urlscan.io logo urlscan.io
SecurityTrails logo

dreamteammyfriend.com Open in urlscan Pro
178.62.214.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.papercraftsquare.com/
Effective URL: https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z
Submission: On June 18 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 20 domains to perform 62 HTTP transactions. The main IP is 178.62.214.139, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is dreamteammyfriend.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 8th 2019. Valid for: 3 months.
This is the only time dreamteammyfriend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 198.58.106.71 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
22 162.241.29.43 46606 (UNIFIEDLA...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.111.214.39 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 188.127.226.49 56694 (DHUB)
1 178.62.214.139 14061 (DIGITALOC...)
62 15
3    198.58.106.71 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li581-71.members.linode.com
www.papercraftsquare.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
22    162.241.29.43 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 162-241-29-43.unifiedlayer.com
d2.littleandbiggreenballlon.com
4    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2606:4700:30::681b:bd77 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
platform.bidgear.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a02:26f0:f1:29b::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
assets.pinterest.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
2    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
4    104.111.214.39 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-39.deploy.static.akamaitechnologies.com
contextual.media.net
1    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    188.127.226.49 (Russian Federation)

ASN56694 (DHUB, RU)
stat.adsrequestbest.com
1    178.62.214.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
dreamteammyfriend.com
Domain Requested by
22 d2.littleandbiggreenballlon.com www.papercraftsquare.com
4 contextual.media.net www.papercraftsquare.com
contextual.media.net
4 pagead2.googlesyndication.com www.papercraftsquare.com
pagead2.googlesyndication.com
3 www.papercraftsquare.com www.papercraftsquare.com
2 stat.adsrequestbest.com d2.littleandbiggreenballlon.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 platform.bidgear.com www.papercraftsquare.com
platform.bidgear.com
1 dreamteammyfriend.com stat.adsrequestbest.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 assets.pinterest.com www.papercraftsquare.com
1 ajax.googleapis.com www.papercraftsquare.com
1 fonts.googleapis.com www.papercraftsquare.com
0 route.carambo.la Failed www.papercraftsquare.com
0 lg3.media.net Failed www.papercraftsquare.com
0 rtb.adnemo.com Failed www.papercraftsquare.com
0 tags-cdn.deployads.com Failed www.papercraftsquare.com
0 tag.contextweb.com Failed www.papercraftsquare.com
0 resources.infolinks.com Failed www.papercraftsquare.com
0 pixel.watch Failed www.papercraftsquare.com
0 widgets.outbrain.com Failed www.papercraftsquare.com
62 22

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
d2.littleandbiggreenballlon.com
Let's Encrypt Authority X3		 2019-06-12 -
2019-09-10		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2019-06-05 -
2020-07-22		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
stat.adsrequestbest.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
10.dreamteammyfriend.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z
Frame ID: D854FE6FC5BB3F70FD98884AC5BCAF0D
Requests: 58 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js?cb=1
Frame ID: D962B7BAC00C5DAF24C91BA79BFE0DE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Frame ID: 783A9B2699629A01E8FE5608210E871E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1560865312&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1560865311987&bpp=65&bdt=588&fdt=424&idt=425&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2491474859290&frm=20&pv=2&ga_vid=1483409669.1560865312&ga_sid=1560865312&ga_hid=402152494&ga_fc=0&iag=0&icsg=34976&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063775%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.894lh2g3z7x9&fsb=1&dtd=630
Frame ID: 2C413DEFC950BE0A86FFCA6333A644E7
Requests: 1 HTTP requests in this frame

Frame: http://contextual.media.net/checksync.php?&gdpr=1&cs=2&cv=31&cid=8CUM3RPM8
Frame ID: B3FD582BBA91201A019AECD4C9854219
Requests: 1 HTTP requests in this frame

Frame: http://contextual.media.net/mediamain.html?&cid=8CUM3RPM8&cpcd=UW9qJ49PssoCMWkBRZ-oMg%3D%3D&crid=635231664&pid=8PO79Q75E&size=468x60&cpnet=yVb1sHm-0KIh29BOFTjjrJaKoj4LkuYz750ZQkgm8tg%3D&cme=1ZdVJFdZuxl81_G7-CcgcSVyOp5v5dVRXKswMPjg8JxGP5qcGYf-uICXqJBm29-Mk4x3pW-tgGrgKVpTKucTIdGk7dSXFaq06NBbkdE4A7riI7NoumZLaWqww0sA_nn5XblGWrtYo6eLmGxUVysi1g%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CFcl4VLL-IaLcyqaZt5hFnwP7z1orl85m1gA95vP0teP1Tayv2xya3w%3D%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&vi=1560865312497035247&lw=1&ugd=4&ib=0&katid=801333013&katbid=-21&nb=1
Frame ID: E58E6F545AD08567133A964EB7AB1AA0
Requests: 1 HTTP requests in this frame

