amzauthorityzone.com Open in urlscan Pro
54.173.90.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://warriorplus.com/o2/a/j1njk/0
Effective URL:
http://amzauthorityzone.com/secretsantasystem
Submission: On September 07 via automatic, source phishtank (September 7th 2018, 11:31:04 pm UTC)

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 22 domains to perform 56 HTTP transactions. The main IP is 54.173.90.219, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is amzauthorityzone.com.

This is the only time amzauthorityzone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.25.150.118 104.25.150.118	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2400:cb00:204... 2400:cb00:2048:1::6810:cea5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.173.90.219 54.173.90.219	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.132.65 151.101.132.65	54113 (FASTLY) (FASTLY - Fastly)
4	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3 4	54.228.234.5 54.228.234.5	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:86:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
6 10	34.246.133.158 34.246.133.158	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	18.153.11.33 18.153.11.33	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	37.252.172.40 37.252.172.40	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 3	176.34.118.81 176.34.118.81	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
4 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3 3	37.252.172.27 37.252.172.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 14	54.230.93.157 54.230.93.157	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	54.165.199.35 54.165.199.35	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	52.86.191.1 52.86.191.1	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
56	23

4 104.25.150.118 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

warriorplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6810:cea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.90.219 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-90-219.compute-1.amazonaws.com

amzauthorityzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.132.65 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.234.5 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-234-5.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.246.133.158 (United States) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-133-158.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.33 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-33.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.40 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.34.118.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-118-81.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.241.240.143 (New York, United States) 2 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.27 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 153.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.230.93.157 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-93-157.fra2.r.cloudfront.net

uf.fusionhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.199.35 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-199-35.compute-1.amazonaws.com

fusionhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.86.191.1 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-191-1.compute-1.amazonaws.com

www.fusionhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	fusionhq.com 4 redirects uf.fusionhq.com fusionhq.com www.fusionhq.com	8 MB
10	prfct.co 6 redirects pixel-geo.prfct.co pixel.prfct.co Failed	5 KB
9	adroll.com 5 redirects s.adroll.com d.adroll.com	16 KB
5	youtube.com www.youtube.com
5	doubleclick.net 5 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
4	openx.net 2 redirects us-u.openx.net	1 KB
4	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	3 KB
4	google-analytics.com www.google-analytics.com	16 KB
4	warriorplus.com 1 redirects warriorplus.com	36 KB
3	facebook.com www.facebook.com	594 B
3	facebook.net connect.facebook.net	47 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	onesignal.com cdn.onesignal.com onesignal.com	68 KB
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	yahoo.com ads.yahoo.com	1 KB
1	twitter.com analytics.twitter.com	294 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	188 B
1	marinsm.com tag.marinsm.com	4 KB
1	amzauthorityzone.com amzauthorityzone.com	21 KB
1	googletagmanager.com www.googletagmanager.com	23 KB
0	pippio.com Failed pippio.com Failed
56	22

	Domain	Requested by
14	uf.fusionhq.com	2 redirects amzauthorityzone.com
10	pixel-geo.prfct.co	6 redirects
7	d.adroll.com	5 redirects s.adroll.com
5	www.youtube.com	amzauthorityzone.com
4	cm.g.doubleclick.net	4 redirects
4	us-u.openx.net	2 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	warriorplus.com	1 redirects amzauthorityzone.com
3	www.fusionhq.com	amzauthorityzone.com
3	secure.adnxs.com	3 redirects
3	www.facebook.com
3	connect.facebook.net	warriorplus.com connect.facebook.net
2	fusionhq.com	2 redirects
2	x.bidswitch.net	1 redirects
2	s.adroll.com	www.googletagmanager.com
1	pixel.rubiconproject.com
1	ads.yahoo.com
1	analytics.twitter.com
1	ib.adnxs.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	onesignal.com	cdn.onesignal.com
1	tag.marinsm.com	www.googletagmanager.com
1	amzauthorityzone.com	warriorplus.com
1	www.googletagmanager.com	warriorplus.com
1	cdn.onesignal.com	warriorplus.com
0	pixel.prfct.co Failed
0	pippio.com Failed
56	29

This site contains links to these domains. Also see Links.

