urlscan.io logo urlscan.io
SecurityTrails logo

668zhe.xyz Open in urlscan Pro
2606:4700:30::681b:b5be  Public Scan

Go To Rescan Add Verdict Report
URL: http://668zhe.xyz/
Submission: On February 14 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 8 countries across 69 domains to perform 108 HTTP transactions. The main IP is 2606:4700:30::681b:b5be, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 668zhe.xyz.
This is the only time 668zhe.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 104.20.2.47 13335 (CLOUDFLAR...)
1 198.134.112.242 27257 (WEBAIR-IN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
9 2620:0:862:ed... 14907 (WIKIMEDIA)
5 2606:2800:134... 15133 (EDGECAST)
2 192.0.72.2 2635 (AUTOMATTIC)
2 192.0.72.3 2635 (AUTOMATTIC)
4 151.101.120.70 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.16.173.252 13335 (CLOUDFLAR...)
1 34.253.162.206 16509 (AMAZON-02)
2 2.18.232.243 16625 (AKAMAI-AS)
1 2620:12a:8000::1 54113 (FASTLY)
1 151.101.1.111 54113 (FASTLY)
1 13.32.223.103 16509 (AMAZON-02)
4 151.101.66.98 54113 (FASTLY)
3 151.101.1.164 54113 (FASTLY)
1 1 2a03:2880:f02... ()
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 205.185.216.10 20446 (HIGHWINDS3)
1 1 2a02:26f0:6c0... ()
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.45.104.47 20940 (AKAMAI-ASN1)
1 151.101.1.184 54113 (FASTLY)
1 151.101.0.238 54113 (FASTLY)
4 13.32.141.62 16509 (AMAZON-02)
2 125.19.181.9 9498 (BBIL-AP B...)
1 2620:11a:e002... 22300 (WIKIA)
1 192.0.72.22 2635 (AUTOMATTIC)
1 142.52.192.119 852 (ASN852)
1 94.31.29.64 12989 (HWNG)
1 2600:9000:200... 16509 (AMAZON-02)
1 212.48.103.60 8893 (ARTFILES-...)
1 13.32.223.98 16509 (AMAZON-02)
1 151.101.1.171 54113 (FASTLY)
1 2.16.186.187 20940 (AKAMAI-ASN1)
1 52.73.136.182 14618 (AMAZON-AES)
2 35.229.125.222 15169 (GOOGLE)
1 64.28.110.200 3728 (ONR-ADDR)
1 2a01:488:42:1... 20773 (HOSTEUROP...)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 169.133.239.100 18815 (AS-CITY-A...)
1 104.154.113.180 15169 (GOOGLE)
1 192.0.72.26 2635 (AUTOMATTIC)
1 142.67.0.107 22636 (NOVA-SCOT...)
1 192.0.72.30 2635 (AUTOMATTIC)
1 66.96.146.129 29873 (BIZLAND-SD)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.122.110 54113 (FASTLY)
1 104.111.215.41 16625 (AKAMAI-AS)
2 151.101.0.239 54113 (FASTLY)
1 2 143.95.82.3 62729 (ASMALLORA...)
1 208.91.60.7 14244 (NSIHOSTIN...)
1 107.22.175.16 14618 (AMAZON-AES)
1 18.209.117.161 14618 (AMAZON-AES)
1 45.55.148.86 14061 (DIGITALOC...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 192.0.72.28 2635 (AUTOMATTIC)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 192.0.66.2 2635 (AUTOMATTIC)
1 13.32.223.242 ()
1 13.89.33.83 ()
1 104.111.246.35 ()
1 13.32.223.208 ()
1 87.198.212.168 ()
1 163.172.77.104 ()
1 35.196.229.234 ()
1 151.101.120.124 ()
1 13.32.223.191 ()
1 35.227.48.111 ()
1 217.114.50.151 ()
1 104.20.3.47 ()
108 74
3    2606:4700:30::681b:b5be (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
668zhe.xyz
1    104.20.2.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
rgvqcsxqge.com
1    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700:30::681b:b4be (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
668zhe.xyz
9    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
upload.wikimedia.org
5    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
pbs.twimg.com
2    192.0.72.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
thenypost.files.wordpress.com
2    192.0.72.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
timedotcom.files.wordpress.com
pmcvariety.files.wordpress.com
4    151.101.120.70 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
pixel.nymag.com
2    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
yt3.ggpht.com
2    104.16.173.252 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.congress.gov
1    34.253.162.206 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-162-206.eu-west-1.compute.amazonaws.com
www.ewa.bh
2    2.18.232.243 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-243.deploy.static.akamaitechnologies.com
fm.cnbc.com
1    2620:12a:8000::1 (United States)

ASN54113 (FASTLY - Fastly, US)
www.swedishamerican.org
1    151.101.1.111 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i.guim.co.uk
1    13.32.223.103 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-103.fra56.r.cloudfront.net
cdn.nashvillescene.com
4    151.101.66.98 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
www.biography.com
3    151.101.1.164 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static01.nyt.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN- ()
lookaside.fbsbx.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2a02:26f0:6c00:187::3134 (European Union)

ASN20940 (AKAMAI-ASN1, US)
cdn.cnn.com
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
static.libsyn.com
1    2a02:26f0:6c00:290::2599 (European Union)

ASN- ()
specials-images.forbesimg.com
1    2a02:26f0:6c00:291::2599 (European Union)

ASN20940 (AKAMAI-ASN1, US)
specials-images.forbesimg.com
1    23.45.104.47 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-104-47.deploy.static.akamaitechnologies.com
media.secure-mobiles.com
1    151.101.1.184 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static.independent.co.uk
1    151.101.0.238 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
static1.squarespace.com
4    13.32.141.62 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-141-62.fra56.r.cloudfront.net
images-na.ssl-images-amazon.com
m.media-amazon.com
2    125.19.181.9 (India)

ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN)
www.uppclonline.com
1    2620:11a:e002:fa00::204 (United States)

ASN22300 (WIKIA - Wikia, Inc., US)
vignette.wikia.nocookie.net
1    192.0.72.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
moneydotcomvip.files.wordpress.com
1    142.52.192.119 (Burnaby, Canada)

ASN852 (ASN852 - TELUS Communications Inc., CA)
PTR: app.bchydro.com
app.bchydro.com
1    94.31.29.64 (United Kingdom)

ASN12989 (HWNG, NL)
PTR: 94.31.29.64.IPYX-077437-ZYO.above.net
2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com
1    2600:9000:200d:5200:e:ee51:2e00:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
images.tritondigitalcms.com
1    212.48.103.60 (Hamburg, Germany)

ASN8893 (ARTFILES-AS Zirkusweg 1, DE)
magazin.lufthansa.com
1    13.32.223.98 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-98.fra56.r.cloudfront.net
imagesvc.timeincapp.com
1    151.101.1.171 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
amp.businessinsider.com
1    2.16.186.187 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-187.deploy.static.akamaitechnologies.com
www.alintaenergy.com.au
1    52.73.136.182 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-136-182.compute-1.amazonaws.com
www.unitypoint.org
2    35.229.125.222 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 222.125.229.35.bc.googleusercontent.com
www.bgehome.com
1    64.28.110.200 (Pearland, United States)

ASN3728 (ONR-ADDR - Onramp Access LLC, US)
PTR: www.seton.net
www.seton.net
1    2a01:488:42:1000:b24d:6d55:47:19ff (Germany)

ASN20773 (HOSTEUROPE-AS, DE)
climateanalytics.org
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
secure.gravatar.com
1    169.133.239.100 (Denver, United States)

ASN18815 (AS-CITY-AND-COUNTY-OF-DENVER - CITY AND COUNTY OF DENVER, US)
www.denvergov.org
1    104.154.113.180 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 180.113.154.104.bc.googleusercontent.com
www.frontier-power.com
1    192.0.72.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
ewedit.files.wordpress.com
1    142.67.0.107 (Halifax, Canada)

ASN22636 (NOVA-SCOTIA-POWER - Nova Scotia Power, Inc., CA)
PTR: ratesandregs.nspower.ca
www.nspower.ca
1    192.0.72.30 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
fortunedotcom.files.wordpress.com
1    66.96.146.129 (Burlington, United States)

ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US)
PTR: 129.146.96.66.static.eigbox.net
www.billviola.com
1    2a02:26f0:6c00:18a::3279 (European Union)

ASN20940 (AKAMAI-ASN1, US)
www.fpl.com
1    151.101.122.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
www.wikihow.com
1    104.111.215.41 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-215-41.deploy.static.akamaitechnologies.com
cbsnews3.cbsistatic.com
2    151.101.0.239 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
media.gq.com
2    143.95.82.3 (Los Angeles, United States)

ASN62729 (ASMALLORANGE1 - A Small Orange LLC, US)
PTR: ip-143-95-82-3.iplocal
www.puppetswhokill.com
1    208.91.60.7 (Chicago, United States)

ASN14244 (NSIHOSTING-EQX-VA - NSI Hosting, US)
PTR: *.media.clients.ellingtoncms.com
vindy.media.clients.ellingtoncms.com
1    107.22.175.16 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-22-175-16.compute-1.amazonaws.com
annenberg.usc.edu
1    18.209.117.161 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-209-117-161.compute-1.amazonaws.com
www.secondcity.com
1    45.55.148.86 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
amex.wgbhdigital.org
1    2a02:26f0:6c00:28d::9f0 (European Union)

ASN20940 (AKAMAI-ASN1, US)
cdn.abcotvs.com
1    192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
billkonigsberg.files.wordpress.com
1    2a02:26f0:6c00:29c::7e5 (European Union)

ASN20940 (AKAMAI-ASN1, US)
si.wsj.net
1    192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
www.indiewire.com
1    13.32.223.242 (Seattle, United States)

ASN- ()
PTR: server-13-32-223-242.fra56.r.cloudfront.net
2.imimg.com
1    13.89.33.83 (Des Moines, United States)

ASN- ()
www.beaumont.org
1    104.111.246.35 (Amsterdam, Netherlands)

ASN- ()
PTR: a104-111-246-35.deploy.static.akamaitechnologies.com
www.telegraph.co.uk
1    13.32.223.208 (Seattle, United States)

ASN- ()
PTR: server-13-32-223-208.fra56.r.cloudfront.net
images.thestar.com
1    87.198.212.168 (Dublin, Ireland)

ASN- ()
PTR: 87-198-212-168.ptr.magnet.ie
www.electricireland.ie
1    163.172.77.104 (United Kingdom)

ASN- ()
PTR: 4th-line.eu
www.lextracourt.com
1    35.196.229.234 (Ann Arbor, United States)

ASN- ()
PTR: 234.229.196.35.bc.googleusercontent.com
www.romefloyd.com
1    151.101.120.124 (San Francisco, United States)

ASN- ()
cdn.vox-cdn.com
1    13.32.223.191 (Seattle, United States)

ASN- ()
PTR: server-13-32-223-191.fra56.r.cloudfront.net
billgrahamcivic.com
1    35.227.48.111 (Ann Arbor, United States)

ASN- ()
PTR: 111.48.227.35.bc.googleusercontent.com
www.maryfreebed.com
1    217.114.50.151 (Lancaster, United Kingdom)

ASN- ()
PTR: 151-50-114-217.reverse.luns.net.uk
councilportal.cumbria.gov.uk
1    104.20.3.47 (San Francisco, United States)

ASN- ()
c.statcounter.com
Apex Domain
Subdomains		 Transfer
9 wikimedia.org
upload.wikimedia.org
161 KB
8 wordpress.com
thenypost.files.wordpress.com
timedotcom.files.wordpress.com
moneydotcomvip.files.wordpress.com
pmcvariety.files.wordpress.com
ewedit.files.wordpress.com
fortunedotcom.files.wordpress.com
billkonigsberg.files.wordpress.com
6 MB
5 twimg.com
pbs.twimg.com
97 KB
4 biography.com
www.biography.com
595 KB
4 nymag.com
pixel.nymag.com
454 KB
4 668zhe.xyz
668zhe.xyz
11 KB
3 media-amazon.com
m.media-amazon.com
1 MB
3 nyt.com
static01.nyt.com
49 KB
2 puppetswhokill.com
www.puppetswhokill.com
1 KB
2 gq.com
media.gq.com
166 KB
2 bgehome.com
www.bgehome.com
444 KB
2 uppclonline.com
www.uppclonline.com
224 KB
2 forbesimg.com
specials-images.forbesimg.com
15 KB
2 cnn.com
cdn.cnn.com
131 KB
2 cnbc.com
fm.cnbc.com
203 KB
2 congress.gov
www.congress.gov
94 KB
2 ggpht.com
yt3.ggpht.com
164 KB
2 statcounter.com
www.statcounter.com
c.statcounter.com
11 KB
1 cumbria.gov.uk
councilportal.cumbria.gov.uk
10 KB
1 maryfreebed.com
www.maryfreebed.com
97 KB
1 billgrahamcivic.com
billgrahamcivic.com
52 KB
1 vox-cdn.com
cdn.vox-cdn.com
51 KB
1 romefloyd.com
www.romefloyd.com
9 KB
1 lextracourt.com
www.lextracourt.com
108 KB
1 electricireland.ie
www.electricireland.ie
125 KB
1 thestar.com
images.thestar.com
35 KB
1 telegraph.co.uk
www.telegraph.co.uk
18 KB
1 beaumont.org
www.beaumont.org
273 KB
1 imimg.com
2.imimg.com
27 KB
1 indiewire.com
www.indiewire.com
86 KB
1 wsj.net
si.wsj.net
43 KB
1 abcotvs.com
cdn.abcotvs.com
191 KB
1 wgbhdigital.org
amex.wgbhdigital.org
15 KB
1 secondcity.com
www.secondcity.com
71 KB
1 usc.edu
annenberg.usc.edu
48 KB
1 ellingtoncms.com
vindy.media.clients.ellingtoncms.com
20 KB
1 cbsistatic.com
cbsnews3.cbsistatic.com
22 KB
1 wikihow.com
www.wikihow.com
79 KB
1 fpl.com
www.fpl.com
229 KB
1 billviola.com
www.billviola.com
63 KB
1 nspower.ca
www.nspower.ca
227 KB
1 frontier-power.com
www.frontier-power.com
29 KB
1 denvergov.org
www.denvergov.org
155 KB
1 gravatar.com
secure.gravatar.com
33 KB
1 climateanalytics.org
climateanalytics.org
8 KB
1 seton.net
www.seton.net
39 KB
1 unitypoint.org
www.unitypoint.org
264 KB
1 alintaenergy.com.au
www.alintaenergy.com.au
217 KB
1 businessinsider.com
amp.businessinsider.com
53 KB
1 timeincapp.com
imagesvc.timeincapp.com
18 KB
1 lufthansa.com
magazin.lufthansa.com
63 KB
1 tritondigitalcms.com
images.tritondigitalcms.com
58 KB
1 netdna-ssl.com
2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com
21 KB
1 bchydro.com
app.bchydro.com
57 KB
1 nocookie.net
vignette.wikia.nocookie.net
26 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com
86 KB
1 squarespace.com
static1.squarespace.com
7 KB
1 independent.co.uk
static.independent.co.uk
33 KB
1 secure-mobiles.com
media.secure-mobiles.com
615 KB
1 libsyn.com
static.libsyn.com
157 KB
1 facebook.com
www.facebook.com
12 KB
1 fbsbx.com
lookaside.fbsbx.com
320 B
1 nashvillescene.com
cdn.nashvillescene.com
51 KB
1 guim.co.uk
i.guim.co.uk
5 KB
1 swedishamerican.org
www.swedishamerican.org
70 KB
1 ewa.bh
www.ewa.bh
351 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 rgvqcsxqge.com
rgvqcsxqge.com
0 epwater.org Failed
www.epwater.org Failed
108 69
Domain Requested by
9 upload.wikimedia.org 668zhe.xyz
5 pbs.twimg.com 668zhe.xyz
4 www.biography.com 668zhe.xyz
4 pixel.nymag.com 668zhe.xyz
4 668zhe.xyz 668zhe.xyz
ajax.googleapis.com
3 m.media-amazon.com 668zhe.xyz
3 static01.nyt.com 668zhe.xyz
2 www.puppetswhokill.com 1 redirects 668zhe.xyz
2 media.gq.com 668zhe.xyz
2 www.bgehome.com 668zhe.xyz
2 www.uppclonline.com 668zhe.xyz
2 specials-images.forbesimg.com 1 redirects 668zhe.xyz
2 cdn.cnn.com 668zhe.xyz
2 fm.cnbc.com 668zhe.xyz
2 www.congress.gov 668zhe.xyz
2 yt3.ggpht.com 668zhe.xyz
2 thenypost.files.wordpress.com 668zhe.xyz
1 c.statcounter.com 668zhe.xyz
1 councilportal.cumbria.gov.uk 668zhe.xyz
1 www.maryfreebed.com 668zhe.xyz
1 billgrahamcivic.com 668zhe.xyz
1 cdn.vox-cdn.com 668zhe.xyz
1 www.romefloyd.com 668zhe.xyz
1 www.lextracourt.com 668zhe.xyz
1 www.electricireland.ie 668zhe.xyz
1 images.thestar.com 668zhe.xyz
1 www.telegraph.co.uk 668zhe.xyz
1 www.beaumont.org 668zhe.xyz
1 2.imimg.com 668zhe.xyz
1 www.indiewire.com 668zhe.xyz
1 si.wsj.net 668zhe.xyz
1 billkonigsberg.files.wordpress.com 668zhe.xyz
1 cdn.abcotvs.com 668zhe.xyz
1 amex.wgbhdigital.org 668zhe.xyz
1 www.secondcity.com 668zhe.xyz
1 annenberg.usc.edu 668zhe.xyz
1 vindy.media.clients.ellingtoncms.com 668zhe.xyz
1 cbsnews3.cbsistatic.com 668zhe.xyz
1 www.wikihow.com 668zhe.xyz
1 www.fpl.com 668zhe.xyz
1 www.billviola.com 668zhe.xyz
1 fortunedotcom.files.wordpress.com 668zhe.xyz
1 www.nspower.ca 668zhe.xyz
1 ewedit.files.wordpress.com 668zhe.xyz
1 www.frontier-power.com 668zhe.xyz
1 www.denvergov.org 668zhe.xyz
1 secure.gravatar.com 668zhe.xyz
1 pmcvariety.files.wordpress.com 668zhe.xyz
1 climateanalytics.org 668zhe.xyz
1 www.seton.net 668zhe.xyz
1 www.unitypoint.org 668zhe.xyz
1 www.alintaenergy.com.au 668zhe.xyz
1 amp.businessinsider.com 668zhe.xyz
1 imagesvc.timeincapp.com 668zhe.xyz
1 magazin.lufthansa.com 668zhe.xyz
1 images.tritondigitalcms.com 668zhe.xyz
1 2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com 668zhe.xyz
1 app.bchydro.com 668zhe.xyz
1 moneydotcomvip.files.wordpress.com 668zhe.xyz
1 vignette.wikia.nocookie.net 668zhe.xyz
1 images-na.ssl-images-amazon.com 668zhe.xyz
1 static1.squarespace.com 668zhe.xyz
1 static.independent.co.uk 668zhe.xyz
1 media.secure-mobiles.com 668zhe.xyz
1 static.libsyn.com 668zhe.xyz
1 www.facebook.com 668zhe.xyz
1 lookaside.fbsbx.com 1 redirects
1 cdn.nashvillescene.com 668zhe.xyz
1 i.guim.co.uk 668zhe.xyz
1 www.swedishamerican.org 668zhe.xyz
1 www.ewa.bh 668zhe.xyz
1 timedotcom.files.wordpress.com 668zhe.xyz
1 ajax.googleapis.com 668zhe.xyz
1 rgvqcsxqge.com 668zhe.xyz
1 www.statcounter.com 668zhe.xyz
0 www.epwater.org Failed 668zhe.xyz
108 76

