urlscan.io logo urlscan.io
SecurityTrails logo

edtreatmentgroup.com Open in urlscan Pro
185.62.238.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Effective URL: https://edtreatmentgroup.com/vsl/tupisecret/
Submission: On September 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 30 HTTP transactions. The main IP is 185.62.238.21, located in Bulgaria and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is edtreatmentgroup.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 15th 2018. Valid for: 3 months.
This is the only time edtreatmentgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 185.198.26.102 63473 (HOSTHATCH)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.37.55.125 16509 (AMAZON-02)
1 1 52.34.94.199 16509 (AMAZON-02)
1 1 34.223.206.95 16509 (AMAZON-02)
19 185.62.238.21 32475 (SINGLEHOP...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 7
5    185.198.26.102 (None, )

ASN63473 (HOSTHATCH - HostHatch, Inc, US)
PTR: newsmbo.bid
www.backpainclinics.review
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    52.37.55.125 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-37-55-125.us-west-2.compute.amazonaws.com
108trk.com
1    52.34.94.199 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-34-94-199.us-west-2.compute.amazonaws.com
rmtrk1.com
1    34.223.206.95 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-223-206-95.us-west-2.compute.amazonaws.com
rmtrk1.com
19    185.62.238.21 (Bulgaria)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: c38336.sgvps.net
edtreatmentgroup.com
1    2a00:1450:4001:818::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
1    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube-nocookie.com
Domain Requested by
19 edtreatmentgroup.com www.backpainclinics.review
edtreatmentgroup.com
5 www.backpainclinics.review www.backpainclinics.review
ajax.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
edtreatmentgroup.com
2 rmtrk1.com 2 redirects
1 www.youtube-nocookie.com edtreatmentgroup.com
1 s.ytimg.com edtreatmentgroup.com
1 www.googletagmanager.com edtreatmentgroup.com
1 108trk.com 1 redirects
1 ajax.googleapis.com www.backpainclinics.review
30 9

This site contains no links.

Subject Issuer Validity Valid
edtreatmentgroup.com
Let's Encrypt Authority X3		 2018-08-15 -
2018-11-13		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://edtreatmentgroup.com/vsl/tupisecret/
Frame ID: EE25D121BA9EEC5CE5B6223C5753C726
Requests: 28 HTTP requests in this frame

Frame: http://www.backpainclinics.review/ajax/get_imgl/loading.gif/
Frame ID: B5A0304CEE37C3EC737097CB3EF54A56
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/N1kbMh5PWEo?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
Frame ID: B8FBBF192C53319E82074EB5E52C52FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html Page URL
  2. https://108trk.com/?a=207&c=683&s1=pp12se HTTP 302
    http://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se HTTP 302
    https://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se&ckmguid=d288426d-2d1e-497c-9d2b-15d5... HTTP 302
    https://edtreatmentgroup.com/vsl/tupisecret/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

30
Requests

80 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

1120 kB
Transfer

1322 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html Page URL
  2. https://108trk.com/?a=207&c=683&s1=pp12se HTTP 302
    http://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se HTTP 302
    https://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se&ckmguid=d288426d-2d1e-497c-9d2b-15d58e7692fd HTTP 302
    https://edtreatmentgroup.com/vsl/tupisecret/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tindex10.html
www.backpainclinics.review/1068-148-164-4616542/cbramlett/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Protocol
HTTP/1.1
Server
185.198.26.102 -, , ASN63473 (HOSTHATCH - HostHatch, Inc, US),
Reverse DNS
newsmbo.bid
Software
Apache / PHP/5.3.4
Resource Hash
5e8b2a1b447abf68de130af0bf76cdb48afbfaff03ff8a5f168bde2a916857e6

Request headers

Host
www.backpainclinics.review
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EE25D121BA9EEC5CE5B6223C5753C726