Domain
warriorplus.com
www.fusionhq.com

Subject Issuer	Validity	Valid
ssl375556.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-22` - `2019-02-28`	6 months	crt.sh
ssl473492.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-14` - `2019-02-20`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-12-19` - `2018-12-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2016-09-09` - `2019-09-26`	3 years	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-07-19` - `2019-08-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-07-05` - `2019-01-10`	6 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.fusionhq.com Amazon	`2018-08-14` - `2019-09-14`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://amzauthorityzone.com/secretsantasystem
Frame ID: DBDD9F368BC5ED908156C0E7B7258613
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NPCDzdFM_FM?rel=0&autoplay=1
Frame ID: 39A437E57F6B567B536F1378436E3B97
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6W7tU7Bu03g
Frame ID: DFD708209BE4B39F939EFE0FA696656B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Wc3sEXAipR0
Frame ID: 361063235082CBBD821BF99CDD0EF1FE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8_Ss5D1FllY
Frame ID: 02C8F6EDEBFE7C8A8185C9A31B1F6B4E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/tUupUytt57U
Frame ID: 0C809E46238A35A441096C4BFDA68F37
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://warriorplus.com/o2/a/j1njk/0 Page URL
https://warriorplus.com/o2/a/j1njk/0?nonce=d56ba9c91d1855001ef6f0440ba8c4984c6551c7 HTTP 302
https://warriorplus.com/o/view/x9bcyt/affc_j1njk Page URL
http://amzauthorityzone.com/secretsantasystem Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i
env /^moment$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

56
Requests

77 %
HTTPS

37 %
IPv6

22
Domains

29
Subdomains

23
IPs

4
Countries

8403 kB
Transfer

8977 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://warriorplus.com/o2/buy/jmqlvd/x9bcyt/scc2vn

Search URL Search Domain Scan URL

URL: http://www.fusionhq.com/?i=CTGpMkPU
Title: FusionHQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://warriorplus.com/o2/a/j1njk/0 Page URL
https://warriorplus.com/o2/a/j1njk/0?nonce=d56ba9c91d1855001ef6f0440ba8c4984c6551c7 HTTP 302
https://warriorplus.com/o/view/x9bcyt/affc_j1njk Page URL
http://amzauthorityzone.com/secretsantasystem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://warriorplus.com/o2/a/j1njk/0?nonce=d56ba9c91d1855001ef6f0440ba8c4984c6551c7 HTTP 302
https://warriorplus.com/o/view/x9bcyt/affc_j1njk

Request Chain 13

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&gjid=201235370&_gid=1862600.1536363055&_u=aGBAgAAr~&z=60133021 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021&slf_rd=1&random=2494872946

Request Chain 16

https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?pv=35558053567.54458&cookie=&adroll_s_ref=https%3A//warriorplus.com/o2/a/j1njk/0&keyw=&arrfrr=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fx9bcyt%2Faffc_j1njk HTTP 302
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js

Request Chain 17

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

Request Chain 19

https://d.adroll.com/cm/b/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE

Request Chain 20

https://d.adroll.com/cm/x/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE%27)

Request Chain 21

https://d.adroll.com/cm/l/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=84e38696785635a1988535beb3088bf1 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjEQABoNCK-UzNwFEgUI6AcQAA HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIr5TM3AUSBAgCEAA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIr5TM3AUSBAgCEAA&google_gid=CAESENIVuFx6eWn9X5AQC1Dw9QA&google_cver=1

Request Chain 22

https://d.adroll.com/cm/o/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=84e38696785635a1988535beb3088bf1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=84e38696785635a1988535beb3088bf1

Request Chain 23

https://d.adroll.com/cm/g/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=hOOGlnhWNaGYhTW-swiL8Q&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=hOOGlnhWNaGYhTW-swiL8Q&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

Request Chain 24

https://pixel-geo.prfct.co/cs/?partnerId=mrin HTTP 302
https://cs.marinsm.com/mrin HTTP 302
https://pixel.prfct.co/cb?partnerId=mrin