This site contains no links.

Subject Issuer Validity Valid
*.statcounter.com
Go Daddy Secure Certificate Authority - G2		 2018-11-18 -
2020-01-17		 a year crt.sh
*.wikipedia.org
GlobalSign Organization Validation CA - SHA256 - G2		 2018-11-08 -
2019-11-22		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-01-14		 2 years crt.sh
l.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-04-13 -
2020-06-11		 2 years crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2019-01-23 -
2019-04-17		 3 months crt.sh
*.congress.gov
Entrust Certification Authority - L1K		 2018-04-26 -
2019-04-26		 a year crt.sh
*.cnbc.com
DigiCert SHA2 Secure Server CA		 2018-03-16 -
2019-03-16		 a year crt.sh
5679846214598656-fe1.pantheonsite.io
Let's Encrypt Authority X3		 2019-02-08 -
2019-05-09		 3 months crt.sh
guardian.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-10-23 -
2019-06-08		 8 months crt.sh
*.nashvillescene.com
Amazon		 2018-03-22 -
2019-04-22		 a year crt.sh
saymedia.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-08-08 -
2019-03-21		 7 months crt.sh
nytimes.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-29 -
2020-01-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
www.turner.com
COMODO RSA Organization Validation Secure Server CA		 2018-09-27 -
2020-09-03		 2 years crt.sh
blogs.forbes.com
GeoTrust RSA CA 2018		 2018-05-09 -
2019-05-09		 a year crt.sh
*.secure-mobiles.com
GeoTrust RSA CA 2018		 2018-05-11 -
2019-11-09		 a year crt.sh
t.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-25 -
2019-06-07		 10 months crt.sh
static.squarespace.com
DigiCert SHA2 High Assurance Server CA		 2018-08-03 -
2020-09-13		 2 years crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2018-05-30 -
2019-07-19		 a year crt.sh
*.wikia.nocookie.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-03-27		 a year crt.sh
www.bchydro.com
Entrust Certification Authority - L1K		 2018-03-09 -
2020-06-08		 2 years crt.sh
*.netdna-ssl.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-28 -
2019-02-28		 a year crt.sh
magazin.lufthansa.com
GeoTrust TLS RSA CA G1		 2018-06-19 -
2019-07-19		 a year crt.sh
*.meredithcorp.io
Amazon		 2019-02-04 -
2020-03-04		 a year crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-30 -
2020-12-02		 2 years crt.sh
www.alintaenergy.com.au
Let's Encrypt Authority X3		 2019-01-21 -
2019-04-21		 3 months crt.sh
unitypoint.org
DigiCert SHA2 High Assurance Server CA		 2018-06-20 -
2020-07-24		 2 years crt.sh
www.bgehome.com
GeoTrust TLS RSA CA G1		 2018-11-02 -
2019-10-03		 a year crt.sh
www.seton.net
Go Daddy Secure Certificate Authority - G2		 2017-12-16 -
2019-02-14		 a year crt.sh
www.climateanalytics.org
Starfield Secure Certificate Authority - G2		 2018-06-07 -
2020-06-07		 2 years crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-06 -
2020-09-05		 2 years crt.sh
www.denvergov.org
Entrust Certification Authority - L1M		 2018-05-29 -
2019-06-30		 a year crt.sh
www.nspower.ca
GeoTrust RSA CA 2018		 2018-11-21 -
2020-05-25		 2 years crt.sh
*.billviola.com
Let's Encrypt Authority X3		 2018-12-27 -
2019-03-27		 3 months crt.sh
www.fpl.com
DigiCert ECC Secure Server CA		 2019-02-03 -
2020-05-04		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-02-06 -
2019-04-14		 2 months crt.sh
cc.cnetcontent.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-01-25		 a year crt.sh
condenast.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-11-14 -
2019-09-07		 10 months crt.sh
*.media.clients.ellingtoncms.com
COMODO RSA Domain Validation Secure Server CA		 2018-04-25 -
2019-05-25		 a year crt.sh
annenberg.usc.edu
InCommon RSA Server CA		 2018-05-08 -
2020-05-07		 2 years crt.sh
*.secondcity.com
Amazon		 2018-12-23 -
2020-01-23		 a year crt.sh
cdns.abclocal.go.com
Entrust Certification Authority - L1K		 2018-04-17 -
2020-05-05		 2 years crt.sh
ssl.wsj.com
GeoTrust RSA CA 2018		 2018-04-24 -
2019-07-24		 a year crt.sh
indiewire.com
Let's Encrypt Authority X3		 2019-02-02 -
2019-05-03		 3 months crt.sh
*.imimg.com
COMODO RSA Organization Validation Secure Server CA		 2019-01-03 -
2021-03-24		 2 years crt.sh
www.beaumont.org
Entrust Certification Authority - L1K		 2018-05-11 -
2020-05-11		 2 years crt.sh
www.telegraph.co.uk
DigiCert ECC Secure Server CA		 2019-02-05 -
2020-04-24		 a year crt.sh
*.thestar.com
Trustwave Organization Validation SHA256 CA, Level 1		 2018-10-03 -
2020-10-19		 2 years crt.sh
www.electricireland.ie
Digi-Sign CA Digi-SSL		 2017-05-03 -
2019-05-03		 2 years crt.sh
lextracourt.fr
Let's Encrypt Authority X3		 2018-12-17 -
2019-03-17		 3 months crt.sh
romefloyd.com
Let's Encrypt Authority X3		 2018-12-28 -
2019-03-28		 3 months crt.sh
*.voxmedia.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-11-16 -
2021-02-18		 2 years crt.sh
www.maryfreebed.com
Go Daddy Secure Certificate Authority - G2		 2018-04-09 -
2020-04-06		 2 years crt.sh
*.cumbria.gov.uk
GlobalSign Domain Validation CA - SHA256 - G2		 2018-08-29 -
2020-11-02		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://668zhe.xyz/
Frame ID: 00FF8F86DBA0812AB4FB90742844B38C
Requests: 108 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 50%
Detected patterns
  • env /^head$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /statcounter\.com\/counter\/counter/i

Page Statistics

108
Requests

84 %
HTTPS

25 %
IPv6

69
Domains

76
Subdomains

74
IPs

8
Countries

14510 kB
Transfer

14542 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=65646572251 HTTP 302
  • https://www.facebook.com/billclinton/photos/a.430540067251/10156000540552252/?type=3&is_lookaside=1
Request Chain 32
  • http://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000 HTTP 301
  • https://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000
Request Chain 74
  • http://www.puppetswhokill.com/wp-content/uploads/2013/12/puppets-who-kill-bill-ventriloquist-dummy-e1394824580561.jpg HTTP 302
  • http://www.puppetswhokill.com/cgi-sys/suspendedpage.cgi

108 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
668zhe.xyz/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://668zhe.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b5be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a2ca36ff3bf21b9f821d6154cded215060e14fe010bbb0217c1f68b8b8a524b9

Request headers

Host
668zhe.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2dee4b84329a49f293f3b1c9ab1a3b071550142711; expires=Fri, 14-Feb-20 11:11:51 GMT; path=/; domain=.668zhe.xyz; HttpOnly
X-Powered-By
PHP/5.4.16
Server
cloudflare
CF-RAY
4a8f18aba72dbea8-FRA
Content-Encoding
gzip
counter.js
www.statcounter.com/counter/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Dec 2018 15:56:10 GMT
server
cloudflare
etag
W/"5c06a39a-71d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=43200
cf-ray
4a8f18ac8cdf72dd-AMS
expires
Thu, 14 Feb 2019 23:11:51 GMT
2125b5733cd8d7ca2d7009bbc9c46e05.js
rgvqcsxqge.com/21/25/b5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://rgvqcsxqge.com/21/25/b5/2125b5733cd8d7ca2d7009bbc9c46e05.js
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Feb 2019 11:11:51 GMT
Server
nginx/1.15.1
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
style.css
668zhe.xyz/new/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://668zhe.xyz/new/style.css
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b5be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36caa2207910aa0c5a3250760890f694c04334770fd0fa4f480d1a0338af45ee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
668zhe.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://668zhe.xyz/
Cookie
__cfduid=d2dee4b84329a49f293f3b1c9ab1a3b071550142711
Connection
keep-alive
Cache-Control
no-cache
Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 24 Apr 2012 17:08:34 GMT
Server
cloudflare
ETag
W/"4f96de12-a62"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a8f18ac0757bea8-FRA
Expires
Thu, 14 Feb 2019 15:11:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 06:44:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
793654
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33333
X-XSS-Protection
1; mode=block
Expires
Wed, 05 Feb 2020 06:44:17 GMT
blocksit.min.js
668zhe.xyz/new/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://668zhe.xyz/new/blocksit.min.js
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b4be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83560b95dc13a4ed3e4af0be060bd7890ffe3b738084afc8b5a906b6fe7c9cc6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
668zhe.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://668zhe.xyz/
Cookie
__cfduid=d2dee4b84329a49f293f3b1c9ab1a3b071550142711
Connection
keep-alive
Cache-Control
no-cache
Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 24 Apr 2012 20:14:18 GMT
Server
cloudflare
ETag
W/"4f97099a-6b9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a8f18ac189cc2e7-FRA
Expires
Thu, 14 Feb 2019 15:11:51 GMT
220px-Bill_Gates_2018.jpg
upload.wikimedia.org/wikipedia/commons/thumb/a/a0/Bill_Gates_2018.jpg/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a0/Bill_Gates_2018.jpg/220px-Bill_Gates_2018.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
dbdd8174ac6aa9947d0a9c0e19a7c3f227b68d55188cb22e63e4b74f46e78bae
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/webp
age
23553
x-cache-status
hit-front
x-cache
cp1080 hit/5, cp3038 hit/3, cp3047 hit/57
status
200
content-length
17476
server-timing
cache;desc="hit-front"
x-trans-id
txfa38e02252b1429db1860-005c64f0f4
x-client-ip
2a01:4f8:202:a9::2
last-modified
Thu, 15 Nov 2018 19:00:55 GMT
etag
2ccfd645ab7590152b59ac0b500a3878
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
53784899 50487760, 415415391 415269109, 76006342 9809284
access-control-allow-origin
*
x-timestamp
1542308454.29491
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
XpgonN0X_400x400.jpg
pbs.twimg.com/profile_images/988775660163252226/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/988775660163252226/XpgonN0X_400x400.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash
2e5da52a194f7151e492ddf5a89dc7aa55dab3868c527e3f6d371722153a93b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
131
date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/7 profile_images/988775660163252226
last-modified
Tue, 24 Apr 2018 13:42:22 GMT
server
ECS (fcn/40B4)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
2805ecb5311176d776c345dfc32088f8
accept-ranges
bytes
content-length
23065
180321-trump-gateway-project-feature-image.jpg
thenypost.files.wordpress.com/2018/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenypost.files.wordpress.com/2018/03/180321-trump-gateway-project-feature-image.jpg?quality=90&strip=all&w=618&h=410&crop=1
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
10fdcff4410b36bf575b75e7338ee7e256e33435b17323d2bf027f36aadd5c9e

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 2
date
Thu, 14 Feb 2019 11:11:51 GMT
last-modified
Wed, 21 Mar 2018 16:58:26 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
31842
expires
Fri, 22 Mar 2019 18:28:13 GMT
bill-gates-africa.jpg
timedotcom.files.wordpress.com/2018/09/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timedotcom.files.wordpress.com/2018/09/bill-gates-africa.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
129dce55205dacc5c6401a723bdfa76ec55cadaccfe28d2f607baf0e6caeb076

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Thu, 14 Feb 2019 11:11:51 GMT
last-modified
Fri, 21 Sep 2018 16:52:58 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
2907768
expires
Thu, 21 Feb 2019 11:51:24 GMT
9m8mKm0A_400x400.jpg
pbs.twimg.com/profile_images/846041348469874688/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/846041348469874688/9m8mKm0A_400x400.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B5) /
Resource Hash
5f5245bb0e30869cdc5cb8549f4c02181ffc2acfc721b608734a222b33f93fb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
content-md5
byKcLVaU2Ik++WZywmOQRw==
x-cache
HIT
status
200
content-length
21951
x-response-time
128
surrogate-key
profile_images profile_images/bucket/6 profile_images/846041348469874688
last-modified
Sun, 26 Mar 2017 16:47:10 GMT
server
ECS (fcn/40B5)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5b79283f8e9aa3e7ddbc20810f83e83b
accept-ranges
bytes
220px-Bill_Murray_2018.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/67/Bill_Murray_2018.jpg/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/6/67/Bill_Murray_2018.jpg/220px-Bill_Murray_2018.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
b545c94ef380f109b8d6d86b0318c88acad6395bd8c837f906fbd3018db4351b
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
35974
x-cache-status
hit-front
x-cache
cp1078 hit/7, cp3049 hit/10, cp3047 hit/10
status
200
content-length
23428
server-timing
cache;desc="hit-front"
x-trans-id
tx0b2d3ba898ce4e28b33e1-005c64c070
x-client-ip
2a01:4f8:202:a9::2
last-modified
Sat, 21 Apr 2018 03:45:02 GMT
etag
351c0bc88d08cd94507f9aeed08e0992
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
73772511 71286976, 373969764 357127251, 73627635 9293835
access-control-allow-origin
*
x-timestamp
1524282301.14591
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
-OpaJCON_400x400.jpg
pbs.twimg.com/profile_images/1012122864839884800/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1012122864839884800/-OpaJCON_400x400.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DD) /
Resource Hash
ae6741f59d8aa80a0e39f478a5aa83b9beda94e81fb59463fa61b486f0956352
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
250
date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/9 profile_images/1012122864839884800
last-modified
Wed, 27 Jun 2018 23:55:49 GMT
server
ECS (fcn/40DD)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
050b331b6517d71d3e42f2a8c9257580
accept-ranges
bytes
content-length
22995
220px-Bill_Nye_2017.jpg
upload.wikimedia.org/wikipedia/commons/thumb/c/cd/Bill_Nye_2017.jpg/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/c/cd/Bill_Nye_2017.jpg/220px-Bill_Nye_2017.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
8dcf80cf068809abcfceef144efc01bc0b3b3467791943f85bf474678dbd0dab
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
x-trans-id
tx0c7ffb1bd46e4c72bfa7d-005c64c580
age
34678
x-cache-status
hit-front
x-cache
cp1078 hit/5, cp3034 hit/8, cp3047 hit/5
status
200
content-disposition
inline;filename*=UTF-8''Bill_Nye_2017.jpg
server-timing
cache;desc="hit-front"
content-length
13944
x-client-ip
2a01:4f8:202:a9::2
x-object-meta-sha1base36
gxtv939tzdlh52bnztnw42bta2aati3
last-modified
Tue, 09 May 2017 08:41:53 GMT
etag
97e863c0a144930b7cf3824858661757
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
74952873 70559657, 169992954 152184109, 73494764 15009808
access-control-allow-origin
*
x-timestamp
1494319312.81499
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
25-bill-cosby.w330.h330.jpg
pixel.nymag.com/imgs/daily/vulture/2018/09/25/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.nymag.com/imgs/daily/vulture/2018/09/25/25-bill-cosby.w330.h330.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.70 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
d217411d909b36cd148241531c3d815cbf9ab89f1fe2b6b6f8ebf2b7910d467a