Response headers

Date
Wed, 12 Sep 2018 19:31:28 GMT
Server
Apache
X-Powered-By
PHP/5.3.4
Content-Length
2042
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.backpainclinics.review
URL: http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 03:39:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1353128
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33018
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Aug 2019 03:39:18 GMT
/
www.backpainclinics.review/ajax/get_js/main/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.backpainclinics.review/ajax/get_js/main/
Requested by
Host: www.backpainclinics.review
URL: http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Protocol
HTTP/1.1
Server
185.198.26.102 -, , ASN63473 (HOSTHATCH - HostHatch, Inc, US),
Reverse DNS
newsmbo.bid
Software
Apache / PHP/5.3.4
Resource Hash
6e81862e7adb1609c3c0d873ecfeff71413ea02e219669d27cd8e6ecd1f774c9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.backpainclinics.review
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 19:31:28 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.4
Content-Length
2738
Keep-Alive
timeout=15, max=99
Content-Type
text/javascript
/
www.backpainclinics.review/ajax/get_imgl/loading.gif/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.backpainclinics.review/ajax/get_imgl/loading.gif/
Requested by
Host: www.backpainclinics.review
URL: http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Protocol
HTTP/1.1
Server
185.198.26.102 -, , ASN63473 (HOSTHATCH - HostHatch, Inc, US),
Reverse DNS
newsmbo.bid
Software
Apache / PHP/5.3.4
Resource Hash
f5822f713ac663d495c62ecd1dfcdfb1ecc28d694166e8ecc7e6b466f025f154

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.backpainclinics.review
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 19:31:28 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.4
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=98
Content-Type
image/gif
/
www.backpainclinics.review/ajax_m/get_main_page/1068/10/0/4616542/1068-4616542-0-0/148/164/ 		41 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.backpainclinics.review/ajax_m/get_main_page/1068/10/0/4616542/1068-4616542-0-0/148/164/
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Server
185.198.26.102 -, , ASN63473 (HOSTHATCH - HostHatch, Inc, US),
Reverse DNS
newsmbo.bid
Software
Apache / PHP/5.3.4
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.backpainclinics.review
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
*/*
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 19:31:28 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.4
Content-Length
41
Keep-Alive
timeout=15, max=100
Content-Type
text/html
/
www.backpainclinics.review/ajax/get_imgl/loading.gif/ Frame B5A0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.backpainclinics.review/ajax/get_imgl/loading.gif/
Requested by
Host: www.backpainclinics.review
URL: http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
Protocol
HTTP/1.1
Server
185.198.26.102 -, , ASN63473 (HOSTHATCH - HostHatch, Inc, US),
Reverse DNS
newsmbo.bid
Software
Apache / PHP/5.3.4
Resource Hash

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.backpainclinics.review
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 19:31:28 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/5.3.4
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=100
Content-Type
image/gif
Primary Request /
edtreatmentgroup.com/vsl/tupisecret/
Redirect Chain
  • https://108trk.com/?a=207&c=683&s1=pp12se
  • http://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se
  • https://rmtrk1.com/?a=37&c=127&s1=207&s2=5239248&s3=pp12se&ckmguid=d288426d-2d1e-497c-9d2b-15d58e7692fd
  • https://edtreatmentgroup.com/vsl/tupisecret/
107 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/
Requested by
Host: www.backpainclinics.review
URL: http://www.backpainclinics.review/ajax/get_js/main/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
e77708070a61dab2be26f2bbbcc91fa10876ac287c2a2d3a3083b6c4ffa46ef4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
edtreatmentgroup.com
:scheme
https
:path
/vsl/tupisecret/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EE25D121BA9EEC5CE5B6223C5753C726
Referer
http://www.backpainclinics.review/1068-148-164-4616542/cbramlett/tindex10.html

Response headers

status
200
server
nginx
date
Wed, 12 Sep 2018 19:31:29 GMT
content-type
text/html; charset=UTF-8
content-length
38356
set-cookie
looked=yes; expires=Wed, 12-Sep-2018 20:31:29 GMT; Max-Age=3600
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=600, private, must-revalidate
expires
Fri, 14 Sep 2018 19:31:29 GMT
host-header
192fc2e7e50945beb8231a492d6a8024
x-xss-protection
1; mode=block
x-proxy-cache
MISS