Request Chain 25

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PXUPzGuANKPoUIEyP

Request Chain 26

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_PXUPzGuANKPoUIEyP%26sigv%3D1%26esig%3D2%7Ea14f8f64d8c1a8d4eca6a9841fa2173f711c004b

Request Chain 27

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PXUPzGuANKPoUIEyP HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_PXUPzGuANKPoUIEyP

Request Chain 28

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PXUPzGuANKPoUIEyP

Request Chain 29

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUFhVUHpHdUFOS1BvVUlFeVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUFhVUHpHdUFOS1BvVUlFeVA&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 31

https://secure.adnxs.com/seg?t=2&add=1083254 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254 HTTP 302
https://secure.adnxs.com/seg?add=695885&t=2 HTTP 302
https://pixel-geo.prfct.co/seg/?add=695885

Request Chain 34

http://uf.fusionhq.com/cssparse/0/system_templates/fixed.css?ts=1447256555 HTTP 302
http://fusionhq.com/cssparse/0/system_templates/fixed.css HTTP 302
http://www.fusionhq.com/cssparse/0/system_templates/fixed.css

Request Chain 43

http://uf.fusionhq.com/cssparse/22955/css/memsite.css?ts=1422146517 HTTP 302
http://fusionhq.com/cssparse/22955/css/memsite.css HTTP 302
http://www.fusionhq.com/cssparse/22955/css/memsite.css

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 0 Show response
warriorplus.com/o2/a/j1njk/ 15 KB
7 KB 937ms
906ms Document
text/html 104.25.150.118
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://warriorplus.com/o2/a/j1njk/0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.25.150.118 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1

Resource Hash

9adf2d04b1a1ae901a059db6475c4dd9a30ba1e22d6efa1809c6c78108b94eb1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: warriorplus.com
:scheme: https
:path: /o2/a/j1njk/0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613

Response headers

status: 200
date: Fri, 07 Sep 2018 23:30:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da82b4bf0dd99a67cab80880b509f14741536363052; expires=Sat, 07-Sep-19 23:30:52 GMT; path=/; domain=.warriorplus.com; HttpOnly warriorplus=4ilc958tmj1j4b6mbbi2v5p863; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnfsm7p27cw807pt; expires=Sat, 07-Sep-2019 23:30:53 GMT; Max-Age=31536000; path=/ wpg=gnfsm7p27cw807pt; expires=Sat, 07-Sep-2019 23:30:53 GMT; Max-Age=31536000; path=/
x-powered-by: PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
x-frame-options: DENY
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 456cf7359a63bf16-FRA
content-encoding: gzip

GET
H2

200

affc_j1njk Show response
warriorplus.com/o/view/x9bcyt/
Redirect Chain

https://warriorplus.com/o2/a/j1njk/0?nonce=d56ba9c91d1855001ef6f0440ba8c4984c6551c7
https://warriorplus.com/o/view/x9bcyt/affc_j1njk

18 KB
7 KB

824ms
824ms

Document
text/html

104.25.150.118
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.150.118 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
Resource Hash: 3d2ecfdc02421ba5f62ad7aa09a548b0d8c11972c24031556d6492fa1362927a

Request headers

:method: GET
:authority: warriorplus.com
:scheme: https
:path: /o/view/x9bcyt/affc_j1njk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://warriorplus.com/o2/a/j1njk/0
accept-encoding: gzip, deflate
cookie: __cfduid=da82b4bf0dd99a67cab80880b509f14741536363052; warriorplus=4ilc958tmj1j4b6mbbi2v5p863; wpg=gnfsm7p27cw807pt; affo_x9bcyt=148848318; affo2_63289=148848318
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: https://warriorplus.com/o2/a/j1njk/0

Response headers

status: 200
date: Fri, 07 Sep 2018 23:30:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnfsm7p27cw807pt; expires=Sat, 07-Sep-2019 23:30:54 GMT; Max-Age=31536000; path=/ wpg=gnfsm7p27cw807pt; expires=Sat, 07-Sep-2019 23:30:54 GMT; Max-Age=31536000; path=/
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 456cf7407a7dbf16-FRA
content-encoding: gzip