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
Via
1.1 varnish
Age
286885
X-Cache
HIT
Connection
keep-alive
Content-Length
32163
X-Served-By
cache-cdg20745-CDG
Last-Modified
Thu, 18 Oct 2018 19:50:10 GMT
Server
nginx/1.12.2
X-Timer
S1550142712.984017,VS0,VE2
ETag
"630341e39040affbcb0c81c8ec7a3634"
Content-Type
image/jpeg
Cache-Control
public, max-age=31469263
X-Try
S
Accept-Ranges
bytes
X-Cache-Hits
1
AAuE7mDa3slSvYqVHHa9ejFn0C4OW9UcslPezKGNPQ=s900-mo-c-c0xffffffff-rj-k-no
yt3.ggpht.com/a-/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/a-/AAuE7mDa3slSvYqVHHa9ejFn0C4OW9UcslPezKGNPQ=s900-mo-c-c0xffffffff-rj-k-no
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
36ae03d756acb12890dc5390d9eda60833700ab83fa1f5ec2701643b328fb713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
77678
x-xss-protection
1; mode=block
server
fife
etag
"v482"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 15 Feb 2019 11:11:51 GMT
114_rp_tx_17_flores_bill.jpg
www.congress.gov/img/member/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.congress.gov/img/member/114_rp_tx_17_flores_bill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.173.252 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a436d586fb86108521a5b1780770cf2fd6c20023cfb296ace49001c10b6e7bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.house.gov https://*.house.gov http://*.senate.gov https://*.senate.gov http://*.loc.gov https://*.loc.gov

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
x-cdg-access-group
PUBLIC
cf-cache-status
MISS
x-cacheable
YES
status
200
content-length
48989
last-modified
Fri, 11 Jan 2019 15:15:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=172800
content-security-policy
frame-ancestors http://*.house.gov https://*.house.gov http://*.senate.gov https://*.senate.gov http://*.loc.gov https://*.loc.gov
accept-ranges
bytes
cf-ray
4a8f18b04b66c783-AMS
expires
Sat, 16 Feb 2019 11:11:52 GMT
220px-thumbnail.jpg
upload.wikimedia.org/wikipedia/commons/thumb/7/7c/US_Navy_100915-N-4790M-040_Lanier_Phillips%2C_left%2C_Bill_Cosby_and_Ed_LeBaron_pose_for_a_picture_before_receiving_the_Lone_Sailor_Award_at_the_Na... 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/7/7c/US_Navy_100915-N-4790M-040_Lanier_Phillips%2C_left%2C_Bill_Cosby_and_Ed_LeBaron_pose_for_a_picture_before_receiving_the_Lone_Sailor_Award_at_the_Nation_%28cropped_to_Cosby%29.jpg/220px-thumbnail.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
0129b0a145af69d9793da3e4cf25b53d45873ebcf4d92fcdccf3db679e8d5479
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
63932
x-cache-status
hit-local
x-cache
cp1082 hit/1, cp3038 hit/17, cp3047 miss
status
200
content-length
25002
server-timing
cache;desc="hit-local"
x-trans-id
txf5eddc0da8a847e38baac-005c64533b
x-client-ip
2a01:4f8:202:a9::2
last-modified
Wed, 23 Aug 2017 17:36:49 GMT
etag
156acc94d015908e160622418b70b070
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
183750903 184784613, 209255688 346018796, 74080680
access-control-allow-origin
*
x-timestamp
1503509808.35744
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
UnderstandYourBill.jpg
www.ewa.bh/en/Customer/BillsTariffs/PublishingImages/ 		350 KB
351 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ewa.bh/en/Customer/BillsTariffs/PublishingImages/UnderstandYourBill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
34.253.162.206 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-162-206.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c87515bdae2db0bdf63428bc7c66c38c980e304e6c93713d6e04e30e8726263a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:03 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
X-SharePointHealthScore
0
ResourceTag
rt:B6017AFE-5E6C-4295-93E8-8DAC5C261D8A@00000000007
Public-Extension
http://schemas.microsoft.com/repl-2
request-id
0cdebf9e-ab23-301c-c463-3043297e3a16
Content-Length
358730
MicrosoftSharePointTeamServices
16.0.0.4450
X-MS-InvokeApp
1; RequireReadOnly
SPRequestDuration
24
Last-Modified
Wed, 11 Jan 2017 06:54:28 GMT
Server
Microsoft-IIS/8.5
SPRequestGuid
0cdebf9e-ab23-301c-c463-3043297e3a16
ETag
"{B6017AFE-5E6C-4295-93E8-8DAC5C261D8A},7"
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
http://ccbsys1055
Expires
Wed, 30 Jan 2019 11:11:03 GMT
Cache-Control
private,max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type,Accept,X-FORMS_BASED_AUTH_ACCEPTED,crossDomain,credentials
SPIisLatency
0
105322791-1531301768595gettyimages-467620670.1910x1000.jpg
fm.cnbc.com/applications/cnbc.com/resources/img/editorial/2018/07/11/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fm.cnbc.com/applications/cnbc.com/resources/img/editorial/2018/07/11/105322791-1531301768595gettyimages-467620670.1910x1000.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.243 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
398eb21e4ffe466ea3ab5763067b5c6392f14a1589bfff7410a026284ce78acd

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-aicache-os
172.31.15.238:18089, 100.25.56.252:80
date
Thu, 14 Feb 2019 11:11:52 GMT
content-encoding
gzip
imageservice-application-version
v1
access-control-allow-origin
*, *
vary
Accept-Encoding
imageservice-revision
f3f17ded017f2cb2bc53d5c95f6f496434f91ddd
status
200
cache-control
max-age=2592000
access-control-allow-credentials
*, *
imageservice-requestid
H-1548058746911-23790974
imageservice-release-version
2.0.2
content-type
image/jpeg
x-application-context
application:prod:18089
expires
Sat, 16 Mar 2019 11:11:52 GMT
kim-jong-un-hotel-bill-summit.jpg
thenypost.files.wordpress.com/2018/06/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenypost.files.wordpress.com/2018/06/kim-jong-un-hotel-bill-summit.jpg?quality=90&strip=all&w=618&h=410&crop=1
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
28ed1b23564b9f19820f37f89d73019a6631e0b3b374bc28c439c7fbd236296b

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 2
date
Thu, 14 Feb 2019 11:11:51 GMT
last-modified
Sat, 02 Jun 2018 00:12:29 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
24008
expires
Tue, 05 Mar 2019 18:21:21 GMT
CkaJCDXA_400x400.jpg
pbs.twimg.com/profile_images/1060347392585859073/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1060347392585859073/CkaJCDXA_400x400.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A1) /
Resource Hash
9e2599844103f78f2e87eff62138788496b8df8adf0d97edbd3a114ce7568e9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
131
date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/3 profile_images/1060347392585859073
last-modified
Thu, 08 Nov 2018 01:42:53 GMT
server
ECS (fcn/41A1)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9bc507a9911b9ac239ccf38949ca03e8
accept-ranges
bytes
content-length
8438
04-bill-clinton-2.w700.h700.jpg
pixel.nymag.com/imgs/fashion/daily/2018/06/04/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.nymag.com/imgs/fashion/daily/2018/06/04/04-bill-clinton-2.w700.h700.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.70 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f69021694d0da996866b09076a39660c28b0f74925c167e4d900a155dd948b41

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
Via
1.1 varnish
Age
84299
X-Cache
HIT
Connection
keep-alive
Content-Length
112112
X-Served-By
cache-cdg20737-CDG
Last-Modified
Wed, 17 Oct 2018 23:20:14 GMT
Server
nginx/1.12.2
X-Timer
S1550142712.990231,VS0,VE3
ETag
"7dfe2b908201393ca86d7e03ff22e75a"
Content-Type
image/jpeg
Cache-Control
public, max-age=31469263
X-Try
S
Accept-Ranges
bytes
X-Cache-Hits
1
img-billClinic.png
www.swedishamerican.org/sites/default/files/inline-images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.swedishamerican.org/sites/default/files/inline-images/img-billClinic.png
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
b22b079a2d5e0e5bfcdd2d6344f90965005b673d9c1a9e15c81808972b80436c

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
484451
x-cache
HIT, HIT
status
200
x-cache-hits
1, 1
content-length
71597
x-served-by
cache-mdw17356-MDW, cache-fra19120-FRA
last-modified
Fri, 08 Sep 2017 22:01:00 GMT
server
nginx
x-timer
S1550142712.007374,VS0,VE3
etag
"59b3131c-117ad"
content-type
image/png
x-styx-req-id
styx-6dc59209cbac04916c55d1bb66b3cbfc
expires
Sun, 09 Feb 2020 20:37:41 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe1-a-77b8d6fb7-lglgf
2083.jpg
i.guim.co.uk/img/media/472ecfeafd1efe5c5d9d8be8836bcc2a42d5e9bc/0_478_2083_1249/master/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.guim.co.uk/img/media/472ecfeafd1efe5c5d9d8be8836bcc2a42d5e9bc/0_478_2083_1249/master/2083.jpg?width=300&quality=85&auto=format&fit=max&s=094352bb18512293d8535f41c4b982cb
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.111 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a5bb606bf8e7184ea813dabfafe9d8bcaf59647c783d5769f898e4d29b97ae6

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish, 1.1 varnish
age
1406257
x-cache
HIT, HIT
fastly-io-info
ifsz=633881 idim=2083x1249 ifmt=jpeg ofsz=4300 odim=300x180 ofmt=webp
status
200
fastly-stats
io=1
content-length
4300
x-served-by
cache-lcy19230-LCY, cache-hhn1543-HHN
server
AmazonS3
x-timer
S1550142712.973863,VS0,VE1
etag
"JZ8PhIhe9RfP3IaZtYYv+aczV5bhhxlbhFiFX+f6adQ"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
BillLee_0007.5b43e7800a576.5ba50ba9aacd9.jpg
cdn.nashvillescene.com/files/base/scomm/nvs/image/2018/09/16x9/960w/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nashvillescene.com/files/base/scomm/nvs/image/2018/09/16x9/960w/BillLee_0007.5b43e7800a576.5ba50ba9aacd9.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-103.fra56.r.cloudfront.net
Software
nginx/1.13.1 /
Resource Hash
8d72840b5c5c7247b1c96bbd9061687b71bbe89e1304d44b76575d42fffa6d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 13 Feb 2019 07:40:08 GMT
via
1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
last-modified
Fri, 21 Sep 2018 15:28:22 GMT
server
nginx/1.13.1
age
99103
etag
"3a6da4eab58d144e1c62e70d9c4d5d87"
strict-transport-security
max-age=31536000
x-cache
Hit from cloudfront
x-amz-version-id
Bp90sKopznvr1dXp4uDdA_OnG40650TH
status
200
cache-control
max-age=15552000, public, must-revalidate
content-type
image/jpeg
content-length
51509
x-amz-cf-id
S_uBLk0k8vVImJeNcrdb8Q-cQJ1leU2rK30NTB_vZLt1OI6Z6_YjhA==
bill-bradley-9223478-1-402.jpg
www.biography.com/.image/ar_8:10%2Cc_fill%2Ccs_srgb%2Cfl_progressive%2Cg_faces:center%2Cq_auto:good%2Cw_620/MTIwNjA4NjMzNzUxMzA3Nzg4/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biography.com/.image/ar_8:10%2Cc_fill%2Ccs_srgb%2Cfl_progressive%2Cg_faces:center%2Cq_auto:good%2Cw_620/MTIwNjA4NjMzNzUxMzA3Nzg4/bill-bradley-9223478-1-402.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.98 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
cc77f51cd35f283d58c7e66869853dec38eb65067578a49a04cb893490f1290b

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
361333
x-say-cacheable
YES
x-say-ttl
31536000.000
status
200
x-cache
HIT, HIT
x-saycdn-ttl
30650752.000
content-length
47059
x-served-by
cache-iad2131-IAD, cache-hhn1526-HHN
last-modified
Tue, 23 Oct 2018 14:51:18 GMT
server
cloudinary
x-timer
S1550142712.019452,VS0,VE2
etag
"0c314e7fc9a6f70dd16311fcd0123695"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30738305
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
merlin_121000478_05b70176-b4bc-4999-acf7-8477e574c3a9-articleLarge.jpg
static01.nyt.com/images/2018/04/05/business/05OREILLY1/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2018/04/05/business/05OREILLY1/merlin_121000478_05b70176-b4bc-4999-acf7-8477e574c3a9-articleLarge.jpg?quality=75&auto=webp&disable=upscale
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
049369cce0037f3d142a9cc751893fa44f95e856b06146f4ca4cf3bd187e6fbe

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
583783
status
200
x-cache
HIT, MISS
fastly-io-info
ifsz=51268 idim=600x400 ifmt=jpeg ofsz=16326 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 0
fastly-stats
io=1
content-length
16326
x-served-by
cache-iad2141-IAD, cache-hhn1542-HHN
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1550142712.020854,VS0,VE93
etag
"KQZj6xlmovCDfETdOj9AX/+IVXpAFhGJz75EQhSxYVM"
vary
Accept
x-goog-hash
crc32c=MX1uZg==, md5=vJzG1XLDTbqyZTP7wis61w==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2UqT1Go1r6oD-VqpyKfN09GOVAnlfK6vC91eLQZiBHqr7nBquy74YckjFXM7v48ZbSWOUEtK93Carg-X215RXFc7gkNEzg
expires
Thu, 07 Feb 2019 17:02:08 GMT
/
www.facebook.com/billclinton/photos/a.430540067251/10156000540552252/
Redirect Chain
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=65646572251
  • https://www.facebook.com/billclinton/photos/a.430540067251/10156000540552252/?type=3&is_lookaside=1
0
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/billclinton/photos/a.430540067251/10156000540552252/?type=3&is_lookaside=1
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS

Redirect headers

pragma
no-cache
x-fb-debug
mhzzMImkwtuYrOlfgD3vkf4wxhu7GlTThZdrgcYNIfZIeh5f2gBq7YbXQhpaKreQ1P45Xu/fRqWREoo4U3ychA==
x-content-type-options
nosniff
location
https://www.facebook.com/billclinton/photos/a.430540067251/10156000540552252/?type=3&is_lookaside=1
date
Thu, 14 Feb 2019 11:11:53 GMT
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-frame-options
DENY
content-type
text/html; charset="utf-8"
status
302
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=15552000; preload
content-length
0
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
180425150311-02-bill-cosby-lead-full-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/180425150311-02-bill-cosby-lead-full-169.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:187::3134 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0abfc7d222103b96bf5ec5a170f8d1ed5bd7fd9b55856f9c8bd1b65d5b3ac0d6