Frame: http://platform.bidgear.com/ga.html?v=1.0.5&domain=http%3A%2F%2Fpapercraftsquare.com&size=300x250&source=bg_&type=default&zoneid=625
Frame ID: AFDB7DC4DC5744406CBF71B8F6371E2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.papercraftsquare.com/ Page URL
  2. https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

62
Requests

48 %
HTTPS

64 %
IPv6

20
Domains

22
Subdomains

15
IPs

5
Countries

630 kB
Transfer

1365 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.papercraftsquare.com/ Page URL
  2. https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • http://assets.pinterest.com/js/pinit.js HTTP 307
  • https://assets.pinterest.com/js/pinit.js

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.papercraftsquare.com/ 		83 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Server
198.58.106.71 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li581-71.members.linode.com
Software
nginx / PHP/5.6.36
Resource Hash
db5b1bac81d6769aeb526fe2008f4acf7ffe29370af18dcafba988570d218a4a

Request headers

Host
www.papercraftsquare.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 18 Jun 2019 13:42:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.36
X-Pingback
http://d2.littleandbiggreenballlon.com/java.js?t=3&/xmlrpc.php
Content-Encoding
gzip
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C700%2C400%7COpen+Sans%3A400italic%2C600italic%2C700italic%2C400%2C700%2C600&ver=2015.2
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0355342034ae53638ef2cd0808a49a08099c1e37c1a2166e23dd24abbddd79a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jun 2019 13:41:51 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 13:41:51 GMT
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/themes/pcs/style_css&ver=1.7.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
76a465a1217aebeb341802d24b4e9005d19a784dfb10cf89a913054bfaee155e

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		90 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
08504fb25edb5a201c1750e94237d614c9c222ca053f9fc9be68b27be971de17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
12654709562094301949
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
34051
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 13:41:51 GMT
outbrain.js
widgets.outbrain.com/ 		0
0
logo_normal.png
www.papercraftsquare.com/wp-content/themes/pcs/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.papercraftsquare.com/wp-content/themes/pcs/images/logo_normal.png
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
198.58.106.71 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li581-71.members.linode.com
Software
nginx /
Resource Hash
f9dff79dc7c136950281d6961b38d84b30f11f602b24e4ea199fe9bcf534397d

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:42:37 GMT
Last-Modified
Mon, 15 Jun 2015 15:09:32 GMT
Server
nginx
ETag
"557eeaac-dba"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3514
Expires
Thu, 18 Jul 2019 13:42:37 GMT
logo_normal_mobile.png
www.papercraftsquare.com/wp-content/themes/pcs/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.papercraftsquare.com/wp-content/themes/pcs/images/logo_normal_mobile.png
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
198.58.106.71 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li581-71.members.linode.com
Software
nginx /
Resource Hash
df460670e6232d13865a3957c363ac7ceed36e809d3181de4539110d41cfd0cc

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:42:37 GMT
Last-Modified
Mon, 15 Jun 2015 15:09:32 GMT
Server
nginx
ETag
"557eeaac-c37"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3127
Expires
Thu, 18 Jul 2019 13:42:37 GMT
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Lego-Batman-Paper-Toy-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/02/Pokemon-Volcanion-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/02/Pokemon-Alolan-Persian-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/02/Pokemon-Golem-V3-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/02/Pokemon-Meloetta-Aria-Forme-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2016/08/Advanced-Paper-Aircraft-Origami-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2016/07/Step-by-step-Origami-Dragon-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2016/07/Step-by-step-Simple-Origami-Unicorn-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2016/07/Step-by-step-Simple-Origami-Pliosaur-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2016/07/Step-by-step-Origami-Sea-Turtle-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Zoo-Tycoon-Green-Sea-Turtle-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Zoo-Tycoon-Orca-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Giraffe-Robot-Paper-Model-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Simple-OmniBus-Paper-Toy-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Undecided-SmartPhone-Paper-Toy-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Star-Wars-Moisture-Evaporator-Papercraft-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Buddha-at-Borobudur-Temple-Paper-Model-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Simple-Arena-Corinthians-Stadium-Building-Paper-Model-180x135.jpg
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:54 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		0
0
java.js
d2.littleandbiggreenballlon.com/ 		0
0
nmlz
pixel.watch/ 		0
0
ads.php
platform.bidgear.com/ 		512 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.bidgear.com/ads.php?domainid=293&sizeid=2&zoneid=625&k=5812ba70e5467
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:bd77 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c2e928f7719db6577e9114a81f88255bda67895556807857d0d56086284c58