Redirect headers

status: 302
date: Fri, 07 Sep 2018 23:30:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
x-frame-options: DENY
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnfsm7p27cw807pt; expires=Sat, 07-Sep-2019 23:30:54 GMT; Max-Age=31536000; path=/ affo_x9bcyt=148848318; expires=Sun, 07-Oct-2018 23:30:54 GMT; Max-Age=2592000; path=/ affo2_63289=148848318; expires=Sun, 07-Oct-2018 23:30:54 GMT; Max-Age=2592000; path=/
location: /o/view/x9bcyt/affc_j1njk
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 456cf73b5ec6bf16-FRA

GET
S 200 OneSignalSDK.js
cdn.onesignal.com/sdks/ 332 KB
67 KB 14ms
14ms Script
application/javascript 2400:cb00:2048:1::6810:cea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Sep 2018 20:24:57 GMT
server: cloudflare
etag: W/"5b92de99-53189"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 456cf745ac3964b7-FRA
expires: Mon, 10 Sep 2018 23:30:54 GMT

GET
S 200 gtm.js
www.googletagmanager.com/ 65 KB
23 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o/view/x9bcyt/affc_j1njk

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:54 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23023
x-xss-protection: 1; mode=block
expires: Fri, 07 Sep 2018 23:30:54 GMT

GET
H/1.1 200
OK Primary Request Cookie set secretsantasystem Show response
amzauthorityzone.com/ 21 KB
21 KB 1115ms
888ms Document
text/html 54.173.90.219
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://amzauthorityzone.com/secretsantasystem
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
Protocol: HTTP/1.1
Server: 54.173.90.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-90-219.compute-1.amazonaws.com
Software: Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 / PHP/5.6.30
Resource Hash: 5dbe71facfdf5aa35dd81d9d08e9117c90d503bcfc427ef243e15f1df485df9a

Request headers

Host: amzauthorityzone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613

Response headers

Date: Fri, 07 Sep 2018 23:30:51 GMT
Server: Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
X-Powered-By: PHP/5.6.30
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=88134efe22e6ffb55f2355311f34db30; path=/ SESSION_ID=88134efe22e6ffb55f2355311f34db30%7C65a2a989; expires=Sat, 07-Sep-2019 23:30:52 GMT; Max-Age=31536000; path=/ node_last=3509587; expires=Sat, 07-Sep-2019 23:30:52 GMT; Max-Age=31536000; path=/
Content-Length: 21281
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK roundtrip.js
s.adroll.com/j/ 30 KB
10 KB 22ms
6ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: NARSSlRze40X5EEw9pXKl4aNsH5P6Bxe
Content-Encoding: gzip
ETag: "8d0cf526b24cdd29e45afe7b094943f1"
x-amz-request-id: 621D5CDF69094F12
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9651
x-amz-id-2: ELjpzp89FqT/haocYKxGrVnyhkzXKuU0gcXGeBLVS/G7cx83Wz5X3sfj1bAC3ZwNLD5mbSXdoos=
Last-Modified: Tue, 04 Sep 2018 20:28:56 GMT
Server: AmazonS3
Date: Fri, 07 Sep 2018 23:30:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5265944071686a380300010a.js
tag.marinsm.com/serve/ 9 KB
4 KB 229ms
55ms Script
text/javascript 151.101.132.65
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5265944071686a380300010a.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.132.65 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 1484
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3164
X-Served-By: cache-mad9420-MAD
Server: Cowboy
X-Timer: S1536363055.221742,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
S 200 analytics.js
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 6709
date: Fri, 07 Sep 2018 21:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Fri, 07 Sep 2018 23:39:06 GMT

GET
S 200 fbevents.js
connect.facebook.net/en_US/ 44 KB
14 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o2/a/j1njk/0

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 13662
x-xss-protection: 0
pragma: public
x-fb-debug: Pggwa7J/B++fGGp088m0c2cox9ZYI/N5H5rBUiSxPSdiAMQhIU/YVTQG872g5zHQy7yZxrBu0nd8nfSQTAsXQQ==
x-frame-options: DENY
date: Fri, 07 Sep 2018 23:30:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 web
onesignal.com/api/v1/sync/596afbc1-2014-4369-a904-3b25c9c36435/ 4 KB
2 KB 10ms
10ms Script
text/javascript 2400:cb00:2048:1::6810:cea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/596afbc1-2014-4369-a904-3b25c9c36435/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.2