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
117140
expires
Thu, 14 Feb 2019 12:11:52 GMT
220px-Bill_Cosby_crop.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/42/Bill_Cosby_crop.jpg/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/42/Bill_Cosby_crop.jpg/220px-Bill_Cosby_crop.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
1f80408480e6a5e931600d86e4147b62cfebd403331cf7da47a0602ee00624cc
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
59984
x-cache-status
hit-front
x-cache
cp1082 hit/3, cp3046 hit/9, cp3047 hit/96
status
200
content-length
20448
server-timing
cache;desc="hit-front"
x-trans-id
tx1caf8d1d967e43c0b25da-005c6462a6
x-client-ip
2a01:4f8:202:a9::2
last-modified
Tue, 25 Sep 2018 18:27:49 GMT
etag
826e1062d762d35aa1e355798a1406fc
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
190252869 185911595, 108391202 113446380, 79798235 958553951
access-control-allow-origin
*
x-timestamp
1537900068.44873
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
31-twenty-dollar-bill-andrew-jackson.w700.h700.jpg
pixel.nymag.com/imgs/daily/grub/2017/08/31/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.nymag.com/imgs/daily/grub/2017/08/31/31-twenty-dollar-bill-andrew-jackson.w700.h700.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.70 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
934abc3e4e0cb67ca10eacf411c23e3390931b96f75ecff3bf1b6eedced1357a

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:52 GMT
Via
1.1 varnish
Age
373239
X-Cache
HIT
Connection
keep-alive
Content-Length
233603
X-Served-By
cache-cdg20745-CDG
Last-Modified
Wed, 17 Oct 2018 22:50:18 GMT
Server
nginx/1.12.2
X-Timer
S1550142712.018744,VS0,VE9
ETag
"d1e9da9a259b7ba21b92c9391b6b8257"
Content-Type
image/jpeg
Cache-Control
public, max-age=31469263
X-Try
S
Accept-Ranges
bytes
X-Cache-Hits
1
billmaher_logo1400.jpg
static.libsyn.com/p/assets/a/0/6/1/a061ceb8595319af/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.libsyn.com/p/assets/a/0/6/1/a061ceb8595319af/billmaher_logo1400.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2a274b0e2026d6e840faf0debff59a1a05b933f6b8450e9b6430d5bd8ed687ce

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:52 GMT
Last-Modified
Sun, 03 Apr 2016 21:32:31 GMT
ETag
"1459719151"
X-HW
1550142712.dop012.pa1.t,1550142712.cds008.pa1.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2648169
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
160664
280x425.jpg
specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/
Redirect Chain
  • http://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000
  • https://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:291::2599 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Forbes DAM API /
Resource Hash
aba4dfdccaf46bf7c13de879293b396730d18f46c4a68e056a9353e58e705181

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-varnish-director
damapi
server
Forbes DAM API
date
Thu, 14 Feb 2019 11:11:52 GMT
x-varnish-backend
damapi1
x-varnish
357811289 888969011
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-type
image/jpeg
content-length
15283
expires
Thu, 14 Feb 2019 11:11:52 GMT

Redirect headers

Location
https://specials-images.forbesimg.com/imageserve/5638e0f8e4b0ffa7afe6a0ab/280x425.jpg?fit=scale&background=000000
Date
Thu, 14 Feb 2019 11:11:52 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
bill-page-1.jpg
media.secure-mobiles.com/idmobile/pages/your_bill/ 		615 KB
615 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.secure-mobiles.com/idmobile/pages/your_bill/bill-page-1.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.104.47 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-104-47.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
71efae851298ce9f4b2bf0e9902f6edef931b4ea762204a2190f46c7e8c724e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 12 Jun 2017 14:05:53 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
ETag
"99b8c-551c3d126b240"
Content-Type
image/jpeg
Date
Thu, 14 Feb 2019 11:11:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
629644
Harriet-Tubman-bill2.jpg
static.independent.co.uk/s3fs-public/thumbnails/image/2015/04/10/17/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.independent.co.uk/s3fs-public/thumbnails/image/2015/04/10/17/Harriet-Tubman-bill2.jpg?w968h681
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.184 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2cc1d3f8d438b1670b701d5251d9441e207ce6bd48ce0611b74a34c4365c76

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
2265493
x-cache
HIT, HIT
fastly-io-info
ifsz=243189 idim=2352x1536 ifmt=jpeg ofsz=32916 odim=968x681 ofmt=webp
status
200
fastly-stats
io=1
content-length
32916
x-amz-id-2
UtPK8Vxx7fYiVIIsBtPFh27NinyY3KC4F+TXl71RhUO/jitdr4PopyJX6/fUfL4TJkMof0HYd60=
x-served-by
cache-lcy19250-LCY, cache-hhn1530-HHN
server
AmazonS3
x-timer
S1550142712.064119,VS0,VE2
etag
"ZkuOYLSQ0MJJf3jeaBFKpRR6LdTz/GdxvCutY7Q26yU"
vary
Accept
x-amz-request-id
B8AD843D3EAF57EC
cache-control
public, max-age=315360000
accept-ranges
bytes
content-type
image/webp
x-cache-hits
1, 1
Bill-School-House-Rock.jpg
static1.squarespace.com/static/58b464e6d2b857c893163ab1/t/5a6a0c0a24a694cbdb8df533/1516899348217/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.squarespace.com/static/58b464e6d2b857c893163ab1/t/5a6a0c0a24a694cbdb8df533/1516899348217/Bill-School-House-Rock.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b8e6e87e2a7cd29b0c5ecd2f18a7d8328ec2c929a7eaadf25f8e8a223e7a22e1

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
504283
x-cache
HIT, MISS
x-via
1.1 echo006
status
200
x-contextid
TaipmOWr/b4jYMgjv
x-identifier
static1
content-length
7397
x-pc-key
DLuEWvA38aP7C_3ieyqvds35azk-tim-cywinski
x-served-by
cache-dfw18621-DFW, cache-hhn1529-HHN
pragma
cache
x-pc-hit
false
x-timer
S1550142712.027935,VS0,VE124
tracepoint
Fastly
etag
W/"347801baf35ba55ccef4f253d7e722ca"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=94608000
x-servedby
cdn030
accept-ranges
bytes
timing-allow-origin
*.squarespace.com
x-cache-hits
1, 0
C1Aer3gO7iS._SL1000_.png
images-na.ssl-images-amazon.com/images/I/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/I/C1Aer3gO7iS._SL1000_.png
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.141.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-141-62.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f520532387b06661a59a605cc6729a3b100916dd84aba730742f6f395f72f31d

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 00:20:23 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2016 21:16:22 GMT
server
Server
age
8140969
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
1d54530e-cace-4a48-b8a9-b08108df72d4
timing-allow-origin
https://www.amazon.com
access-control-allow-origin
*
content-length
87402
x-amz-cf-id
LTe32BJB-V4gY6t8UZ_JuGTup2qXXjv05J49k3lml5sLnYGWs2Tsqw==
expires
Sun, 05 Sep 2038 11:48:52 GMT
MV5BMTgyNTU3MzIzN15BMl5BanBnXkFtZTgwMDA2MDY2NDE@._V1_.jpg
m.media-amazon.com/images/M/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTgyNTU3MzIzN15BMl5BanBnXkFtZTgwMDA2MDY2NDE@._V1_.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.141.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-141-62.fra56.r.cloudfront.net
Software
Server /
Resource Hash
bd7061edde2f4d6602d436c400c3b981ac7a7687a80244ae5d69d25293944324

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 20:46:00 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
last-modified
Tue, 03 Mar 2015 00:30:33 GMT
server
Server
age
7116183
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
da2c685d-129e-4f84-b1c4-348ce1662435
access-control-allow-origin
*
content-length
1451290
x-amz-cf-id
YVaREtXzRBq2rix-SltB8-2L7ky7jIob5UJJfDmRdmcSvYy_x_0UhA==
expires
Fri, 19 Nov 2038 02:28:49 GMT
AAuE7mD8j66Gv5r4oLf48Ij7PMljbIm_-GrASQ-CSA=s900-mo-c-c0xffffffff-rj-k-no
yt3.ggpht.com/a-/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/a-/AAuE7mD8j66Gv5r4oLf48Ij7PMljbIm_-GrASQ-CSA=s900-mo-c-c0xffffffff-rj-k-no
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
9f186c93d5df3f9f30313e9fcbce4d5e23b829dff44404a1c82c1134334ed03c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 08:17:49 GMT
x-content-type-options
nosniff
age
10443
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
89514
x-xss-protection
1; mode=block
server
fife
etag
"v21"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 06 Feb 2019 08:44:38 GMT
26-bill-cosby-2.w700.h467.jpg
pixel.nymag.com/imgs/daily/vulture/2018/09/26/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.nymag.com/imgs/daily/vulture/2018/09/26/26-bill-cosby-2.w700.h467.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.70 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b59bfb809dfc44aceed0b1fe787be1721237ea9b62c94423be1e2567965d4976

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:52 GMT
Via
1.1 varnish
Age
1201619
X-Cache
HIT
Connection
keep-alive
Content-Length
85590
X-Served-By
cache-cdg20745-CDG
Last-Modified
Wed, 26 Sep 2018 20:05:53 GMT
Server
nginx/1.12.2
X-Timer
S1550142712.096498,VS0,VE2
ETag
"4e1fa198fd946b9d56867076acd64251"
Content-Type
image/jpeg
Cache-Control
public, max-age=31469263
X-Try
S
Accept-Ranges
bytes
X-Cache-Hits
1
220px-Premios_Goya_2018_-_Bill_Nighy_02.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/41/Premios_Goya_2018_-_Bill_Nighy_02.jpg/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/41/Premios_Goya_2018_-_Bill_Nighy_02.jpg/220px-Premios_Goya_2018_-_Bill_Nighy_02.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
30a87c1b50dab6d1f42264d40d4107f4daa1daa49ef66528542c58c6927b8d08
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
17653
x-cache-status
hit-front
x-cache
cp1076 hit/5, cp3038 hit/9, cp3047 hit/8
status
200
content-length
14538
server-timing
cache;desc="hit-front"
x-trans-id
tx62a8261005cd4673b23a9-005c650801
x-client-ip
2a01:4f8:202:a9::2
last-modified
Fri, 09 Feb 2018 19:20:11 GMT
etag
6f7aa6cb3278842e401a63244869d837
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
170374919 168836026, 427150817 418204777, 73627651 24996945
access-control-allow-origin
*
x-timestamp
1518204010.82801
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
bill_sample.jpg
www.uppclonline.com/en_GB/images/innerpages/login/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.uppclonline.com/en_GB/images/innerpages/login/bill_sample.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
125.19.181.9 , India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
64a716cb5bf0ac3ce22e72aa4de84396151d99237864729215d28f434f1acbe0

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:49 GMT
Last-Modified
Fri, 13 Jan 2012 10:08:45 GMT
Server
Apache
ETag
"445da-2dc5e-4b6660cd44540"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=50
Content-Length
187486
Expires
Fri, 14 Feb 2020 11:11:49 GMT
customer-bill.jpg
www.epwater.org/UserFiles/Servers/Server_6843404/Image/Customer%20Service/ 		0
0
latest
vignette.wikia.nocookie.net/ghostbusters/images/1/11/Bill_Murray.jpeg/revision/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vignette.wikia.nocookie.net/ghostbusters/images/1/11/Bill_Murray.jpeg/revision/latest?cb=20081013140955
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:11a:e002:fa00::204 , United States, ASN22300 (WIKIA - Wikia, Inc., US),
Reverse DNS
Software
/
Resource Hash
4c7b2f7ee586a8975b0baa5eaf213672602a564abfdcb545a28b1752c21f1736

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 02:13:13 GMT
X-Cacheable
YES
Age
32318
X-Cache
ORIGIN, HIT
Content-Disposition
inline; filename="image.webp"; filename*=UTF-8''image.webp
Content-Length
26442
X-Served-By
thumblr-774fc55866-qz28g, wk-cdn-f5
Surrogate-Key
1493b1ddc9809963d765edc799188515142738b7 wiki-ghostbusters thumblr original
X-Thumbnailer
Thumblr
X-Datacenter
SJC
Etag
dc5435e4d17fc18d39d080ce25751eb0
Vary
Accept
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
ORIGIN, 1
160421_em_harriet20.jpg
moneydotcomvip.files.wordpress.com/2016/04/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneydotcomvip.files.wordpress.com/2016/04/160421_em_harriet20.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
a42afc80d905c3483c062127fce1ce3b2f821deaa2f07d6a9ea0d80618003cfe

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 22 np
date
Thu, 14 Feb 2019 11:11:52 GMT
last-modified
Sat, 29 Sep 2018 17:55:33 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
1643833
expires
Mon, 11 Mar 2019 19:01:25 GMT
bill-details.jpg
app.bchydro.com/content/dam/BCHydro/customer-portal/graphics/illustrations/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.bchydro.com/content/dam/BCHydro/customer-portal/graphics/illustrations/bill-details.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
142.52.192.119 Burnaby, Canada, ASN852 (ASN852 - TELUS Communications Inc., CA),
Reverse DNS
app.bchydro.com
Software
Apache /
Resource Hash
d5f783677aa8fc13f15f96800c461ded1585ccdb56deff1bd2d6c2c480aa62c7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Access-Control-Max-Age
1728000
Connection
Keep-Alive
Content-Length
57881
X-XSS-Protection
1;mode=block
Keep-Alive
timeout=5, max=100
Last-Modified
Sun, 25 Feb 2018 02:11:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"e219-565ffe7963500"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token
childBillRCWiley-1.jpg
2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/04/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com/wp-content/uploads/2016/04/childBillRCWiley-1.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.64 , United Kingdom, ASN12989 (HWNG, NL),
Reverse DNS
94.31.29.64.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
84a038d80423afafb3917f9f4f6820dc314decd202d51f7ce15422517b280a9c

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Thu, 14 Feb 2019 11:11:52 GMT
last-modified
Mon, 08 Oct 2018 12:56:55 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5bbb5417-50ef"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
20719
bill-haley-9325650-1-402.jpg
www.biography.com/.image/ar_8:10%2Cc_fill%2Ccs_srgb%2Cfl_progressive%2Cg_faces:center%2Cq_auto:good%2Cw_620/MTE4MDAzNDEwNTQ0NzIzNDcw/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biography.com/.image/ar_8:10%2Cc_fill%2Ccs_srgb%2Cfl_progressive%2Cg_faces:center%2Cq_auto:good%2Cw_620/MTE4MDAzNDEwNTQ0NzIzNDcw/bill-haley-9325650-1-402.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.98 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2e9b0f121e78be2f1826398bfa3dbcccea5ac3e79ad006526a1d39c054b0e6e

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish, 1.1 varnish
age
2322577
x-say-cacheable
YES
x-say-ttl
31536000.000
status
200
x-cache
HIT, HIT
x-saycdn-ttl
29460733.000
content-length
27127
x-served-by
cache-iad2132-IAD, cache-hhn1526-HHN
last-modified
Sat, 20 Oct 2018 18:02:06 GMT
server
cloudinary
x-timer
S1550142712.202008,VS0,VE2
etag
"0c0051fcf2de69610cc30361d7c10549"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557590
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
Bill-Murray-TA.jpg
images.tritondigitalcms.com/6616/sites/1446/2018/09/26103231/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.tritondigitalcms.com/6616/sites/1446/2018/09/26103231/Bill-Murray-TA.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
2600:9000:200d:5200:e:ee51:2e00:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad82b1208914d1a1d7e74fed68d2ae9b743778ee7c4e23d0c28bd9f9295a7fb6

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 21 Dec 2018 21:32:01 GMT
Via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
Last-Modified
Wed, 26 Sep 2018 15:32:39 GMT
Server
AmazonS3
Age
50755
ETag
"9e0d18de191a8da09dbc84766a6dab07"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58531
X-Amz-Cf-Id
K-A-8M-OdnlA0IGIXL-VhoTbpBVtyFKhGoxCwEFhI2RlfEbbd9GYrA==
MV5BNjE5MzAzNzUwOV5BMl5BanBnXkFtZTgwNDM0OTg0ODE@._V1_UY317_CR17,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BNjE5MzAzNzUwOV5BMl5BanBnXkFtZTgwNDM0OTg0ODE@._V1_UY317_CR17,0,214,317_AL_.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.141.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-141-62.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1bc056d460a145f7fc58639653e0a2e9d0a42c48b56ff0a40d80d02182bf4017