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jun 2019 13:41:51 GMT
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
CF-RAY
4e8daee4dd62c2a9-FRA
Expires
Thu, 31 Dec 2037 23:55:55 GMT
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-includes/js/wp-emoji-release.min.js?ver=4.2.4
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
76a465a1217aebeb341802d24b4e9005d19a784dfb10cf89a913054bfaee155e

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		0
0
java.js
d2.littleandbiggreenballlon.com/ 		0
0
java.js
d2.littleandbiggreenballlon.com/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?ver=1.11.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 12:19:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1473746
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33434
X-XSS-Protection
0
Expires
Sun, 31 May 2020 12:19:25 GMT
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/themes/pcs/js/tagdiv_theme_min_js&ver=1.7.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
76a465a1217aebeb341802d24b4e9005d19a784dfb10cf89a913054bfaee155e

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
java.js
d2.littleandbiggreenballlon.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/themes/pcs/includes/js_files/td_smooth_scroll_js&ver=1.7.1
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
162.241.29.43 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
162-241-29-43.unifiedlayer.com
Software
nginx / PHP/5.6.40
Resource Hash
76a465a1217aebeb341802d24b4e9005d19a784dfb10cf89a913054bfaee155e

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
pinit.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit.js
  • https://assets.pinterest.com/js/pinit.js
355 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29b::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"8dd5359092b2e6296dc231b56e768864"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=201
accept-ranges
bytes
content-length
181

Redirect headers

Location
https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason
HSTS
infolinks_main.js
resources.infolinks.com/js/ 		0
0
getjs.aspx
tag.contextweb.com/TagPublish/ 		0
0
papercraftsquare.com.js
tags-cdn.deployads.com/a/ 		0
0
adnemo.js
rtb.adnemo.com/sys/ 		0
0
j.style.js
d2.littleandbiggreenballlon.com/ 		0
0
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.papercraftsquare.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.papercraftsquare.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ 		211 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js?cb=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
79882
x-xss-protection
0
server
cafe
etag
7860360361704898373
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jun 2019 13:41:51 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ Frame D962 		211 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js?cb=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
79882
x-xss-protection
0
server
cafe
etag
7860360361704898373
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jun 2019 13:41:52 GMT
ca-pub-8793127887856579.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		68 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8793127887856579.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 08:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
age
19492
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
88
x-xss-protection
0
expires
Tue, 18 Jun 2019 20:17:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/ Frame 783A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190612/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.papercraftsquare.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 14 Jun 2019 03:59:46 GMT
expires
Fri, 28 Jun 2019 03:59:46 GMT
content-type
text/html; charset=UTF-8
etag
9107516332936589630
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7041
x-xss-protection
0
cache-control
public, max-age=1209600
age
380526
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
nmedianet.js
contextual.media.net/ 		128 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/nmedianet.js?cid=8CUM3RPM8
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Security
, ,
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
484283a702cc44f1c37801fb6ecfb158a75ad2446f6fd695315c15a5c45f7af8