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Phusion Passenger 5.3.2
status: 200, 200 OK
x-xss-protection: 1; mode=block
x-request-id: 5d2eaa40-3ee7-4224-8e1b-3c2470496417
x-runtime: 0.026659
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-polished: origSize=3786
cf-ray: 456cf7460c7264b7-FRA
access-control-allow-headers: SDK-Version

GET
H/1.1 200
OK KD3RBGHXH5DG3PI3RBAUIR
d.adroll.com/consent/check/ 34 B
194 B 125ms
27ms Script
application/javascript 54.228.234.5
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR?_s=12bc77b3f6357c791036f0d86a4fe777
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.234.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-234-5.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 34
Content-Type: application/javascript

GET
S 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
925 B 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 534
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Sat, 08 Sep 2018 00:22:01 GMT

GET
S 200 ec.js
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 22:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2474
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1296
x-xss-protection: 1; mode=block
expires: Fri, 07 Sep 2018 23:49:41 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1705398258&t=pageview&_s=1&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fx9bcyt%2Faffc_j1njk&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAr~&jid=371360110&gjid=201235370&cid=401636943.1536363055&tid=UA-74776-7&_gid=1862600.1536363055&gtm=G8oWMGQ2M&z=2036259051

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 03:20:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 936615
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&gjid=201235370&_gid=1862600.1536363055&_u=aGBAgAAr~&z=60133021
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021&slf_rd=1&random=2494872946

42 B
109 B

17ms
15ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021&slf_rd=1&random=2494872946

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=401636943.1536363055&jid=371360110&_v=j68&z=60133021&slf_rd=1&random=2494872946
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 661035823949763
connect.facebook.net/signals/config/ 83 KB
17 KB 36ms
36ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661035823949763?v=2.8.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: gb3kxFcOWVhmnhuReiDWetgSXOv/mupUbkChCMKqiAYFm9NyqZKrFrfpn6vFwUz6TpH4Onjj1Rlz4nVw1+0OBQ==
x-frame-options: DENY
date: Fri, 07 Sep 2018 23:30:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
296 B 18ms
6ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=661035823949763&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fx9bcyt%2Faffc_j1njk&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fj1njk%2F0&if=false&ts=1536363055129&sw=1600&sh=1200&v=2.8.27&r=stable&a=tmgoogletagmanager&ec=0&o=28&it=1536363055076
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 07 Sep 2018 23:30:55 GMT

GET
H/1.1

200
OK

M5CWFZYDJZHPXPS7JF6KB3.js
s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/
Redirect Chain

https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?pv=35558053567.54458&cookie=&adroll_s_ref=https%3A//warriorplus.com/o2/a/j1njk/0&keyw=&arrfrr=https%3A%2F%2Fwarriorplus.com%...
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js

4 KB
2 KB

191ms
191ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: SIuNSFX2s5KPYCpUB7Cbl17qgkD.BLyK
Content-Encoding: gzip
ETag: "b3ab1dce7f7ef893c19f90d5d27863d0"
x-amz-request-id: 11222DC24B485DFC
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1262
x-amz-id-2: 4px2U8zvAOFg9uFI0CohToa6/MpV3/FPpURShhXglxnDRfFxhQd/U9eOTuxcitoHk6iHIKS9PsQ=
Last-Modified: Wed, 09 May 2018 23:35:15 GMT
Server: AmazonS3
Date: Fri, 07 Sep 2018 23:30:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: M5CWFZYDJZHPXPS7JF6KB3
Location: https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: FKQRAFP6HZHONOPBPNAQUD
X-Segment-Name: *
X-Advertisable-Eid: KD3RBGHXH5DG3PI3RBAUIR
X-Conversion-Currency

GET
H/1.1

200
OK

tagjs
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

93 B
455 B

26ms
26ms

Script
text/javascript

34.246.133.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.133.158 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-133-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 93
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S 200 1425266997788380
connect.facebook.net/signals/config/ 83 KB
17 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1425266997788380?v=2.8.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: I6kHA4yJAm6REs580jdliT+QQeyP1PkneF4/lUci1VXyPCrS5u0ONRsXbRbqfiQWAlgejhFojP9mEmQkK4Pp1A==
x-frame-options: DENY
date: Fri, 07 Sep 2018 23:30:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE