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 28 Nov 2018 00:30:19 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
last-modified
Wed, 30 Mar 2016 21:34:59 GMT
server
Server
age
6944248
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
db468aa0-2b4b-4e63-9b9e-30cd75c06890
access-control-allow-origin
*
content-length
9651
x-amz-cf-id
RhPuz0sVn3lkGwUxez7y3Ql7JYrydASIGkeDDr2xNZih624KSqXvPQ==
expires
Wed, 18 Aug 2038 08:12:23 GMT
GettyImages-577594704-Artikelbild-477x673.jpg
magazin.lufthansa.com/content/uploads/2017/10/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://magazin.lufthansa.com/content/uploads/2017/10/GettyImages-577594704-Artikelbild-477x673.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.48.103.60 Hamburg, Germany, ASN8893 (ARTFILES-AS Zirkusweg 1, DE),
Reverse DNS
Software
Apache /
Resource Hash
b4703ddb9c2a1e107c031ad46f9c89907ebb0dd90182cff326049fc458d3b50c

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:52 GMT
Last-Modified
Wed, 18 Oct 2017 13:04:37 GMT
Server
Apache
ETag
"28c4c57-fb97-55bd1e1c562be"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
64407
Expires
Sat, 16 Mar 2019 11:11:52 GMT
image
imagesvc.timeincapp.com/v3/mm/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesvc.timeincapp.com/v3/mm/image?url=https%3A%2F%2Fpeopledotcom.files.wordpress.com%2F2018%2F09%2Fbill-cosby-mugshot.jpg%3Fw%3D450&w=450&c=sc&poi=face&q=85
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-98.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
aadfc276ae47307eff94eb8e30b3e3e938b9a04c81f21a8150b702561725cd0b

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 11 Feb 2019 12:43:59 GMT
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
last-modified
Mon, 11 Feb 2019 12:43:59 GMT
server
nginx/1.12.1
age
253673
x-cache
Hit from cloudfront
content-type
image/webp
status
200
cache-control
public, max-age=1300000
x-img-msg
PROCESSED
x-image-msg
IMAGE NOT PROCESSED
x-amz-cf-id
cnas5Eird1qjVdZnJbkrluJjlatotre2cQDmxpeXCR-C909F-HOJhg==
5ae3675319ee8627008b45c3-750-563.jpg
amp.businessinsider.com/images/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amp.businessinsider.com/images/5ae3675319ee8627008b45c3-750-563.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.171 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6cd06b3302423da14823d486dec9bb9bc48dc5e4be97e6af41465cf28e0ceab5

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:52 GMT
via
1.1 varnish
age
167403
x-amz-meta-x-image-width
750
status
200
x-amz-meta-x-image-alternate
5ae3675319ee8627008b45c3
x-amz-meta-surrogate-control
max-age=604800
x-amz-meta-surrogate-key
5ae3675319ee8627008b45c3 grp:image
content-length
53738
x-cache
HIT
x-amz-request-id
465BFCE072A6D6CB
x-amz-id-2
AwTIHJVHoBJmzxIRoHWKNjT3PTfzVcnckotCjOSrE+LyT16fbU91R7eVEHik7MIMvzQf9v4l3f0=
x-served-by
cache-hhn1527-HHN
x-amz-meta-x-image-height
563
last-modified
Fri, 27 Apr 2018 18:09:36 GMT
server
AmazonS3
x-timer
S1550142713.533170,VS0,VE2
etag
"d39e356a693fd865b07193636b8f33d7"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
220px-Bill_Paxton_2014.jpg
upload.wikimedia.org/wikipedia/commons/thumb/5/55/Bill_Paxton_2014.jpg/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/5/55/Bill_Paxton_2014.jpg/220px-Bill_Paxton_2014.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
80f8a2a0d59a89aeb31fb50158bdb94e68c2e748980be2c66490b51cba88707e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
63837
x-cache-status
hit-front
x-cache
cp1088 hit/5, cp3039 hit/12, cp3047 hit/45
status
200
content-length
14226
server-timing
cache;desc="hit-front"
x-trans-id
txb88bcb27ab914bed87acc-005c645399
x-client-ip
2a01:4f8:202:a9::2
last-modified
Wed, 04 Jul 2018 21:09:52 GMT
etag
fffaf79da65f1ac9d0fd47afdc5280ff
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
203632051 198885267, 183373122 169034430, 74770613 964246301
access-control-allow-origin
*
x-timestamp
1530738591.16979
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
gas-page1.jpg
www.alintaenergy.com.au/Alinta/media/Images/billing-services/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alintaenergy.com.au/Alinta/media/Images/billing-services/gas-page1.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.187 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2bc860ebfceb150ace314236e172a73275850f6e24c83921b6f0a19d37d24391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
x-content-type-options
nosniff
Last-Modified
Mon, 18 Aug 2014 07:01:48 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Date
Thu, 14 Feb 2019 11:11:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
221469
ETag
"0d64947b2bacf1:0"
001966-1_Bill%20Legend%20Numbers%20Image_V02.jpg
www.unitypoint.org/filesimages/Pay%20My%20Bill/ 		263 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unitypoint.org/filesimages/Pay%20My%20Bill/001966-1_Bill%20Legend%20Numbers%20Image_V02.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.73.136.182 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-73-136-182.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d8e8d91c212062a60a2d9c528faa2792896a8fea5c9a050e0d987fac0dcf7dc1

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:51 GMT
ETag
"d7aa5d2eee5ad21:0"
Last-Modified
Tue, 20 Dec 2016 18:23:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
269667
UnderstandingYourBill-1-v3.jpg
www.bgehome.com/wp-content/uploads/2018/10/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bgehome.com/wp-content/uploads/2018/10/UnderstandingYourBill-1-v3.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.229.125.222 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
222.125.229.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
7d51f6b70cb2068e2d5d0b81271dfa15d14b121a315407338df72808637a5d0c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Vary
Accept-Encoding,Cookie,User-Agent
Last-Modified
Thu, 25 Oct 2018 21:11:15 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=3, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
232100
Expires
Sat, 16 Mar 2019 11:11:53 GMT
billpayoption1.jpg
www.seton.net/wp-content/themes/ascension/images/_seton/ 		36 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.seton.net/wp-content/themes/ascension/images/_seton/billpayoption1.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.28.110.200 Pearland, United States, ASN3728 (ONR-ADDR - Onramp Access LLC, US),
Reverse DNS
www.seton.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5c8c9c3202bf1ca7c651e8d1e83519f0a33db57f03e691d1a77d2acfe4ad11af
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.youtube.com s.ytimg.com rawgit.com rawgithub.com www.google.com analytics.twitter.com graph.facebook.com www.linkedin.com edge.addthis.com m.addthis.com m.addthisedge.com s7.addthis.com cdn.polyfill.io fullstory.com cdn.rawgit.com maps.google.com www.google-analytics.com maps.googleapis.com script.crazyegg.com use.typekit.net www.googletagmanager.com connect.facebook.net static.ads-twitter.com bat.bing.com tag.retargeter.com www.gstatic.com cdn.callrail.com analytics.twitter.com js.callrail.com cdn.jsdelivr.net blob:; font-src 'self' data: use.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: blob: secure.gra cx.atdmt.com s.ytimg.com s.w.org maps.gstatic.com p.typekit.net maps.google.com maps.googleapis.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com t.co bat.bing.com secure.adnxs.com tag.retargeter.com t.sellpoints.com; style-src 'self' 'unsafe-inline' s.ytimg.com fonts.googleapis.com analytics.twitter.com; connect-src 'self' analytics.twitter.com yoast.com performance.typekit.net js.callrail.com secure.adnxs.com tag.retargeter.com rs.fullstory.com m.addthis.com www.google-analytics.com; frame-src 'self' *.doubleclick.net www.youtube.com www.google.com m.addthis.com edge.addthis.com connect.facebook.net providers.seton.net s7.addthis.com analytics.twitter.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.youtube.com s.ytimg.com rawgit.com rawgithub.com www.google.com analytics.twitter.com graph.facebook.com www.linkedin.com edge.addthis.com m.addthis.com m.addthisedge.com s7.addthis.com cdn.polyfill.io fullstory.com cdn.rawgit.com maps.google.com www.google-analytics.com maps.googleapis.com script.crazyegg.com use.typekit.net www.googletagmanager.com connect.facebook.net static.ads-twitter.com bat.bing.com tag.retargeter.com www.gstatic.com cdn.callrail.com analytics.twitter.com js.callrail.com cdn.jsdelivr.net blob:; font-src 'self' data: use.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: blob: secure.gra cx.atdmt.com s.ytimg.com s.w.org maps.gstatic.com p.typekit.net maps.google.com maps.googleapis.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com t.co bat.bing.com secure.adnxs.com tag.retargeter.com t.sellpoints.com; style-src 'self' 'unsafe-inline' s.ytimg.com fonts.googleapis.com analytics.twitter.com; connect-src 'self' analytics.twitter.com yoast.com performance.typekit.net js.callrail.com secure.adnxs.com tag.retargeter.com rs.fullstory.com m.addthis.com www.google-analytics.com; frame-src 'self' *.doubleclick.net www.youtube.com www.google.com m.addthis.com edge.addthis.com connect.facebook.net providers.seton.net s7.addthis.com analytics.twitter.com
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
"ec468fc9f469d31:0"
Last-Modified
Thu, 30 Nov 2017 16:03:39 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache,max-age=2592000
Date
Thu, 14 Feb 2019 11:10:55 GMT
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.youtube.com s.ytimg.com rawgit.com rawgithub.com www.google.com analytics.twitter.com graph.facebook.com www.linkedin.com edge.addthis.com m.addthis.com m.addthisedge.com s7.addthis.com cdn.polyfill.io fullstory.com cdn.rawgit.com maps.google.com www.google-analytics.com maps.googleapis.com script.crazyegg.com use.typekit.net www.googletagmanager.com connect.facebook.net static.ads-twitter.com bat.bing.com tag.retargeter.com www.gstatic.com cdn.callrail.com analytics.twitter.com js.callrail.com cdn.jsdelivr.net blob:; font-src 'self' data: use.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: blob: secure.gra cx.atdmt.com s.ytimg.com s.w.org maps.gstatic.com p.typekit.net maps.google.com maps.googleapis.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com t.co bat.bing.com secure.adnxs.com tag.retargeter.com t.sellpoints.com; style-src 'self' 'unsafe-inline' s.ytimg.com fonts.googleapis.com analytics.twitter.com; connect-src 'self' analytics.twitter.com yoast.com performance.typekit.net js.callrail.com secure.adnxs.com tag.retargeter.com rs.fullstory.com m.addthis.com www.google-analytics.com; frame-src 'self' *.doubleclick.net www.youtube.com www.google.com m.addthis.com edge.addthis.com connect.facebook.net providers.seton.net s7.addthis.com analytics.twitter.com
Accept-Ranges
bytes
Content-Length
36878
X-XSS-Protection
1;mode=block
X-Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.youtube.com s.ytimg.com rawgit.com rawgithub.com www.google.com analytics.twitter.com graph.facebook.com www.linkedin.com edge.addthis.com m.addthis.com m.addthisedge.com s7.addthis.com cdn.polyfill.io fullstory.com cdn.rawgit.com maps.google.com www.google-analytics.com maps.googleapis.com script.crazyegg.com use.typekit.net www.googletagmanager.com connect.facebook.net static.ads-twitter.com bat.bing.com tag.retargeter.com www.gstatic.com cdn.callrail.com analytics.twitter.com js.callrail.com cdn.jsdelivr.net blob:; font-src 'self' data: use.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: blob: secure.gra cx.atdmt.com s.ytimg.com s.w.org maps.gstatic.com p.typekit.net maps.google.com maps.googleapis.com www.google-analytics.com stats.g.doubleclick.net www.google.com www.facebook.com t.co bat.bing.com secure.adnxs.com tag.retargeter.com t.sellpoints.com; style-src 'self' 'unsafe-inline' s.ytimg.com fonts.googleapis.com analytics.twitter.com; connect-src 'self' analytics.twitter.com yoast.com performance.typekit.net js.callrail.com secure.adnxs.com tag.retargeter.com rs.fullstory.com m.addthis.com www.google-analytics.com; frame-src 'self' *.doubleclick.net www.youtube.com www.google.com m.addthis.com edge.addthis.com connect.facebook.net providers.seton.net s7.addthis.com analytics.twitter.com
ca_hare.jpg
climateanalytics.org/images/w693/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://climateanalytics.org/images/w693/ca_hare.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:488:42:1000:b24d:6d55:47:19ff , Germany, ASN20773 (HOSTEUROPE-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
9202ab46a9c2a42e878d3c129aef6e153ccd6e7feaaa6db03b4749c29cb381fd

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Last-Modified
Wed, 13 Feb 2019 13:53:21 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
proxy-revalidate, private, max-age=31536000, max-age=604800
Content-Disposition
inline; filename="ca_hare.jpg";
Connection
keep-alive
Content-Length
8069
Expires
Thu, 21 Feb 2019 11:11:53 GMT
bill-cosby1.jpg
pmcvariety.files.wordpress.com/2018/04/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmcvariety.files.wordpress.com/2018/04/bill-cosby1.jpg?w=1000
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
31ca46f364230404ce45d1b4dd19c814a9df6f6f91114eb42b005ceb445be936

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 3
date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Wed, 18 Apr 2018 17:56:25 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
42838
expires
Tue, 19 Feb 2019 01:56:25 GMT
cbd82c22b6527a00838abe8402056b60
secure.gravatar.com/avatar/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/cbd82c22b6527a00838abe8402056b60?s=400&d=mm&r=g
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
995f473e3e8139332cbaab9dfe65723f8641699960623f59ba5b62d01f8b089f

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT vie 4
date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Tue, 11 Oct 2016 01:45:07 GMT
server
nginx
access-control-allow-origin
*
source-age
9784144
content-type
image/jpeg
status
200
cache-control
max-age=300
content-disposition
inline; filename="cbd82c22b6527a00838abe8402056b60.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/cbd82c22b6527a00838abe8402056b60?s=400&d=mm&r=g>; rel="canonical"
content-length
33974
expires
Thu, 14 Feb 2019 11:16:53 GMT
storm-invoice-2019-account.jpg
www.denvergov.org/content/dam/denvergov/Portals/711/images/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.denvergov.org/content/dam/denvergov/Portals/711/images/storm-invoice-2019-account.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.133.239.100 Denver, United States, ASN18815 (AS-CITY-AND-COUNTY-OF-DENVER - CITY AND COUNTY OF DENVER, US),
Reverse DNS
Software
/
Resource Hash
b27eb10d699fafd680520ebad690bd87b10fb642ef40f10df6ed05eb1b653165

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Last-Modified
Wed, 14 Nov 2018 16:21:55 GMT
CCDEAC
valid
ETag
"2687f-57aa2551feec0"
Content-Type
image/jpeg
Cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157823
Expires
Thu, 14 Feb 2019 11:16:53 GMT
220px-Bill_Buford.jpg
upload.wikimedia.org/wikipedia/commons/thumb/1/11/Bill_Buford.jpg/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/11/Bill_Buford.jpg/220px-Bill_Buford.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
4d9fd875b7bb32024e932144941e1c21b5d57f2f42eaec9d44a3b8a0217e99eb
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
x-trans-id
tx5edd5e63690f49419184e-005c6421fc
age
76538
x-cache-status
hit-local
x-cache
cp1076 hit/1, cp3037 hit/13, cp3047 miss
status
200
content-disposition
inline;filename*=UTF-8''Bill_Buford.jpg
server-timing
cache;desc="hit-local"
content-length
11899
x-client-ip
2a01:4f8:202:a9::2
x-object-meta-sha1base36
jtt55s4is3wt88vrdeukttxlqpv0qge
last-modified
Tue, 16 May 2017 10:32:27 GMT
etag
507c6e5327bb31096e774f1e69469811
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
99970721 97742015, 345730340 222306630, 79798237
access-control-allow-origin
*
x-timestamp
1494930746.49506
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
181127132920-01-flake-trump-file-large-169.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/181127132920-01-flake-trump-file-large-169.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:187::3134 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9e38f2ab3d7bac4aa0a4b3e8afa9fdff695161d0e5ee1b4b707ab654603108f9

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:53 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
15888
expires
Thu, 14 Feb 2019 12:11:53 GMT
Blank%20bill%20form-386x504.jpg
www.frontier-power.com/sites/frontierpower/files/resize/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.frontier-power.com/sites/frontierpower/files/resize/images/Blank%20bill%20form-386x504.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
104.154.113.180 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.113.154.104.bc.googleusercontent.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
15562275ba2812584d3299c7a47e41d9a2f3bb1ba79f42e45c5bc28ba5a1e78b

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Via
1.1 varnish-v4
Last-Modified
Mon, 16 Apr 2018 20:36:28 GMT
Server
Apache/2.4.25 (Debian)
Age
0
ETag
"721a-569fd2d1beb00"
Transfer-Encoding
chunked
X-Varnish
27539682
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
bill_cosby_photo_gilbert_carrasquillo_getty_images_645957922_profile.jpg
www.biography.com/.image/t_share/MTQ3NzA3MjIxNjk2ODQ5Nzgw/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biography.com/.image/t_share/MTQ3NzA3MjIxNjk2ODQ5Nzgw/bill_cosby_photo_gilbert_carrasquillo_getty_images_645957922_profile.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.98 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7d944a9d9f9834aff7b01e9397934525c91284b9e34874b0d71225e395f66f65

