgears%26utm_medium%3D30%26enc%3Doct17_0035&dssz=53&icsg=3002390646947647&std=0&vrg=158&vis=1&ga_vid=312649980.1507820249&ga_sid=1507820249&ga_hid=1618241
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
cookie
IDE=AHWqTUl6xZMSmFr48R2J--jr0kWi1Tk7NIvflYqxJ311oKUWsFLSE04OhNTCZTGw; DSID=NO_DATA
:scheme
https
referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
:method
GET
Referer
http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 12 Oct 2017 14:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
4046
x-xss-protection
1; mode=block
google-lineitem-id
226109064
pragma
no-cache
server
cafe
google-creative-id
99669292584
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ Frame 3338 		0
0
3ad0c277-1ae1-4c5f-91e7-83f915871ab4
http://www.dropgears.com/ 		121 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.dropgears.com/3ad0c277-1ae1-4c5f-91e7-83f915871ab4
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Content-Length
123493
cryptonight.wasm
coinhive.com/lib/ 		67 KB
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/cryptonight.wasm
Requested by
Host: www.dropgears.com
URL: http://www.dropgears.com/2017/09/06/target-dropped-pretense-subtlety/?utm_source=eng&utm_campaign=dropgears&utm_medium=30&enc=oct17_0035
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.102.124 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.124.102.130.94.clients.your-server.de
Software
nginx /
Resource Hash
47d299593572faf8941351f3ef8e46bc18eb684f679d87f9194bb635dd8aabc0

Request headers

Pragma
no-cache
Origin
http://www.dropgears.com
Accept-Encoding
gzip, deflate
Host
coinhive.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Origin
http://www.dropgears.com

Response headers

Date
Thu, 12 Oct 2017 14:57:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 14:16:33 GMT
Server
nginx
ETag
W/"59d24a41-10cbc"
Transfer-Encoding
chunked
Content-Type
application/wasm
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Connection
keep-alive
Expires
Thu, 12 Oct 2017 22:57:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dropgears.com
URL
http://www.dropgears.com/wp-includes/js/comment-reply.min.js
Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

4 Console Messages

Source Level URL
Text
console-api log URL: http://www.dropgears.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api info URL: http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977(Line 3)
Message:
in InitClient
console-api log URL: http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977(Line 3)
Message:
withCredentials
console-api log URL: http://js.entertainmentcrave.com/x/GrnhB58JZgM08Mi?ts1505514977(Line 3)
Message:
v