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 18 Jun 2019 13:41:52 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-MNET-H
8-20
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Transfer-Encoding
chunked
X-MN-W
8-12
Connection
keep-alive, Transfer-Encoding
Expires
Tue, 18 Jun 2019 13:41:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2C41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1560865312&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1560865311987&bpp=65&bdt=588&fdt=424&idt=425&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2491474859290&frm=20&pv=2&ga_vid=1483409669.1560865312&ga_sid=1560865312&ga_hid=402152494&ga_fc=0&iag=0&icsg=34976&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063775%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.894lh2g3z7x9&fsb=1&dtd=630
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8793127887856579&output=html&adk=1812271804&adf=3025194257&lmt=1560865312&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.papercraftsquare.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1560865311987&bpp=65&bdt=588&fdt=424&idt=425&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2491474859290&frm=20&pv=2&ga_vid=1483409669.1560865312&ga_sid=1560865312&ga_hid=402152494&ga_fc=0&iag=0&icsg=34976&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063775%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=0.894lh2g3z7x9&fsb=1&dtd=630
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.papercraftsquare.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jun 2019 13:41:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 13:56:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 18 Jun 2019 13:41:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js?cb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1560769997427486"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28399
x-xss-protection
0
expires
Tue, 18 Jun 2019 13:41:52 GMT
KC8xK2
stat.adsrequestbest.com/ 		496 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.adsrequestbest.com/KC8xK2?frm=script&_cid=b3c2583c-1075-54e5-b8a6-775ce265b129
Requested by
Host: d2.littleandbiggreenballlon.com
URL: http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-includes/js/wp-emoji-release.min.js?ver=4.2.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.127.226.49 , Russian Federation, ASN56694 (DHUB, RU),
Reverse DNS
Software
nginx / PHP/7.2.17
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jun 2019 13:37:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Jun 2019 13:37:01 GMT
Server
nginx
X-Powered-By
PHP/7.2.17
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
0
fcmdynet.js
contextual.media.net/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CUM3RPM8&cpcd=UW9qJ49PssoCMWkBRZ-oMg%3D%3D&crid=635231664&size=468x60&cc=DE&vif=1&requrl=http%3A%2F%2Fwww.papercraftsquare.com%2F&nse=3&vi=1560865312497035247&lw=1&ugd=4&re=1
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/nmedianet.js?cid=8CUM3RPM8
Protocol
HTTP/1.1
Security
, ,
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49de1036e064702f4a637960ae043e6b5edb70b06fd7ca61b90c2532d39a8c82

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=300
X-MN-W
12-9
Connection
keep-alive
Content-Length
12363
X-MNET-HL2
8-20
Expires
Tue, 18 Jun 2019 13:46:53 GMT
bping.php
lg3.media.net/ 		0
0
Cookie set checksync.php
contextual.media.net/ Frame B3FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/checksync.php?&gdpr=1&cs=2&cv=31&cid=8CUM3RPM8
Requested by
Host: www.papercraftsquare.com
URL: http://www.papercraftsquare.com/
Protocol
HTTP/1.1
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
contextual.media.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.papercraftsquare.com/
Accept-Encoding
gzip, deflate
Cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.papercraftsquare.com/

Response headers

Server
Apache
Content-Type
text/html; charset=UTF-8
Set-Cookie
gdpr_status=1; Expires=Fri, 20 Dec 2019 13:41:53 GMT; domain=.media.net; Path=/;
X-MNET-HL2
E
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=604800
Expires
Tue, 25 Jun 2019 13:41:53 GMT
Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Length
4156
Connection
keep-alive
nrrV6122.js
contextual.media.net/__media__/js/util/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://contextual.media.net/__media__/js/util/nrrV6122.js
Requested by
Host: contextual.media.net
URL: http://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CUM3RPM8&cpcd=UW9qJ49PssoCMWkBRZ-oMg%3D%3D&crid=635231664&size=468x60&cc=DE&vif=1&requrl=http%3A%2F%2Fwww.papercraftsquare.com%2F&nse=3&vi=1560865312497035247&lw=1&ugd=4&re=1
Protocol
HTTP/1.1
Security
, ,
Server
104.111.214.39 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-39.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbe018eba09f8ba6649cde77090213072bfdf207011d43949246e686b3273337

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
max-age=2592000
Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
X-MNET-H
8-11
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1209600
Connection
keep-alive
Content-Length
20939
Expires
Tue, 02 Jul 2019 13:41:53 GMT
mediamain.html
contextual.media.net/ Frame E58E 		0
0
getlayer
route.carambo.la/inimage/ 		0
0
Cookie set ga.html
platform.bidgear.com/ Frame AFDB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://platform.bidgear.com/ga.html?v=1.0.5&domain=http%3A%2F%2Fpapercraftsquare.com&size=300x250&source=bg_&type=default&zoneid=625
Requested by
Host: platform.bidgear.com
URL: http://platform.bidgear.com/ads.php?domainid=293&sizeid=2&zoneid=625&k=5812ba70e5467
Protocol
HTTP/1.1
Server
2606:4700:30::681b:bd77 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
platform.bidgear.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.papercraftsquare.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.papercraftsquare.com/