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:53 GMT
via
1.1 varnish, 1.1 varnish
age
2507722
x-say-cacheable
YES
x-say-ttl
31536000.000
status
200
x-cache
HIT, HIT
x-saycdn-ttl
31297128.000
content-length
212624
x-served-by
cache-iad2121-IAD, cache-hhn1526-HHN
last-modified
Mon, 23 Jul 2018 15:52:02 GMT
server
cloudinary
x-timer
S1550142713.077503,VS0,VE5
etag
"3cb0606e8be0b51cdaf42b46744ecf29"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
bill-skarsgard-it.jpg
ewedit.files.wordpress.com/2017/12/ 		723 KB
724 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewedit.files.wordpress.com/2017/12/bill-skarsgard-it.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.26 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
24298c8437ef90d55b82c0696356e9bff0fb1e6e254ac73e8cc100a8e8392b88

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 26 np
date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Wed, 20 Dec 2017 23:12:02 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
740739
expires
Sat, 23 Feb 2019 21:00:41 GMT
Sample-Bill-January-2014-Demand.jpg
www.nspower.ca/site/media/Parent/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nspower.ca/site/media/Parent/Sample-Bill-January-2014-Demand.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.67.0.107 Halifax, Canada, ASN22636 (NOVA-SCOTIA-POWER - Nova Scotia Power, Inc., CA),
Reverse DNS
ratesandregs.nspower.ca
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
71af410ef64562fcb363064a53a7db0b3cfb2dd3909aea8d68866ed44ccec556

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
ETag
"0733e7ff8acf1:0"
Last-Modified
Mon, 06 Jan 2014 16:01:02 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
231698
bill-murray-food-truck.jpg
fortunedotcom.files.wordpress.com/2018/06/ 		590 KB
591 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fortunedotcom.files.wordpress.com/2018/06/bill-murray-food-truck.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.30 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2d9744f060f774705ff6f07eb51180552a3838fc1b7690fd06749867ccb8f2bb

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT ams 30 np
date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Fri, 08 Jun 2018 14:19:23 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
604571
expires
Mon, 25 Feb 2019 17:54:18 GMT
Viola,kp,9-7-08_2213_Photo_Kira_Perov_72dpi.jpg
www.billviola.com/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.billviola.com/Viola,kp,9-7-08_2213_Photo_Kira_Perov_72dpi.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.146.129 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS
129.146.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
3821bb6544ab295aec758d8513b1a4bc232e8f0e49cc100d99aabb01c08362e1

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Last-Modified
Fri, 04 Jan 2019 01:07:36 GMT
Server
Apache/2
ETag
"fac7-57e978138ef09"
Content-Type
image/jpeg
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=30
Content-Length
64199
Expires
Thu, 14 Feb 2019 15:11:53 GMT
sample-bill.jpg
www.fpl.com/rates/images/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fpl.com/rates/images/sample-bill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:18a::3279 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
596455a98e96f986f7d6c1ae0b85d23002ff1a0f2005e61acee74b2bba82fdd8

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Wed, 22 Jul 2015 20:44:29 GMT
access-control-allow-origin
https://es.fpl.com
etag
"5c728-38fb3-51b7cd64fc540"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
expires
Thu, 21 Feb 2019 09:26:59 GMT
cache-control
max-age=598506
server-timing
cdn-cache; desc=HIT, edge; dur=79
accept-ranges
bytes
content-length
233395
x-ua-compatible
IE=edge
aid1641216-v4-728px-Pay-Verizon-Residential-Phone-Bill-Step-3.jpg
www.wikihow.com/images/thumb/d/da/Pay-Verizon-Residential-Phone-Bill-Step-3.jpg/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wikihow.com/images/thumb/d/da/Pay-Verizon-Residential-Phone-Bill-Step-3.jpg/aid1641216-v4-728px-Pay-Verizon-Residential-Phone-Bill-Step-3.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.122.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3b81c8199e2b4e7cbc142b26e2391d3c44a0c25dfa5a469cfaa37affab713136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Mar 2017 22:38:45 GMT
age
148627
etag
"0282ef01e7e3ec29fb82f48d25520c26"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-c
cache-cdg20744-CDG,H,148627
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
x-timer
S1550142714.688556,VS0,VE2
content-length
80236
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 17:54:47 GMT
bill-timmons.jpg
cbsnews3.cbsistatic.com/hub/i/r/2019/01/08/32a428bb-23cf-4989-9feb-151bbbe89b70/thumbnail/620x481/4aafa74699293fc54a2ad9df6b0776cf/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsnews3.cbsistatic.com/hub/i/r/2019/01/08/32a428bb-23cf-4989-9feb-151bbbe89b70/thumbnail/620x481/4aafa74699293fc54a2ad9df6b0776cf/bill-timmons.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.41 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-215-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e6094cd45c3bea0e4ad1730b51a076ab74605ff560df3ad5d82bee7a23519eba

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:53 GMT
last-modified
Thu, 17 Jan 2019 20:10:24 GMT
server
nginx
etag
"5c40e130-56ed"
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
link
<https://cbsnews1.cbsistatic.com/hub/i/r/2019/01/08/32a428bb-23cf-4989-9feb-151bbbe89b70/thumbnail/620x481/4aafa74699293fc54a2ad9df6b0776cf/bill-timmons.jpg>; rel="canonical"
content-length
22253
expires
Mon, 15 Apr 2019 11:11:53 GMT
Bill%20Skarsgard-Cruel%20Summer-GQ-July-2018-01.jpg
media.gq.com/photos/5b489c379eea1c27bfdb9da8/3:4/w_640/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gq.com/photos/5b489c379eea1c27bfdb9da8/3:4/w_640/Bill%20Skarsgard-Cruel%20Summer-GQ-July-2018-01.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
ebaa631de7d14bc256ec4cfe77cb9ec39958c37b150311ddbd9f09a29d834788

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Via
1.1 varnish, 1.1 varnish
Age
4745304
etag
"4"
X-Cache
HIT, HIT
Content-Type
image/jpeg
cache-control
max-age=30758400, must-revalidate, public
X-Cache-Hits
1, 1
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1550142714.677197,VS0,VE1
Content-Length
88395
X-Served-By
cache-iad2120-IAD, cache-hhn1550-HHN
suspendedpage.cgi
www.puppetswhokill.com/cgi-sys/
Redirect Chain
  • http://www.puppetswhokill.com/wp-content/uploads/2013/12/puppets-who-kill-bill-ventriloquist-dummy-e1394824580561.jpg
  • http://www.puppetswhokill.com/cgi-sys/suspendedpage.cgi
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.puppetswhokill.com/cgi-sys/suspendedpage.cgi
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
143.95.82.3 Los Angeles, United States, ASN62729 (ASMALLORANGE1 - A Small Orange LLC, US),
Reverse DNS
ip-143-95-82-3.iplocal
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location
http://www.puppetswhokill.com/cgi-sys/suspendedpage.cgi
Date
Thu, 14 Feb 2019 11:11:54 GMT
Server
nginx/1.14.1
Connection
keep-alive
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
220px-BillMaherSept10.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/44/BillMaherSept10.jpg/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/44/BillMaherSept10.jpg/220px-BillMaherSept10.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
/
Resource Hash
b322717a56a02839960fb670d2d051592111b47f15451bb8316fb5dc7f7be833
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Thu, 14 Feb 2019 11:11:51 GMT
via
1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1), 1.1 varnish (Varnish/5.1)
content-type
image/jpeg
age
39384
x-cache-status
hit-front
x-cache
cp1076 hit/2, cp3039 hit/4, cp3047 hit/14
status
200
content-length
17945
server-timing
cache;desc="hit-front"
x-trans-id
tx9adf5b07f2014d32985df-005c64b31e
x-client-ip
2a01:4f8:202:a9::2
last-modified
Fri, 11 Aug 2017 19:28:12 GMT
etag
785f242aef1a49d44ae8d2a9c2d2b046
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
148426915 148596135, 219006311 218731256, 69294198 1064400067
access-control-allow-origin
*
x-timestamp
1502479691.78937
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
045207961.jpg
vindy.media.clients.ellingtoncms.com/img/tributes_and_deaths/2018/09/25/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vindy.media.clients.ellingtoncms.com/img/tributes_and_deaths/2018/09/25/045207961.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.91.60.7 Chicago, United States, ASN14244 (NSIHOSTING-EQX-VA - NSI Hosting, US),
Reverse DNS
*.media.clients.ellingtoncms.com
Software
nginx/1.14.0 /
Resource Hash
ac52611df3ebf1af24fcf6f4ae77762808ea642648091f87ec700a2b032cc6d4

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:54 GMT
Last-Modified
Wed, 26 Sep 2018 00:30:24 GMT
Server
nginx/1.14.0
Age
7539
ETag
"1307270573"
X-Cache
HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
X-Cache-Hits
2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20307
Expires
Sat, 16 Mar 2019 09:06:13 GMT
Invoice-from-GP-v3.jpg
www.bgehome.com/wp-content/uploads/2018/10/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bgehome.com/wp-content/uploads/2018/10/Invoice-from-GP-v3.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.229.125.222 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
222.125.229.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
6373f618bd6bbc3d9778d402b898dfab406c5983edb35cd0b775f1e9f6c52b92
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:53 GMT
Vary
Accept-Encoding,Cookie,User-Agent
Last-Modified
Thu, 25 Oct 2018 21:10:43 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=3, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
221460
Expires
Sat, 16 Mar 2019 11:11:53 GMT
celis-bill.jpg
annenberg.usc.edu/sites/default/files/styles/profile_faculty_std/public/profile_photos/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://annenberg.usc.edu/sites/default/files/styles/profile_faculty_std/public/profile_photos/celis-bill.jpg?itok=wH-xf5lW
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.175.16 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-22-175-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6bd3a1a6b6ee623aded1fe444df57f4835cc14546a3bac8177d1a0d227ca04dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Feb 2017 10:02:27 GMT
server
nginx
content-type
image/jpeg
status
200
x-ah-environment
prod
cache-control
max-age=1209600
accept-ranges
bytes
content-length
48774
x-request-id
827f37f41ccb7262f5fe8d0a68415cba
expires
Thu, 28 Feb 2019 11:11:54 GMT
SC_Alumni_Murray_Bill_600x600_001.jpg
www.secondcity.com/wp-content/uploads/2014/09/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secondcity.com/wp-content/uploads/2014/09/SC_Alumni_Murray_Bill_600x600_001.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.117.161 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-209-117-161.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e147abf74fb42f8ac19b4217b9c6439fcfe146839c8d6e9a7cd7253918f544b4

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Feb 2019 11:11:54 GMT
last-modified
Tue, 03 May 2016 10:24:20 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"57287c54-11b36"
content-type
image/jpeg
status
200
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
72502
expires
Sat, 16 Mar 2019 11:11:54 GMT
SBMBill.jpg
www.uppclonline.com/en_GB/images/innerpages/login/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.uppclonline.com/en_GB/images/innerpages/login/SBMBill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
125.19.181.9 , India, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software
Apache /
Resource Hash
a1f254ed6860a0a57130173f1ff5a4f116f0540cdcc951e3fb8d9eb66f44d0f8

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:50 GMT
Last-Modified
Mon, 10 Sep 2012 05:37:37 GMT
Server
Apache
ETag
"445e1-a11d-4c9525aefaa40"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=49
Content-Length
41245
Expires
Fri, 14 Feb 2020 11:11:50 GMT
AMEX_BuffaloBill_2800x1576-resize-400x0-70.jpg
amex.wgbhdigital.org/media/__sized__/canonical_images/film/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://amex.wgbhdigital.org/media/__sized__/canonical_images/film/AMEX_BuffaloBill_2800x1576-resize-400x0-70.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
45.55.148.86 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5b222f2393b5f9e530d3f76b3a1fe460033435153c12d617aa280a3a135b6d5f

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:54 GMT
Last-Modified
Mon, 13 Nov 2017 20:53:09 GMT
Server
nginx/1.12.2
ETag
"5a0a0635-3b80"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15232
merlin_146479515_136c32f1-3c7f-4abf-b084-4a7f662db3db-articleLarge.jpg
static01.nyt.com/images/2018/12/12/us/politics/12dc-criminal/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2018/12/12/us/politics/12dc-criminal/merlin_146479515_136c32f1-3c7f-4abf-b084-4a7f662db3db-articleLarge.jpg?quality=75&auto=webp&disable=upscale
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2417e32ea48d492420c1bdb936c80c5ec8368a270780e24899dbb9f8fa026731

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
via
1.1 varnish, 1.1 varnish
age
563198
status
200
x-cache
HIT, MISS
fastly-io-info
ifsz=32880 idim=600x400 ifmt=jpeg ofsz=9152 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 0
fastly-stats
io=1
content-length
9152
x-served-by
cache-iad2130-IAD, cache-hhn1542-HHN
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1550142714.313761,VS0,VE89
etag
"SMIpo4LyyxTHl9esI65Clqd2//qJ+s20rHxfQCi9H3A"
vary
Accept
x-goog-hash
crc32c=bbmw0g==, md5=STwnNE6KOpMCTM6GnA9esg==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2Uqyr-8gE09bRGNCmpZISnmz0UMhGNMrvTUoJkOP_hw2Edr0bN95hRmc0nsIReqMb2Kf2xhzjBF_mC6ugIMg-4LyrdxXaA
expires
Thu, 07 Feb 2019 22:45:16 GMT
bill_gates_2012_wikimedia_commons_promojpg.jpg
www.biography.com/.image/t_share/MTMyNDczNDI1MjgwMTQ1ODg2/ 		314 KB
314 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.biography.com/.image/t_share/MTMyNDczNDI1MjgwMTQ1ODg2/bill_gates_2012_wikimedia_commons_promojpg.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.98 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b2a3239080787a8f3d82f6e40580db619db519d0f7cf1687b07fb3bb2fedc1f8

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
via
1.1 varnish, 1.1 varnish
age
1105340
x-say-cacheable
YES
x-say-ttl
31536000.000
status
200
x-cache
HIT, HIT
x-saycdn-ttl
30586377.000
content-length
321144
x-served-by
cache-iad2128-IAD, cache-hhn1526-HHN
last-modified
Thu, 18 Oct 2018 07:37:27 GMT
server
cloudinary
x-timer
S1550142714.411737,VS0,VE5
etag
"7c11f39e8d0e033160dda2512462d695"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31556763
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
MV5BMjI0NzYwMDAxM15BMl5BanBnXkFtZTgwMzg2ODg2MjE@._V1_UY317_CR17,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMjI0NzYwMDAxM15BMl5BanBnXkFtZTgwMzg2ODg2MjE@._V1_UY317_CR17,0,214,317_AL_.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.141.62 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-141-62.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c959f802a975a5cc3d726b58e6594a9e8846a7401a46700a7d1cab13b7a9bce

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 15 Nov 2018 23:28:29 GMT
via
1.1 e430a35037c484cf19f375480cabfca3.cloudfront.net (CloudFront)
last-modified
Fri, 12 Sep 2014 18:58:06 GMT
server
Server
age
7975872
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=630720000,public
x-amz-ir-id
077132b3-c055-4c8d-a76e-c719f0759108
access-control-allow-origin
*
content-length
8919
x-amz-cf-id
ygwv9TpSXE1coVpHD2jQn3q0VKCCNh7vaSvtdKO9c8ZW-E7ywX0szg==
expires
Mon, 06 Sep 2038 00:24:36 GMT
3143816_generic-bill-cosby-img-021218.jpg
cdn.abcotvs.com/dip/images/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.abcotvs.com/dip/images/3143816_generic-bill-cosby-img-021218.jpg?w=630&r=16:9
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28d::9f0 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
97bc4ece4477cf14ea5778d70cb79fc33176aa41b421f2e8a2753a46f34c89f7

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:54 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
max-age=86400
X-Varnish
376185344
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
114_rp_mi_2_huizenga_bill.jpg
www.congress.gov/img/member/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.congress.gov/img/member/114_rp_mi_2_huizenga_bill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.173.252 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ffea27cab266b07058b2603f8b6b520e9ed5a87e642c867a3283c8eebd4ae0
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://*.house.gov https://*.house.gov http://*.senate.gov https://*.senate.gov http://*.loc.gov https://*.loc.gov