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coinhive.com
content.jwplatform.com
graph.dropgears.com
js.entertainmentcrave.com
pagead2.googlesyndication.com
pf.entertainmentcrave.com
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
static.dropgears.com
tpc.googlesyndication.com
video.dropgears.com
www.dropgears.com
www.google-analytics.com
www.google.com
www.googletagservices.com
tpc.googlesyndication.com
www.dropgears.com
104.239.245.27
107.170.212.46
216.58.207.66
2400:cb00:2048:1::6818:7c77
2600:9000:2043:2e00:1:a3fa:7cc0:93a1
2a00:1450:4001:818::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::200e
2a00:1450:401b:802::2004
54.68.185.137
94.130.102.124
94.130.129.235
94.31.29.128
007cf06ed3420c0d2bb55d57c09c423ebf9fb8d0bf6020972e59bab242e4dd36
04b8a89d0f9364ff2fc6709245145e2bf3826e4b7165167b3ad6802b168a17ce
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
0beab1ba62912dbd28060d54a9e17ddc4eed936bf0cd0bbb7817ad44f70ee6dd
111e52649c01340383292cbe7afbc97902fb0017f9fa7d7c196083f377a2b0b2
1345f308e81b6e513b5d00c8abe307a49d77e48f6c3c60db492ad0139cd1e8d5
151301fefcf9cdb7985018e0ce19e3f992251693f5ea54d76555453db7c5aade
1541f051e9e19325dbd867446c916e1e0b87f7c01ee7a7a5822fc85da23ed44a
171d362f9e67922587b81aae1742eca692a40d497a8b5a0846c268fba1211aa4
18b4720f422d2bff307352a9a5810f25ba0261f9532cc385fb93478ddb6463e4
1989d75362aa60afa281ef363d10ae4856afa839e2c357cb0121f05e92140d3f
1a20c630b8b3b21a5a1fc1317afae688c880c40be6d19b6db64b9f9314d40c42
1b9afda715fbcfd9867ddfad5b8249a7c6a3f97c723f7dedfceb9e8980cfcd6e
1e262fcf639b556b1f7a8e6d837c297d3138ee17539037a4f3a6f388a4471d48
1f87a33756ed74f633614ac493f0f1f370ca3b0f1cbcebed150983983fcb0251
20b0c85dd497c64ee1dadbe9372ef90a5da006918b7e4b3796cd85507eedc4bd
22681e77089f2aaababbb1a228943ea364718688065aeac70c810f2d295bd7fb
22f47477e87f4cdc5d05be90b75b5a91239e0324bcb2040001f07c1830a3f2d6
29233270598cf30927ec37377abd6e3ff9ac86b212f7c152f86dc181cf77a2a0
2a33c73ff8f48cbf1b55b1e8d8f8b1f7f540dce4fa14c7e230fa6e72bc23b04e
2a8ae1ff34234d31918cb385d4884b7fcf11f8b8c3bc8f8b57553f6efafd8d9b
2d3fdc1c233a7ca773265958fa943ebbf9a5c9d31ffd958bb24e51540c930e1e
2e5d1ce52a320f7f03bfae01203a576d45f8a929192be100c057263ceceebfb0
319d8af41b7f09110c6cf950ff36943c983b799263974a6b2b1cf5d1c624cbb4
37a60916d9df6e6e76b3fbfc35c73903468afae0ab8360d0ee1b71161cfe5966
39831bc68dddc4d22b7a0eea978a0193966d2cefda77a223c2b7140305e8b5fd
39fe9ea8326aa5d44e08f925d8a7c6fa63eafd5bf20e75742f9b768ed049e424
3a212e79ce07e77d6f8b1c479540237ac25de277b20e2a7811f1a51bcdcf60a8
3e366186c798c4ea66b36b7c19da53efddb835fe41a045bf659631fefb12b535
3f33d100563d60dd05761d555ea0451d8d648ef6f2803ed32d353025ca1fcf4e
44894c90c53bf1daaccde5e899b278fa82e38ff5c719867dcd993a069d78141f
44ce7be5b22ba80e67c3f7cc0c3682ba98f3aab5def5332bff9fef1d83bac579
46507adcb1cf2a17c6bd449fa07bd9088680266f454464e2fd67a7878f43d6e9
468a4c6a62610dfe4e791149500ddfe263ba63ab7cee8e74afc6750c30dda924
46a836bbc5a1168a1c6c48ddded65e5b2f8fea39f58d4aa090c6456698a589b8
46f148d119e3a4cd67ae855b15f276bdc3678bea791b4c37fbdf5b000c8ea270
474cceb742da08619dbc6c9b40ff638ddfb815f5c344a1261b312fb9c29c7174
47d299593572faf8941351f3ef8e46bc18eb684f679d87f9194bb635dd8aabc0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
496e70fe9fbe55e74be6c3c4432248c9e0f0a7267f16841409323d468ec928af
49b2a597ebd748366efaca05237527eb1a6a75c1720f0c450f3ff63f5fffe098
4e529704bacba1a50034a78bbe2ae83dcb4361d2a56ade0726d060a8f480bb20
4efe448239c794efbca1163597edd0e3a5c7ac2fe7f33f3dece8f11dfd643003
4f82846ffb895f36536ffd9e126f924bd910c277376e6e8d50ee78e8a8bb12b1
54cb6adc83fe0a4d62465ad076f5540bcf160a828bae3d7163fb2d5a5c468bb7