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
date
Wed, 12 Sep 2018 19:31:28 GMT
location
https://edtreatmentgroup.com/vsl/tupisecret/
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie
sid=FBANqnNisMdmT2r2leh+yvgQRHKB/Mk81ZM8jquuGJTk02bzuHaFMA==; domain=.rmtrk1.com; path=/; HttpOnly trk=YUmW5wdN1x9mT2r2leh+yvgQRHKB/Mk81ZM8jquuGJTk02bzuHaFMA==; domain=.rmtrk1.com; expires=Tue, 12-Sep-2023 12:31:28 GMT; path=/; HttpOnly c24=FBANqnNisMcKc3ZcucdHSCswFU81TqTsLa9zTmOzD8U=; domain=.rmtrk1.com; expires=Fri, 12-Oct-2018 19:31:28 GMT; path=/; HttpOnly
content-length
161
headline.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/headline.png
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
a9198b3bedbc8991aacab43e93d94951d3af7f837737450b6387f26ecf1a2da6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/headline.png
pragma
no-cache
cookie
looked=yes
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:29 GMT
server
nginx
etag
"4fca-574033e082b80"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:54 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
20426
x-xss-protection
1; mode=block
x-proxy-cache
HIT
man-ed.gif
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		286 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/man-ed.gif
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
40db3cf1ce361955e7fa5b554e85c07fc3bdf455cd1373967dbaa7c16fe36100
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/man-ed.gif
pragma
no-cache
cookie
looked=yes
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:29 GMT
server
nginx
etag
"47892-573f64debc780"
content-type
image/gif
status
200
expires
Sat, 13 Oct 2018 22:32:54 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
293010
x-xss-protection
1; mode=block
x-proxy-cache
HIT
sound.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		580 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/sound.png
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
75bfb5bf228e091b3f16ba01978db2190fd6ce4de8a59c9d07c62ea1c540c167
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/sound.png
pragma
no-cache
cookie
looked=yes
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:29 GMT
server
nginx
etag
"244-573790ecb6100"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:54 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
580
x-xss-protection
1; mode=block
x-proxy-cache
HIT
bg1.jpg
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/bg1.jpg
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
d2fa2fc53e22d9d72efc48224af153d1b19ba5c3c46858f220ab222734b73311
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/bg1.jpg
pragma
no-cache
cookie
looked=yes
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:29 GMT
server
nginx
etag
"6ade-57405eef14100"
content-type
image/jpeg
status
200
expires
Sat, 13 Oct 2018 22:40:07 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
27358
x-xss-protection
1; mode=block
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124358878-1
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
36614c8fe56251f12337ab1a5a49a6300c5a7b0f77c2aac2f583b8937f122f27
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:29 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27634
x-xss-protection
1; mode=block
expires
Wed, 12 Sep 2018 19:31:29 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124358878-1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
6743
date
Wed, 12 Sep 2018 17:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Wed, 12 Sep 2018 19:39:06 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1239077217&t=pageview&_s=1&dl=https%3A%2F%2Fedtreatmentgroup.com%2Fvsl%2Ftupisecret%2F&dr=http%3A%2F%2Fwww.backpainclinics.review%2F1068-148-164-4616542%2Fcbramlett%2Ftindex10.html&ul=en-us&de=UTF-8&dt=Prime%20Potence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1063515790&gjid=1717404696&cid=1381562415.1536780690&tid=UA-124358878-1&_gid=1008532513.1536780690&_r=1&gtm=u94&z=1450098155
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Sep 2018 19:31:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflgX_lHM/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflgX_lHM/www-widgetapi.js
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6b18ff49e6f8b2a4729827452ce62bf9d8f7a66ef683ebfa581d7fb4b4f3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 02:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62620
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7700
x-xss-protection
1; mode=block
last-modified
Mon, 02 Jul 2018 17:57:02 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 20 Sep 2018 02:07:50 GMT
N1kbMh5PWEo
www.youtube-nocookie.com/embed/ Frame B8FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/N1kbMh5PWEo?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
Requested by
Host: edtreatmentgroup.com
URL: https://edtreatmentgroup.com/vsl/tupisecret/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/N1kbMh5PWEo?enablejsapi=1&playsinline=1&fs=0&rel=0&controls=0&showinfo=0&autoplay=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://edtreatmentgroup.com/vsl/tupisecret/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EE25D121BA9EEC5CE5B6223C5753C726
Referer
https://edtreatmentgroup.com/vsl/tupisecret/