Response headers

Date
Tue, 18 Jun 2019 13:41:53 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d471d75643256f0f2c5cc8f23045260ea1560865313; expires=Wed, 17-Jun-20 13:41:53 GMT; path=/; domain=.bidgear.com; HttpOnly
Last-Modified
Wed, 10 Apr 2019 03:26:20 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Server
cloudflare
CF-RAY
4e8daef2fd51c2a9-FRA
Content-Encoding
gzip
KC8xK2
stat.adsrequestbest.com/ 		496 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.adsrequestbest.com/KC8xK2?frm=script
Requested by
Host: d2.littleandbiggreenballlon.com
URL: http://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-includes/js/wp-emoji-release.min.js?ver=4.2.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.127.226.49 , Russian Federation, ASN56694 (DHUB, RU),
Reverse DNS
Software
nginx / PHP/7.2.17
Resource Hash
2277e29392e48938667e35f2461704209c8817f6fc88a5358cc96e616bc59de0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.papercraftsquare.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 18 Jun 2019 13:37:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Jun 2019 13:37:01 GMT
Server
nginx
X-Powered-By
PHP/7.2.17
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
0
/
dreamteammyfriend.com/ 		0
0
Primary Request /
dreamteammyfriend.com/ 		41 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z
Requested by
Host: stat.adsrequestbest.com
URL: https://stat.adsrequestbest.com/KC8xK2?frm=script&_cid=b3c2583c-1075-54e5-b8a6-775ce265b129
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.214.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d82f8409e92f5f97913563826b136eb5eed88783c9e93c5d55834355af08d37f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
dreamteammyfriend.com
:scheme
https
:path
/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.papercraftsquare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.papercraftsquare.com/

Response headers

status
200
server
nginx
date
Tue, 18 Jun 2019 13:41:54 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=a9077078-ba31-4e9c-a8d3-4c6cb488fe6d; expires=Thu, 18-Jul-2019 13:41:54 GMT; Max-Age=2592000; path=/; domain=dreamteammyfriend.com
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-encoding
gzip
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44088b86a3a263b4565ad217e0464af6f93e9e21fb2dff876aaa5c1e7e3143e3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb17fbadc557564198499f31927eae3c14beb19d4fb5bcf407f767dbc6bd312

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widgets.outbrain.com
URL
http://widgets.outbrain.com/outbrain.js
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Harry-Potter-and-the-Prisoner-of-Azkaban-Gold-Chest-Papercraft-180x135.jpg
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Ancient-Roman-Villa-Building-Paper-Model-180x135.jpg
Domain
pixel.watch
URL
http://pixel.watch/nmlz
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Zoo-Tycoon-Green-Sea-Turtle-Papercraft-100x75.jpg
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Zoo-Tycoon-Orca-Papercraft-100x75.jpg
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/java.js?t=3&/wp-content/uploads/2017/03/Giraffe-Robot-Paper-Model-100x75.jpg
Domain
resources.infolinks.com
URL
http://resources.infolinks.com/js/infolinks_main.js
Domain
tag.contextweb.com
URL
http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=556092&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=162623
Domain
tags-cdn.deployads.com
URL
http://tags-cdn.deployads.com/a/papercraftsquare.com.js
Domain
rtb.adnemo.com
URL
http://rtb.adnemo.com/sys/adnemo.js?pzoneid=361&dmid=71&height=250&width=300&tld=http://papercraftsquare.com&cb=196419834
Domain
d2.littleandbiggreenballlon.com
URL
https://d2.littleandbiggreenballlon.com/j.style.js?s=scr&
Domain
lg3.media.net
URL
http://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CUM3RPM8&crid=635231664&vi=1560865312497035247&ugd=4&lf=6&requrl=http%3A%2F%2Fwww.papercraftsquare.com%2F&cc=DE&sc=HE&lper=100&wsip=2886781043&r=1560865313007&vgd_sbSup=1&vgd_isAmp=0&vgd_asn=61317&vgd_nvLogging=0&hvsid=00001560865312993031133045766664
Domain
contextual.media.net
URL
http://contextual.media.net/mediamain.html?&cid=8CUM3RPM8&cpcd=UW9qJ49PssoCMWkBRZ-oMg%3D%3D&crid=635231664&pid=8PO79Q75E&size=468x60&cpnet=yVb1sHm-0KIh29BOFTjjrJaKoj4LkuYz750ZQkgm8tg%3D&cme=1ZdVJFdZuxl81_G7-CcgcSVyOp5v5dVRXKswMPjg8JxGP5qcGYf-uICXqJBm29-Mk4x3pW-tgGrgKVpTKucTIdGk7dSXFaq06NBbkdE4A7riI7NoumZLaWqww0sA_nn5XblGWrtYo6eLmGxUVysi1g%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CFcl4VLL-IaLcyqaZt5hFnwP7z1orl85m1gA95vP0teP1Tayv2xya3w%3D%3D%7CsRBSg3CPSiQ%3D%7C&cc=DE&bf=0&vif=1&nse=3&vi=1560865312497035247&lw=1&ugd=4&ib=0&katid=801333013&katbid=-21&nb=1
Domain
route.carambo.la
URL
http://route.carambo.la/inimage/getlayer?pid=fdng65&did=110773
Domain
dreamteammyfriend.com
URL
https://dreamteammyfriend.com/?p=mmzdkyrxme5gi3bpge4dg&sub1=Ynter&sub2=newway.v2&z=z