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
x-cdg-access-group
PUBLIC
cf-cache-status
REVALIDATED
x-cacheable
YES
status
200
content-length
46262
last-modified
Fri, 11 Jan 2019 15:15:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=172800
content-security-policy
frame-ancestors http://*.house.gov https://*.house.gov http://*.senate.gov https://*.senate.gov http://*.loc.gov https://*.loc.gov
accept-ranges
bytes
cf-ray
4a8f18bd6a1bc783-AMS
expires
Sat, 16 Feb 2019 11:11:54 GMT
Bill-Nov-2018.jpg
billkonigsberg.files.wordpress.com/2019/01/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billkonigsberg.files.wordpress.com/2019/01/Bill-Nov-2018.jpg?w=270&h=473
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
cf9f015c3329f56cf2f3b48916fe89b7b890d5eaa3cc67cedd6e4be4d03db9b7

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
MISS fra 28 np
date
Thu, 14 Feb 2019 11:11:54 GMT
last-modified
Tue, 01 Jan 2019 14:22:40 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
28156
expires
Fri, 01 Mar 2019 20:03:13 GMT
105684282-1547729819915rts2aky1.600x337.jpg
fm.cnbc.com/applications/cnbc.com/resources/img/editorial/2019/01/17/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fm.cnbc.com/applications/cnbc.com/resources/img/editorial/2019/01/17/105684282-1547729819915rts2aky1.600x337.jpg?v=1547729971
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.243 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3b49e98889be1004099eff555109fcf0bf9391daee5c6bb92968d9816f51260

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
content-encoding
gzip
imageservice-revision
f3f17ded017f2cb2bc53d5c95f6f496434f91ddd
status
200
imageservice-requestid
H-1549663117996-964410
content-length
25947
x-application-context
application:prod:18089
x-aicache-os
172.31.15.238:18089, 100.25.56.252:80
imageservice-application-version
v1
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*, *
cache-control
max-age=2592000
access-control-allow-credentials
*, *
imageservice-release-version
2.0.2
expires
Sat, 16 Mar 2019 11:11:54 GMT
ED-AY164_Winter_8U_20181206125501.jpg
si.wsj.net/public/resources/images/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://si.wsj.net/public/resources/images/ED-AY164_Winter_8U_20181206125501.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:29c::7e5 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d9c3b5e8a5f8af9a89b85a7c03ebf7572d06f0f7e54a46d802d793a580e9ea8

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
miK6nF9b8Z4J.xstqeLecXk4rCoQEIWf
Last-Modified
Thu, 06 Dec 2018 17:55:10 GMT
Server
AmazonS3
x-amz-request-id
6B24C4F57C54016C
ETag
"408b51d14affc50bdbe8e80825c32c34"
x-amz-id-2
bBbT0M80Tfx6WfuKGPeFSCgehq/IKLHoyYfe44rc1uyuOILotsIdHi1DsCh5mF4D833RfQLHcDs=
Content-Type
image/jpeg
Cache-Control
max-age=85641
Date
Thu, 14 Feb 2019 11:11:54 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43213
x-amz-meta-source_bucket
djsp-prod-pubedit-s3-media-lzv
X-Amz-Cf-Id
dfavb23k-82MRmT6FOPi2R3mY0gk5H5mG-QRlih-gAgWnb7iTb4-RA==
unnamed-22.jpg
www.indiewire.com/wp-content/uploads/2016/06/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.indiewire.com/wp-content/uploads/2016/06/unnamed-22.jpg?w=753
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
32cd4f9c6dc3b00adbe733f70367d393b6dcc537de05f7f16b6159e84bb59c39

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
x-rq
fra1 96 195 443
last-modified
Fri, 01 Feb 2019 20:25:21 GMT
server
nginx
age
1089992
etag
"dcf6c836d3bb4584"
vary
Accept
x-cache
hit
content-type
image/webp
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
87606
expires
Sat, 01 Feb 2020 20:25:21 GMT
bill-book-500x500.jpg
2.imimg.com/data2/JB/CB/MY-5832228/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.imimg.com/data2/JB/CB/MY-5832228/bill-book-500x500.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.242 Seattle, United States, ASN (),
Reverse DNS
server-13-32-223-242.fra56.r.cloudfront.net
Software
nginx/1.0.15 /
Resource Hash
aeb2798f40e776dcdfcfa8cb646548f0f02fb3400a92990af669fd5568dbecae

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 12 Jan 2018 13:36:34 GMT
via
1.1 e77255787d333d7481d3de3a89fb3ee2.cloudfront.net (CloudFront)
last-modified
Mon, 26 May 2014 13:20:57 GMT
server
nginx/1.0.15
age
2840733
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-origin
*
content-length
27509
x-amz-cf-id
DTIUE9Hy5kGy3fAaoK3g1ZFPeZ_rSO3GH0zF5jKmrmpF2B97Vsr6dw==
expires
Sat, 12 Jan 2019 13:36:34 GMT
laboratory-bill-example.jpg
www.beaumont.org/images/default-source/bill-pay-online/ 		273 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.beaumont.org/images/default-source/bill-pay-online/laboratory-bill-example.jpg?sfvrsn=30
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.89.33.83 Des Moines, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5238daae8c47176251776c5096770303f88eb258fd7f7c5674124662c8de0a99

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Feb 2019 11:11:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Cache-Control
no-cache
content-disposition
inline; filename=laboratory-bill-example.jpg
Content-Length
279467
Expires
-1
Bill-Murray-Tom-Hanks-photo-trending_trans_NvBQzQNjv4BqpJliwavx4coWFCaEkEsb3kvxIt-lGGWCWqwLa_RXJU8.PNG
www.telegraph.co.uk/content/dam/films/2016/10/25/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegraph.co.uk/content/dam/films/2016/10/25/Bill-Murray-Tom-Hanks-photo-trending_trans_NvBQzQNjv4BqpJliwavx4coWFCaEkEsb3kvxIt-lGGWCWqwLa_RXJU8.PNG?imwidth=450
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.246.35 Amsterdam, Netherlands, ASN (),
Reverse DNS
a104-111-246-35.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8d1d11aff3f67cf77f8c331e285e4f73a88449fef1eaccc94ae03e402309030a

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:55 GMT
Content-Encoding
gzip
X-Check-Cacheable
YES
Server
Akamai Image Manager
ETag
"88ffb-555dbe7c1f480"
X-Serial
1965
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
no-transform, max-age=31536000
Last-Modified
Tue, 27 Feb 2018 07:32:25 UTC
Connection
keep-alive
Content-Length
18558
_1cosbymugshot.jpg
images.thestar.com/QCOQ1XAa5AOeIBOhsPKGr8fJ6cM=/605x761/smart/filters:cb(2700061000)/https://www.thestar.com/content/dam/thestar/news/world/2018/09/26/bill-cosby-now-inmate-nn7687-placed-in-single-... 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.thestar.com/QCOQ1XAa5AOeIBOhsPKGr8fJ6cM=/605x761/smart/filters:cb(2700061000)/https://www.thestar.com/content/dam/thestar/news/world/2018/09/26/bill-cosby-now-inmate-nn7687-placed-in-single-cell/_1cosbymugshot.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.208 Seattle, United States, ASN (),
Reverse DNS
server-13-32-223-208.fra56.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8c92507fd875c728af7710552669c65ea368c9e6297efb1a33424a5a15f3cc6b

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:55 GMT
via
1.1 6fe90cb7a4852d2683f62e862f7a790c.cloudfront.net (CloudFront)
server
nginx/1.10.3 (Ubuntu)
etag
"66ca469324cc52a38810ec32d542e77bd5c854e1"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000
content-length
35744
x-amz-cf-id
o4LjlbPOx2bHBBXX4S9QyhWnGiNDe-ebU0NS6csG_cQzKR_HPeyjgg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
electricity-bill-explained-account-number-mprn.jpg
www.electricireland.ie/images/help/billing/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.electricireland.ie/images/help/billing/electricity-bill-explained-account-number-mprn.jpg?sfvrsn=ef3ab40d_2
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.198.212.168 Dublin, Ireland, ASN (),
Reverse DNS
87-198-212-168.ptr.magnet.ie
Software
/
Resource Hash
bb622e07fec868bb077d1f73548ee14b4d59b129ed39c1dcfb21dc85495dfd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Jan 2019 16:08:39 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Expires
Wed, 15 May 2019 10:11:33 GMT
Cache-Control
public, max-age=7776000
content-disposition
inline; filename=electricity-bill-explained-account-number-mprn.jpg
Content-Length
127311
X-UA-Compatible
IE=Edge
bill_rol_v1.jpg
www.lextracourt.com/thumb/bg__FFFFFF/f__jpg/h__529/q__83/w__942/zc__1/src/fichier/e_film/3553/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lextracourt.com/thumb/bg__FFFFFF/f__jpg/h__529/q__83/w__942/zc__1/src/fichier/e_film/3553/bill_rol_v1.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.172.77.104 , United Kingdom, ASN (),
Reverse DNS
4th-line.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
add3aa38392167d63e17486438dc633cdcdcd3b2aa81ab3bd56bd67e0ae5b08a

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
private
Date
Thu, 14 Feb 2019 11:11:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Feb 2019 10:58:41 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"cfa248de565a9b96d1573e357856dcae-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
Transfer-Encoding
chunked
Content-Disposition
inline; filename="phpThumb_generated_thumbnail.jpg"
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Sat, 16 Mar 2019 11:11:54 +0000
19dc-criminal3-articleLarge.jpg
static01.nyt.com/images/2018/12/22/us/22dc-criminal3/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2018/12/22/us/22dc-criminal3/19dc-criminal3-articleLarge.jpg?quality=75&auto=webp&disable=upscale
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
516e7c52742eae2b74894ffb1deb8f3706203c6d40450b6162203fed9c917379

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:54 GMT
via
1.1 varnish, 1.1 varnish
age
408250
status
200
x-cache
HIT, HIT
fastly-io-info
ifsz=62977 idim=600x400 ifmt=jpeg ofsz=23554 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
fastly-stats
io=1
content-length
23554
x-served-by
cache-iad2132-IAD, cache-hhn1542-HHN
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1550142715.815041,VS0,VE1
etag
"aoEhYZkhBk2Bfxid3sb4BtNW1eVfodDUvV1bjJ/dCWE"
vary
Accept
x-goog-hash
crc32c=RbT41g==, md5=D/1fGnuqt9l5379CXRMlsQ==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2UrT0i0IOmhQoRXGgW16msmW85LDxbK5nmY2WWkq9hnOnfjsU6BVfrmM3-H7gCqPYanSC0fUwr-2U1pXJYDqnqxv37g8uw
expires
Sat, 09 Feb 2019 17:47:44 GMT
rome-bill.jpg
www.romefloyd.com/system/images/W1siZiIsIjIwMTUvMDQvMjMvMTgvMzQvNDkvODEwL3JvbWVfYmlsbC5qcGciXV0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.romefloyd.com/system/images/W1siZiIsIjIwMTUvMDQvMjMvMTgvMzQvNDkvODEwL3JvbWVfYmlsbC5qcGciXV0/rome-bill.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.196.229.234 Ann Arbor, United States, ASN (),
Reverse DNS
234.229.196.35.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) / Phusion Passenger 5.3.5
Resource Hash
abc681d7e7e14c74e1278edc6e2e49ae43ba7b61b7aea92201d19831d7c98c79

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Runtime
0.115379
Date
Thu, 14 Feb 2019 11:11:55 GMT
Server
Apache/2.4.29 (Ubuntu)
X-Powered-By
Phusion Passenger 5.3.5
ETag
"d82506b6bb045bba7315425323fc5dc683e12bba"
Content-Type
image/jpeg
Status
200 OK
Cache-Control
public, max-age=31536000
Content-Disposition
filename="rome-bill.jpg"
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
9008
X-Request-Id
3393dce0-357e-4a3b-9981-fe9658d4b1c8
l-Wn5Nzn_400x400.jpeg
pbs.twimg.com/profile_images/513048401307385856/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/513048401307385856/l-Wn5Nzn_400x400.jpeg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A0) /
Resource Hash
561c1d4be680a0516de86b06c0a5c7c70de56a3d040b3d457f65a87623c4cf91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:51 GMT
x-content-type-options
nosniff
content-md5
wbN3mHU33V+M5gAZHFU2Hg==
x-cache
MISS
status
200
content-length
21545
x-response-time
121
surrogate-key
profile_images profile_images/bucket/5 profile_images/513048401307385856
last-modified
Fri, 19 Sep 2014 19:32:05 GMT
server
ECS (fcn/41A0)
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1a7c5882e55e725f9e741baabaebf0d4
accept-ranges
bytes
GettyImages_1066324970.0.jpg
cdn.vox-cdn.com/thumbor/vYOO-q40uA-egzmNOQvAA4uyfmQ=/0x0:5518x3702/1200x800/filters:focal(2105x1393:2987x2275)/cdn.vox-cdn.com/uploads/chorus_image/image/62600605/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/vYOO-q40uA-egzmNOQvAA4uyfmQ=/0x0:5518x3702/1200x800/filters:focal(2105x1393:2987x2275)/cdn.vox-cdn.com/uploads/chorus_image/image/62600605/GettyImages_1066324970.0.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.124 San Francisco, United States, ASN (),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
84f5c7eef33d5616cc7703263788ba24f603652d88c0d5e2f172884c1a1cacef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 14 Feb 2019 11:11:55 GMT
via
1.1 varnish, 1.1 varnish
age
69598
x-cache
HIT, MISS
status
200
strict-transport-security
max-age=31536000
content-length
51802
x-served-by
cache-iad2123-IAD, cache-cdg20734-CDG
server
nginx/1.11.5
x-timer
S1550142715.947310,VS0,VE94
etag
"ef47506d8df5b4af846c80f64ad9ba0be81b1742"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 13 Feb 2029 03:51:56 GMT
cache-control
max-age=315576000,public
accept-ranges
bytes
x-cache-hits
1, 0
bgca-bill-graham-profile.jpg
billgrahamcivic.com/wp-content/uploads/sites/3/2016/02/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://billgrahamcivic.com/wp-content/uploads/sites/3/2016/02/bgca-bill-graham-profile.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
13.32.223.191 Seattle, United States, ASN (),
Reverse DNS
server-13-32-223-191.fra56.r.cloudfront.net
Software
nginx/1.12.2 /
Resource Hash
c562089f79dec69f1982b0a1fbc96624ac9b240654cd47eff046927e49ba6b29

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 05:42:27 GMT
Via
1.1 8bbec5871de1c2a41003db8fbeafebf8.cloudfront.net (CloudFront)
Last-Modified
Fri, 27 Oct 2017 13:14:32 GMT
Server
nginx/1.12.2
Age
19767
ETag
"59f33138-cdea"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=43200
X-this-server
3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52714
X-Amz-Cf-Id
Ut3F-yh91GQ4dLX3XfYPSqk4qINaZ5PGlfQRputVtIC55jfImxAFUw==
Expires
Thu, 14 Feb 2019 17:42:27 GMT
Bill%20Skarsgard-Cruel%20Summer-GQ-July-2018-09.jpg
media.gq.com/photos/5b48ac7280d4544fbe01eb2b/master/w_800/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gq.com/photos/5b48ac7280d4544fbe01eb2b/master/w_800/Bill%20Skarsgard-Cruel%20Summer-GQ-July-2018-09.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
01c3f32144253a15b453ae7657e3850f2d8bf0673a4d25b569e5279032fdbaed

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:54 GMT
Via
1.1 varnish, 1.1 varnish
Age
1719722
etag
"0"
X-Cache
HIT, HIT
Content-Type
image/jpeg
cache-control
max-age=30758400, must-revalidate, public
X-Cache-Hits
1, 9
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1550142715.987641,VS0,VE0
Content-Length
80466
X-Served-By
cache-iad2139-IAD, cache-hhn1550-HHN
Hospital-Bill-Example-.jpg
www.maryfreebed.com/wp-content/uploads/2014/12/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maryfreebed.com/wp-content/uploads/2014/12/Hospital-Bill-Example-.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.227.48.111 Ann Arbor, United States, ASN (),
Reverse DNS
111.48.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca9dbb5d4c7af875bd07f8458645306a7cacaa55bb4cdaa2f0427da8adf16e65

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Thu, 14 Feb 2019 11:11:55 GMT
last-modified
Wed, 03 Oct 2018 17:39:25 GMT
server
nginx
access-control-allow-origin
*
etag
"5bb4fecd-1849f"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
99487
bigpic.jpg
councilportal.cumbria.gov.uk/UserData/9/7/5/Info00001579/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://councilportal.cumbria.gov.uk/UserData/9/7/5/Info00001579/bigpic.jpg
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
217.114.50.151 Lancaster, United Kingdom, ASN (),
Reverse DNS
151-50-114-217.reverse.luns.net.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bcde534cca8e81234c7cf63e2817da077987ccaff39c6e21e4030280d09f85b6