Response headers

status
200
content-encoding
gzip
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Wed, 12 Sep 2018 19:31:30 GMT
server
YouTube Frontend Proxy
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
prod11.jpg
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/prod11.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
46939e1f9d7e03241a530a2da705f84bcb47374d89398ad8f9136136e0a79a69
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/prod11.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"16b19-574033e082b80"
content-type
image/jpeg
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
92953
x-xss-protection
1; mode=block
x-proxy-cache
HIT
prod62.jpg
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/prod62.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
4d2878437db7b41290cb6404ab68a4114459a339e7151e885e603090a3a58b36
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/prod62.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"17410-574033e082b80"
content-type
image/jpeg
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
95248
x-xss-protection
1; mode=block
x-proxy-cache
HIT
prod3.jpg
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/prod3.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
1c7e5c75f82b5a9601042e764b119495510a390304f14bb6f4a8e36f0ecbba0a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/prod3.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"1913f-574033e082b80"
content-type
image/jpeg
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
102719
x-xss-protection
1; mode=block
x-proxy-cache
HIT
coment.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/coment.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
b8d1e5004119bd1f1bf0324b52ca40479d44810e581378ba9be26f0620dc4996
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/coment.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"2dd49-5737915f26f00"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
187721
x-xss-protection
1; mode=block
x-proxy-cache
HIT
logos.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/logos.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
2db55e4e21f3bb37d91cb27f71b6e17fcc3726920c8f2900b24b0f38cf4247bb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/logos.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"d90a-573790ecb6100"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
55562
x-xss-protection
1; mode=block
x-proxy-cache
HIT
autor12.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/autor12.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
4902938615cc3ca98fe766b37e46963e2236dba62818c4d486fbca88b98af955
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/autor12.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"54c7-573e44bbd7b00"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
21703
x-xss-protection
1; mode=block
x-proxy-cache
HIT
comment.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/comment.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
ccaec4082c1d33d2823f9e696b9e3558d61e4514cb57810bc85411143d80419d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/comment.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"9d9-574033e082b80"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2521
x-xss-protection
1; mode=block
x-proxy-cache
HIT
autor22.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/autor22.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
d3c8a98a9a72b333344dc8bf066664555eb6b74864775affcdbe7a8c07926b0b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/autor22.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"4f82-573e446ac7bc0"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
20354
x-xss-protection
1; mode=block
x-proxy-cache
HIT
comment2.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/comment2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
8eec3d90bd227bdfd9f1b35522b3b59a0d804d59461a97bdf86b2341631cb6be
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/comment2.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"b06-571d4356e9bc0"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2822
x-xss-protection
1; mode=block
x-proxy-cache
HIT
autor32.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/autor32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
261f3d1627e6ea9d6ff1ce87a2553cb69a1e857b13cf4858533af4b8ca9b191f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/autor32.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"48fb-573e444872ac0"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
18683
x-xss-protection
1; mode=block
x-proxy-cache
HIT
comment3.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/comment3.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
b9b88f6231e2d21b28650e1df0b0c308fca468f102a2162b272231f0557dbafb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/comment3.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"b07-571d4355f5980"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
2823
x-xss-protection
1; mode=block
x-proxy-cache
HIT
book1.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/book1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
042563f607dcfde545629417596c1c1263899a24a03c7ae3186fa776786db42e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/book1.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"4645-574033e082b80"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
17989
x-xss-protection
1; mode=block
x-proxy-cache
HIT
book2.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/book2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
bb7a5950f591e23faa103c57e7df7c8f917fd6a4bc836e0b39574dcf3bef485f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/book2.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"55b4-574033e082b80"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
21940
x-xss-protection
1; mode=block
x-proxy-cache
HIT
guar.png
edtreatmentgroup.com/vsl/tupisecret/imgs/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edtreatmentgroup.com/vsl/tupisecret/imgs/guar.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.62.238.21 , Bulgaria, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
c38336.sgvps.net
Software
nginx /
Resource Hash
37d94fe68ae3b45470eae9af2689db4a8a7040a31d164fdb539d951c3dfebe4a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/vsl/tupisecret/imgs/guar.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
edtreatmentgroup.com
referer
https://edtreatmentgroup.com/vsl/tupisecret/
:scheme
https
:method
GET
Referer
https://edtreatmentgroup.com/vsl/tupisecret/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 19:31:31 GMT
server
nginx
etag
"2fe6-573790ecb6100"
content-type
image/png
status
200
expires
Sat, 13 Oct 2018 22:32:56 GMT
cache-control
max-age=2692000, public
host-header
192fc2e7e50945beb8231a492d6a8024
accept-ranges
bytes
content-length
12262
x-xss-protection
1; mode=block
x-proxy-cache
HIT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| $time number| $w object| player function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| stopedVideo function| show function| scrolling number| remain_bv function| parseTime_bv boolean| click function| init number| $hw function| gtag object| dataLayer number| timeoutId object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| YT object| video