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| guardEnabled boolean| isChrome function| text function| textr function| urlB64ToUint8Array function| disableHistory function| disableIncognito function| denied function| Subscribe function| CheckSubscription

1 Cookies

Domain/Path Name / Value
.dreamteammyfriend.com/ Name: uuid
Value: a9077078-ba31-4e9c-a8d3-4c6cb488fe6d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.pinterest.com
contextual.media.net
d2.littleandbiggreenballlon.com
dreamteammyfriend.com
fonts.googleapis.com
googleads.g.doubleclick.net
lg3.media.net
pagead2.googlesyndication.com
pixel.watch
platform.bidgear.com
resources.infolinks.com
route.carambo.la
rtb.adnemo.com
stat.adsrequestbest.com
tag.contextweb.com
tags-cdn.deployads.com
widgets.outbrain.com
www.googletagservices.com
www.papercraftsquare.com
contextual.media.net
d2.littleandbiggreenballlon.com
dreamteammyfriend.com
lg3.media.net
pixel.watch
resources.infolinks.com
route.carambo.la
rtb.adnemo.com
tag.contextweb.com
tags-cdn.deployads.com
widgets.outbrain.com
104.111.214.39
162.241.29.43
178.62.214.139
188.127.226.49
198.58.106.71
2606:4700:30::681b:bd77
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:816::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2002
2a02:26f0:f1:29b::1931
0355342034ae53638ef2cd0808a49a08099c1e37c1a2166e23dd24abbddd79a5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08504fb25edb5a201c1750e94237d614c9c222ca053f9fc9be68b27be971de17
18c2e928f7719db6577e9114a81f88255bda67895556807857d0d56086284c58
2277e29392e48938667e35f2461704209c8817f6fc88a5358cc96e616bc59de0
2cb17fbadc557564198499f31927eae3c14beb19d4fb5bcf407f767dbc6bd312
31cf7e28d0a95e6f680dfdb9ef70f9d7cbda866cb3c6385c4ed5b8238ff78687
44088b86a3a263b4565ad217e0464af6f93e9e21fb2dff876aaa5c1e7e3143e3
484283a702cc44f1c37801fb6ecfb158a75ad2446f6fd695315c15a5c45f7af8
49de1036e064702f4a637960ae043e6b5edb70b06fd7ca61b90c2532d39a8c82
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
76a465a1217aebeb341802d24b4e9005d19a784dfb10cf89a913054bfaee155e
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
d82f8409e92f5f97913563826b136eb5eed88783c9e93c5d55834355af08d37f
db5b1bac81d6769aeb526fe2008f4acf7ffe29370af18dcafba988570d218a4a
dbe018eba09f8ba6649cde77090213072bfdf207011d43949246e686b3273337
df460670e6232d13865a3957c363ac7ceed36e809d3181de4539110d41cfd0cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9dff79dc7c136950281d6961b38d84b30f11f602b24e4ea199fe9bcf534397d