43 B
575 B

8ms
7ms

Image
image/gif

18.153.11.33
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.33 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-33.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE%27)

0
591 B

20ms
6ms

Image
text/html

37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:57 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: f81cd9dc-763f-447f-925f-fe7c9ec79fc6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:55 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('ODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjE')
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET

ddp
pippio.com/api/sync/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://idsync.rlcdn.com/377928.gif?partner_uid=84e38696785635a1988535beb3088bf1
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogODRlMzg2OTY3ODU2MzVhMTk4ODUzNWJlYjMwODhiZjEQABoNCK-UzNwFEgUI6AcQAA
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIr5TM3AUSBAgCEAA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIr5TM3AUSBAgCEAA&google_gid=CAESENIVuFx6eWn9X5AQC1Dw9QA&google_cver=1

0
0

GET
S

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://us-u.openx.net/w/1.0/sd?id=537103138&val=84e38696785635a1988535beb3088bf1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=84e38696785635a1988535beb3088bf1

43 B
255 B

19ms
19ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=84e38696785635a1988535beb3088bf1
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.73.2 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
server: OXGW/16.73.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Fri, 07 Sep 2018 23:30:55 GMT
server: OXGW/16.73.2
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=84e38696785635a1988535beb3088bf1
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=hOOGlnhWNaGYhTW-swiL8Q&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=hOOGlnhWNaGYhTW-swiL8Q&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

27ms
27ms

Image
image/gif

176.34.118.81
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.118.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-118-81.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:55 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=mrin
https://cs.marinsm.com/mrin
https://pixel.prfct.co/cb?partnerId=mrin

0
0

GET
S

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PXUPzGuANKPoUIEyP

43 B
294 B

122ms
120ms

Image
image/gif

104.244.42.131
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PXUPzGuANKPoUIEyP

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 114
pragma: no-cache
last-modified: Fri, 07 Sep 2018 23:30:55 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 46d094cfb49d7303a8b671b189614b7c
x-transaction: 0053258400b36c60
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_PXUPzGuANKPoUIEyP
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_PXUPzGuANKPoUIEyP%26sigv%3D1%26esig%3D2%7Ea14f8f64d8c1a8d4eca6a9841fa2173...

0
1 KB

125ms
40ms

Image
text/plain

2a00:1288:110:422::3000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_PXUPzGuANKPoUIEyP%26sigv%3D1%26esig%3D2%7Ea14f8f64d8c1a8d4eca6a9841fa2173f711c004b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 07 Sep 2018 23:30:55 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/pixel?id=2539961&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fnwid%3D10001073209%26eid%3Dpa_PXUPzGuANKPoUIEyP%26sigv%3D1%26esig%3D2%7Ea14f8f64d8c1a8d4eca6a9841fa2173f711c004b
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
S

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_PXUPzGuANKPoUIEyP
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_PXUPzGuANKPoUIEyP

43 B
255 B

19ms
19ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_PXUPzGuANKPoUIEyP
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.73.2 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
server: OXGW/16.73.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Fri, 07 Sep 2018 23:30:55 GMT
server: OXGW/16.73.2
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_PXUPzGuANKPoUIEyP
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PXUPzGuANKPoUIEyP

42 B
371 B

36ms
8ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PXUPzGuANKPoUIEyP
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:54 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: o4CHJRL49I3Q8YdyrOuZiw
Expires: 0

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_PXUPzGuANKPoUIEyP
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUFhVUHpHdUFOS1BvVUlFeVA
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUFhVUHpHdUFOS1BvVUlFeVA&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
399 B

26ms
26ms

Image
image/gif

34.246.133.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.133.158 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-133-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:55 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 240
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
399 B 109ms
109ms Image
image/gif 34.246.133.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=1083254&source=js_tag&a_id=406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.133.158 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-133-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/seg/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=1083254
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254
https://secure.adnxs.com/seg?add=695885&t=2
https://pixel-geo.prfct.co/seg/?add=695885