4 Cookies

Domain/Path Name / Value
.edtreatmentgroup.com/ Name: _gat_gtag_UA_124358878_1
Value: 1
.edtreatmentgroup.com/ Name: _gid
Value: GA1.2.1008532513.1536780690
.edtreatmentgroup.com/ Name: _ga
Value: GA1.2.1381562415.1536780690
edtreatmentgroup.com/vsl/tupisecret Name: looked
Value: yes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

108trk.com
ajax.googleapis.com
edtreatmentgroup.com
rmtrk1.com
s.ytimg.com
www.backpainclinics.review
www.google-analytics.com
www.googletagmanager.com
www.youtube-nocookie.com
185.198.26.102
185.62.238.21
2a00:1450:4001:814::200e
2a00:1450:4001:817::200e
2a00:1450:4001:818::2008
2a00:1450:4001:818::200e
2a00:1450:4001:821::200a
34.223.206.95
52.34.94.199
52.37.55.125
042563f607dcfde545629417596c1c1263899a24a03c7ae3186fa776786db42e
1c7e5c75f82b5a9601042e764b119495510a390304f14bb6f4a8e36f0ecbba0a
261f3d1627e6ea9d6ff1ce87a2553cb69a1e857b13cf4858533af4b8ca9b191f
2db55e4e21f3bb37d91cb27f71b6e17fcc3726920c8f2900b24b0f38cf4247bb
36614c8fe56251f12337ab1a5a49a6300c5a7b0f77c2aac2f583b8937f122f27
37d94fe68ae3b45470eae9af2689db4a8a7040a31d164fdb539d951c3dfebe4a
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
40db3cf1ce361955e7fa5b554e85c07fc3bdf455cd1373967dbaa7c16fe36100
46939e1f9d7e03241a530a2da705f84bcb47374d89398ad8f9136136e0a79a69
4902938615cc3ca98fe766b37e46963e2236dba62818c4d486fbca88b98af955
4d2878437db7b41290cb6404ab68a4114459a339e7151e885e603090a3a58b36
5e8b2a1b447abf68de130af0bf76cdb48afbfaff03ff8a5f168bde2a916857e6
6e81862e7adb1609c3c0d873ecfeff71413ea02e219669d27cd8e6ecd1f774c9
75bfb5bf228e091b3f16ba01978db2190fd6ce4de8a59c9d07c62ea1c540c167
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8eec3d90bd227bdfd9f1b35522b3b59a0d804d59461a97bdf86b2341631cb6be
a9198b3bedbc8991aacab43e93d94951d3af7f837737450b6387f26ecf1a2da6
b8d1e5004119bd1f1bf0324b52ca40479d44810e581378ba9be26f0620dc4996
b9b88f6231e2d21b28650e1df0b0c308fca468f102a2162b272231f0557dbafb
bb7a5950f591e23faa103c57e7df7c8f917fd6a4bc836e0b39574dcf3bef485f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ccaec4082c1d33d2823f9e696b9e3558d61e4514cb57810bc85411143d80419d
cd6b18ff49e6f8b2a4729827452ce62bf9d8f7a66ef683ebfa581d7fb4b4f3a3
d2fa2fc53e22d9d72efc48224af153d1b19ba5c3c46858f220ab222734b73311
d3c8a98a9a72b333344dc8bf066664555eb6b74864775affcdbe7a8c07926b0b
e77708070a61dab2be26f2bbbcc91fa10876ac287c2a2d3a3083b6c4ffa46ef4
f5822f713ac663d495c62ecd1dfcdfb1ecc28d694166e8ecc7e6b466f025f154