5bd9d2d2047595812b3f1a70e2f1210df8d85f001e3256e2076d80f9e8d714e9
5bf19de4a1e69b7b3cce947da22702f074c0963192bf9eb3ea9210ac07c52f67
6245f904e0fc183277d8e4b2d6bddfbd7d48f98d24d9de47040fa5806d22f71d
639a3d16ad06e2bcba789193a228ce5f0a1cce51b5612f91bf538ef7648705eb
656fe5c6d34218053534a3e9ffac21881e4bc6f49c6f7071f61f5be47ae0f22f
683a31a2f1130f523da2ea8a2b8eb44f447957b2f5ff33cc18576430739b86fb
6b3bdf6e4e7501dd6be54840d6324cb4842b092bab0243ab833d2ba599de1f84
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62
7ec853ce34bd953427fbbdb816ca1ef1ca7a20f70ef4881f25028475e37a1afb
7ffd3c538a80607101b021f12cdaa62133909106aea3ee33450f4c93740f11ea
80fe4d6532cc035a9ff4afe7c5f390ebeaae1eb62338c62e51005bb0eca65f7b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85305bdd837f8ba63fcbe796e08660b76331629eae3874248acb087b49d7a785
89063c896f3ff978cbecd97312879f288e207d519781425f0d7f9dd203dff653
89e41c23976efcec98899fd6ca2e1430f488d5b83e6eaa738e4400aba03c924a
8f93fa04c183f4e74489d06ee841a91faab72db9356525f931d09251c8b4a6ef
94992bf8f5bc20be9cd51e5bc1a82e016f17b746797492ee297cd3c576793033
988d5805138b65bbf979736b58c517450fb7fce671421be2e41c8c6904514305
9892e46edf665b396b880eba6989cbd3120cb8a4ad4a7155ca6c02d1b73c2294
9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2
9d30e7f065cd00a47d8e10e27acc443a33977176484ca11077f08fc20b1a672c
9d696f91497b27a658362835e0b5323dcf164c4c1e3539490955aa367a2265a3
9fd22d28727510f24053783e0da94e16e7fc9721c9cdecf84c25a6998014ba24
a0f30694ebb89db2c4fa47715a3d56b19e9e55241ca2956c9ef2a09a6e16af01
a1af43e92c367581c2d64e19d536a6d72332809f93b61114b1781ac208000ba5
ab7671fe8daaeab204b145e20b7e0585502147c23f9ebc0afdb4bc527c28aacb
b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239
b47911ebe6a8ad13c46cdcf1e72837e4969842ae9395d0f595cc166951cafd94
bba29f87f4915c6dfcff67d63b43ad69cc5b59f04e9378af044c8695b0ecc3a3
bbcc7115d61d9d2c6a803e4d7c8074fe1735d875cda78771f5aa0c6ce36cbd14
bcf3b7824f01e6df13d4c6b789117e99589814b10e5c54289b824e9137c3b969
c63ae5322089c0ff482b2057e445d3e1ea5a5e0fc71392533e393e47294474b9
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
c8858a1a521e725c25044b9437b87e80ce0464764f0e190c5c90a1060221f84d
c9fb8595b38724ea9f2efda4bcc018f839e31e3d69e2c08b07d7889239b7d080
ca514433afa86466ec7b14fc4f844aee103d63b3d11683f494bfad48b214cbf2
cad511b3096391740cb95ba32f4004e8d0bcec99c375638152ff6e29e89bfb18
d15d615b6462a7968a710eb65da45d6a2ccb17c98c1a6683ed4b4a3a78101740
d73766a4620dc6f41fb528938d0259a9edda7093d0fa18317197e373006bc562
d86b504700fd2792e109692e8766782230faaecd3cb38ab367511fcace0b8ce9
dacfd6e3a4dba21c4477b41192719929ba989ad0536d681c31ec69d6aa336216
df5f7be1f21502143c158393ca7a6a03e9a3521ba81e77b3b38b8319c8629545
df7197d9f56dd4d697cb8a64cc76cf628f0b6597b177437f4b2a904742551e14
e0113d51b7b9d7d9cd77c612c5bbbeb35ab07c071560a91787375fc57f71cecc
e12b98b79006d10c28cb032c7d80d23b5e45aa73f370609ff02a3f967ff8bb21
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
e667296fe027afc2fceea8f583db0ca3aa06030658d8a96fb37b2b48f48a7970
e7e3a8beb0aaf8b515b6d1f7c0d0460ed20ce9c287f75710c8d8eae9693fe983
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a1e254261135196fde38cdb2b6baca9536ceb9dffb66d003110db7a6b0966a
f46a6f9afdba1a2234f29833829f01548d233cb0e1e62bb29272dea4c2a19694
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1
f8116889f7539a2b8e3fca912deeda9177f34682b4fc4ae1dd06a70eae0b7f8f
fa0d3d606f56e4f008eb6c74a30fc64756fb8631f66f981eed7015093a466600
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fdc50ff93aef249caf93d34b01aebd065c6712192a5ab6f6b69619ebf5f3d99e
fe0debb209876b41f5eeaff2214d7a9d4bdfc227df6106ac8ffe8a61bf3915e9
fe3bf4c79e7725f16cd1e85ea6eb0b167b6cefffd8b2d50dcf558d94fb154586