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:55 GMT
ETag
"15434d6f5f38d31:0"
Last-Modified
Thu, 28 Sep 2017 13:41:06 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9782
t.php
c.statcounter.com/ 		49 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.statcounter.com/t.php?sc_project=11945850&java=1&security=402e6e26&u1=2C0B2D88BB974F28E56A62814D2F3D32&sc_random=0.020607848270320694&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//668zhe.xyz/&t=&sc_snum=1&sess=4ea83c&p=0&invisible=1
Requested by
Host: 668zhe.xyz
URL: http://668zhe.xyz/
Protocol
HTTP/1.1
Server
104.20.3.47 San Francisco, United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://668zhe.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:55 GMT
Server
cloudflare
CF-RAY
4a8f18c1168cc82d-AMS
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
bg.gif
668zhe.xyz/ 		204 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://668zhe.xyz/bg.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b5be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d964907f9cb6ef9a2a7b1d73a015482fea5dd4c5d150300c23cbc2e3bfb1af2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
668zhe.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://668zhe.xyz/new/style.css
Cookie
__cfduid=d2dee4b84329a49f293f3b1c9ab1a3b071550142711; sc_is_visitor_unique=rx11945850.1550142712.2C0B2D88BB974F28E56A62814D2F3D32.1.1.1.1.1.1.1.1.1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://668zhe.xyz/new/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 11:11:52 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4a8f18add0c1c2f6-FRA
Expires
Thu, 14 Feb 2019 15:11:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.epwater.org
URL
https://www.epwater.org/UserFiles/Servers/Server_6843404/Image/Customer%20Service/customer-bill.jpg

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask number| sc_project number| sc_invisible string| sc_security number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int object| _sc_epoch_now number| _sc_epoch_days number| _sc_days_elapsed number| _sc_fix_threshold number| _sc_fix_min_threshold boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors undefined| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call function| $ function| jQuery object| jQuery17108436469764207872

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.imimg.com
2hfa2t4cz3ylcefo522rz6jm-wpengine.netdna-ssl.com
668zhe.xyz
ajax.googleapis.com
amex.wgbhdigital.org
amp.businessinsider.com
annenberg.usc.edu
app.bchydro.com
billgrahamcivic.com
billkonigsberg.files.wordpress.com
c.statcounter.com
cbsnews3.cbsistatic.com
cdn.abcotvs.com
cdn.cnn.com
cdn.nashvillescene.com
cdn.vox-cdn.com
climateanalytics.org
councilportal.cumbria.gov.uk
ewedit.files.wordpress.com
fm.cnbc.com
fortunedotcom.files.wordpress.com
i.guim.co.uk
images-na.ssl-images-amazon.com
images.thestar.com
images.tritondigitalcms.com
imagesvc.timeincapp.com
lookaside.fbsbx.com
m.media-amazon.com
magazin.lufthansa.com
media.gq.com
media.secure-mobiles.com
moneydotcomvip.files.wordpress.com
pbs.twimg.com
pixel.nymag.com
pmcvariety.files.wordpress.com
rgvqcsxqge.com
secure.gravatar.com
si.wsj.net
specials-images.forbesimg.com
static.independent.co.uk
static.libsyn.com
static01.nyt.com
static1.squarespace.com
thenypost.files.wordpress.com
timedotcom.files.wordpress.com
upload.wikimedia.org
vignette.wikia.nocookie.net
vindy.media.clients.ellingtoncms.com
www.alintaenergy.com.au
www.beaumont.org
www.bgehome.com
www.billviola.com
www.biography.com
www.congress.gov
www.denvergov.org
www.electricireland.ie
www.epwater.org
www.ewa.bh
www.facebook.com
www.fpl.com
www.frontier-power.com
www.indiewire.com
www.lextracourt.com
www.maryfreebed.com
www.nspower.ca
www.puppetswhokill.com
www.romefloyd.com
www.secondcity.com
www.seton.net
www.statcounter.com
www.swedishamerican.org
www.telegraph.co.uk
www.unitypoint.org
www.uppclonline.com
www.wikihow.com
yt3.ggpht.com
www.epwater.org
104.111.215.41
104.111.246.35
104.154.113.180
104.16.173.252
104.20.2.47
104.20.3.47
107.22.175.16
125.19.181.9
13.32.141.62
13.32.223.103
13.32.223.191
13.32.223.208
13.32.223.242
13.32.223.98
13.89.33.83
142.52.192.119
142.67.0.107
143.95.82.3
151.101.0.238
151.101.0.239
151.101.1.111
151.101.1.164
151.101.1.171
151.101.1.184
151.101.120.124
151.101.120.70
151.101.122.110
151.101.66.98
163.172.77.104
169.133.239.100
18.209.117.161
192.0.66.2
192.0.72.2
192.0.72.22
192.0.72.26
192.0.72.28
192.0.72.3
192.0.72.30
198.134.112.242
2.16.186.187
2.18.232.243
205.185.216.10
208.91.60.7
212.48.103.60
217.114.50.151
23.45.104.47
2600:9000:200d:5200:e:ee51:2e00:21
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:30::681b:b4be
2606:4700:30::681b:b5be
2620:0:862:ed1a::2:b
2620:11a:e002:fa00::204
2620:12a:8000::1
2a00:1450:4001:817::200a
2a00:1450:4001:821::2001
2a01:488:42:1000:b24d:6d55:47:19ff
2a02:26f0:6c00:187::3134
2a02:26f0:6c00:18a::3279
2a02:26f0:6c00:28d::9f0
2a02:26f0:6c00:290::2599
2a02:26f0:6c00:291::2599
2a02:26f0:6c00:29c::7e5
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
34.253.162.206
35.196.229.234
35.227.48.111
35.229.125.222
45.55.148.86
52.73.136.182
64.28.110.200
66.96.146.129
87.198.212.168
94.31.29.64
0129b0a145af69d9793da3e4cf25b53d45873ebcf4d92fcdccf3db679e8d5479
01c3f32144253a15b453ae7657e3850f2d8bf0673a4d25b569e5279032fdbaed
049369cce0037f3d142a9cc751893fa44f95e856b06146f4ca4cf3bd187e6fbe
0abfc7d222103b96bf5ec5a170f8d1ed5bd7fd9b55856f9c8bd1b65d5b3ac0d6
10fdcff4410b36bf575b75e7338ee7e256e33435b17323d2bf027f36aadd5c9e
129dce55205dacc5c6401a723bdfa76ec55cadaccfe28d2f607baf0e6caeb076
15562275ba2812584d3299c7a47e41d9a2f3bb1ba79f42e45c5bc28ba5a1e78b
1bc056d460a145f7fc58639653e0a2e9d0a42c48b56ff0a40d80d02182bf4017
1c959f802a975a5cc3d726b58e6594a9e8846a7401a46700a7d1cab13b7a9bce
1d964907f9cb6ef9a2a7b1d73a015482fea5dd4c5d150300c23cbc2e3bfb1af2
1f80408480e6a5e931600d86e4147b62cfebd403331cf7da47a0602ee00624cc
2417e32ea48d492420c1bdb936c80c5ec8368a270780e24899dbb9f8fa026731
24298c8437ef90d55b82c0696356e9bff0fb1e6e254ac73e8cc100a8e8392b88
28ed1b23564b9f19820f37f89d73019a6631e0b3b374bc28c439c7fbd236296b
2a274b0e2026d6e840faf0debff59a1a05b933f6b8450e9b6430d5bd8ed687ce
2bc860ebfceb150ace314236e172a73275850f6e24c83921b6f0a19d37d24391
2d9744f060f774705ff6f07eb51180552a3838fc1b7690fd06749867ccb8f2bb
2e5da52a194f7151e492ddf5a89dc7aa55dab3868c527e3f6d371722153a93b2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a87c1b50dab6d1f42264d40d4107f4daa1daa49ef66528542c58c6927b8d08
31ca46f364230404ce45d1b4dd19c814a9df6f6f91114eb42b005ceb445be936
32cd4f9c6dc3b00adbe733f70367d393b6dcc537de05f7f16b6159e84bb59c39
36ae03d756acb12890dc5390d9eda60833700ab83fa1f5ec2701643b328fb713
36caa2207910aa0c5a3250760890f694c04334770fd0fa4f480d1a0338af45ee
3821bb6544ab295aec758d8513b1a4bc232e8f0e49cc100d99aabb01c08362e1
398eb21e4ffe466ea3ab5763067b5c6392f14a1589bfff7410a026284ce78acd
3b81c8199e2b4e7cbc142b26e2391d3c44a0c25dfa5a469cfaa37affab713136
3d9c3b5e8a5f8af9a89b85a7c03ebf7572d06f0f7e54a46d802d793a580e9ea8
4c7b2f7ee586a8975b0baa5eaf213672602a564abfdcb545a28b1752c21f1736
4d9fd875b7bb32024e932144941e1c21b5d57f2f42eaec9d44a3b8a0217e99eb
516e7c52742eae2b74894ffb1deb8f3706203c6d40450b6162203fed9c917379
5238daae8c47176251776c5096770303f88eb258fd7f7c5674124662c8de0a99
561c1d4be680a0516de86b06c0a5c7c70de56a3d040b3d457f65a87623c4cf91
56ffea27cab266b07058b2603f8b6b520e9ed5a87e642c867a3283c8eebd4ae0
58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1
596455a98e96f986f7d6c1ae0b85d23002ff1a0f2005e61acee74b2bba82fdd8
5b222f2393b5f9e530d3f76b3a1fe460033435153c12d617aa280a3a135b6d5f
5c8c9c3202bf1ca7c651e8d1e83519f0a33db57f03e691d1a77d2acfe4ad11af
5f5245bb0e30869cdc5cb8549f4c02181ffc2acfc721b608734a222b33f93fb0
6373f618bd6bbc3d9778d402b898dfab406c5983edb35cd0b775f1e9f6c52b92
64a716cb5bf0ac3ce22e72aa4de84396151d99237864729215d28f434f1acbe0
6a5bb606bf8e7184ea813dabfafe9d8bcaf59647c783d5769f898e4d29b97ae6
6bd3a1a6b6ee623aded1fe444df57f4835cc14546a3bac8177d1a0d227ca04dd
6cd06b3302423da14823d486dec9bb9bc48dc5e4be97e6af41465cf28e0ceab5
71af410ef64562fcb363064a53a7db0b3cfb2dd3909aea8d68866ed44ccec556
71efae851298ce9f4b2bf0e9902f6edef931b4ea762204a2190f46c7e8c724e6
7d51f6b70cb2068e2d5d0b81271dfa15d14b121a315407338df72808637a5d0c
7d944a9d9f9834aff7b01e9397934525c91284b9e34874b0d71225e395f66f65
80f8a2a0d59a89aeb31fb50158bdb94e68c2e748980be2c66490b51cba88707e
83560b95dc13a4ed3e4af0be060bd7890ffe3b738084afc8b5a906b6fe7c9cc6
84a038d80423afafb3917f9f4f6820dc314decd202d51f7ce15422517b280a9c
84f5c7eef33d5616cc7703263788ba24f603652d88c0d5e2f172884c1a1cacef
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8c92507fd875c728af7710552669c65ea368c9e6297efb1a33424a5a15f3cc6b
8d1d11aff3f67cf77f8c331e285e4f73a88449fef1eaccc94ae03e402309030a
8d72840b5c5c7247b1c96bbd9061687b71bbe89e1304d44b76575d42fffa6d1e
8dcf80cf068809abcfceef144efc01bc0b3b3467791943f85bf474678dbd0dab
9202ab46a9c2a42e878d3c129aef6e153ccd6e7feaaa6db03b4749c29cb381fd
934abc3e4e0cb67ca10eacf411c23e3390931b96f75ecff3bf1b6eedced1357a
97bc4ece4477cf14ea5778d70cb79fc33176aa41b421f2e8a2753a46f34c89f7
995f473e3e8139332cbaab9dfe65723f8641699960623f59ba5b62d01f8b089f
9a436d586fb86108521a5b1780770cf2fd6c20023cfb296ace49001c10b6e7bf
9e2599844103f78f2e87eff62138788496b8df8adf0d97edbd3a114ce7568e9f
9e38f2ab3d7bac4aa0a4b3e8afa9fdff695161d0e5ee1b4b707ab654603108f9
9f186c93d5df3f9f30313e9fcbce4d5e23b829dff44404a1c82c1134334ed03c
a1f254ed6860a0a57130173f1ff5a4f116f0540cdcc951e3fb8d9eb66f44d0f8
a2ca36ff3bf21b9f821d6154cded215060e14fe010bbb0217c1f68b8b8a524b9
a3b49e98889be1004099eff555109fcf0bf9391daee5c6bb92968d9816f51260
a42afc80d905c3483c062127fce1ce3b2f821deaa2f07d6a9ea0d80618003cfe
aadfc276ae47307eff94eb8e30b3e3e938b9a04c81f21a8150b702561725cd0b
aba4dfdccaf46bf7c13de879293b396730d18f46c4a68e056a9353e58e705181
abc681d7e7e14c74e1278edc6e2e49ae43ba7b61b7aea92201d19831d7c98c79
ac52611df3ebf1af24fcf6f4ae77762808ea642648091f87ec700a2b032cc6d4
ad82b1208914d1a1d7e74fed68d2ae9b743778ee7c4e23d0c28bd9f9295a7fb6
add3aa38392167d63e17486438dc633cdcdcd3b2aa81ab3bd56bd67e0ae5b08a
ae6741f59d8aa80a0e39f478a5aa83b9beda94e81fb59463fa61b486f0956352
aeb2798f40e776dcdfcfa8cb646548f0f02fb3400a92990af669fd5568dbecae
b22b079a2d5e0e5bfcdd2d6344f90965005b673d9c1a9e15c81808972b80436c
b27eb10d699fafd680520ebad690bd87b10fb642ef40f10df6ed05eb1b653165
b2a3239080787a8f3d82f6e40580db619db519d0f7cf1687b07fb3bb2fedc1f8
b322717a56a02839960fb670d2d051592111b47f15451bb8316fb5dc7f7be833
b4703ddb9c2a1e107c031ad46f9c89907ebb0dd90182cff326049fc458d3b50c
b545c94ef380f109b8d6d86b0318c88acad6395bd8c837f906fbd3018db4351b
b59bfb809dfc44aceed0b1fe787be1721237ea9b62c94423be1e2567965d4976
b8e6e87e2a7cd29b0c5ecd2f18a7d8328ec2c929a7eaadf25f8e8a223e7a22e1
bb622e07fec868bb077d1f73548ee14b4d59b129ed39c1dcfb21dc85495dfd06
bcde534cca8e81234c7cf63e2817da077987ccaff39c6e21e4030280d09f85b6
bd7061edde2f4d6602d436c400c3b981ac7a7687a80244ae5d69d25293944324
c562089f79dec69f1982b0a1fbc96624ac9b240654cd47eff046927e49ba6b29
c87515bdae2db0bdf63428bc7c66c38c980e304e6c93713d6e04e30e8726263a
ca9dbb5d4c7af875bd07f8458645306a7cacaa55bb4cdaa2f0427da8adf16e65
cc77f51cd35f283d58c7e66869853dec38eb65067578a49a04cb893490f1290b
cf9f015c3329f56cf2f3b48916fe89b7b890d5eaa3cc67cedd6e4be4d03db9b7
d217411d909b36cd148241531c3d815cbf9ab89f1fe2b6b6f8ebf2b7910d467a
d2e9b0f121e78be2f1826398bfa3dbcccea5ac3e79ad006526a1d39c054b0e6e
d5f783677aa8fc13f15f96800c461ded1585ccdb56deff1bd2d6c2c480aa62c7
d8e8d91c212062a60a2d9c528faa2792896a8fea5c9a050e0d987fac0dcf7dc1
dbdd8174ac6aa9947d0a9c0e19a7c3f227b68d55188cb22e63e4b74f46e78bae
e147abf74fb42f8ac19b4217b9c6439fcfe146839c8d6e9a7cd7253918f544b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6094cd45c3bea0e4ad1730b51a076ab74605ff560df3ad5d82bee7a23519eba
eb2cc1d3f8d438b1670b701d5251d9441e207ce6bd48ce0611b74a34c4365c76
ebaa631de7d14bc256ec4cfe77cb9ec39958c37b150311ddbd9f09a29d834788
f520532387b06661a59a605cc6729a3b100916dd84aba730742f6f395f72f31d
f69021694d0da996866b09076a39660c28b0f74925c167e4d900a155dd948b41