43 B
399 B

118ms
117ms

Image
image/gif

34.246.133.158
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=695885
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.133.158 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-246-133-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:57 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 153.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.68:80
AN-X-Request-Uuid: fa752893-5430-40da-9d7c-d3a8a6e10d32
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/seg/?add=695885
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
200 B 6ms
6ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1425266997788380&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fx9bcyt%2Faffc_j1njk&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fj1njk%2F0&if=false&ts=1536363055440&cd[segment_eid]=M5CWFZYDJZHPXPS7JF6KB3&sw=1600&sh=1200&v=2.8.27&r=stable&ec=0&o=29&it=1536363055076
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 07 Sep 2018 23:30:55 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
98 B 6ms
5ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=661035823949763&ev=Microdata&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fx9bcyt%2Faffc_j1njk&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fj1njk%2F0&if=false&ts=1536363055631&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwarriorplus.comhttp%3A%2F%2Famzauthorityzone.com%2Fsecretsantasystem%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.27&r=stable&a=tmgoogletagmanager&ec=1&o=28&it=1536363055076&es=automatic
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/x9bcyt/affc_j1njk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 07 Sep 2018 23:30:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 07 Sep 2018 23:30:55 GMT

GET
H/1.1

200
OK

fixed.css
www.fusionhq.com/cssparse/0/system_templates/
Redirect Chain

http://uf.fusionhq.com/cssparse/0/system_templates/fixed.css?ts=1447256555
http://fusionhq.com/cssparse/0/system_templates/fixed.css
http://www.fusionhq.com/cssparse/0/system_templates/fixed.css

50 KB
8 KB

679ms
565ms

Stylesheet
text/css

52.86.191.1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fusionhq.com/cssparse/0/system_templates/fixed.css
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 52.86.191.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-86-191-1.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: 7aa2cfa31da0a292a1ff30707bc8ad237bfdd7b407e203eade082824f9bdb754

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Fri, 07 Sep 2018 23:30:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2015 15:42:35GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Disposition: attachment; filename="fixed.css"
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 7496
Expires: Fri, 21 Sep 2018 23:30:57 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Access-Control-Allow-Origin: *
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Location: http://www.fusionhq.com/cssparse/0/system_templates/fixed.css
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 110
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 1362475680459868a34.js Show response
uf.fusionhq.com/upload/201303/ 91 KB
92 KB 42ms
10ms Script
application/javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://uf.fusionhq.com/upload/201303/1362475680459868a34.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 07:51:41 GMT
Via: 1.1 e7c35757c4581d46396ae4c0a48815ef.cloudfront.net (CloudFront)
Age: 35295
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33270
Connection: keep-alive
Content-Length: 93637
Last-Modified: Sun, 17 May 2015 00:12:43 GMT
Server: AmazonS3
ETag: "e1288116312e4728f98923c79b034b67"
x-amz-meta-uid: 32012
x-amz-meta-gid: 32014
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: PI40TKk5ww6D9zpQBN1Y48mxWfFG4vOx2T8ognywXRsv9LKpDLaNxw==
x-amz-meta-mtime: 1362475681

GET
H/1.1 200
OK jquery.noty.js Show response
uf.fusionhq.com/export/mod/noty/ 18 KB
18 KB 493ms
448ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uf.fusionhq.com/export/mod/noty/jquery.noty.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85d72f785f28e0481fc86070e20964718ddbd415ecd89b867d02cdb038c90af6

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 06:19:52 GMT
Via: 1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:17:29 GMT
Server: AmazonS3
ETag: "5d715853dff2abe03ec655a22352acc8"
X-Cache: RefreshHit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 18359
X-Amz-Cf-Id: wBmBwE84zrnV7EKhJXNZWm2Y57seb-xcWRU9Ck5zdrc-k8_t7WNXRw==

GET
H/1.1 200
OK topCenter.js Show response
uf.fusionhq.com/export/mod/noty/layouts/ 758 B
1 KB 52ms
7ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uf.fusionhq.com/export/mod/noty/layouts/topCenter.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c96f50234b2e1684ae996e32a66fc46572cedb2770ada818b2c37a8f5131565

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 15 Dec 2017 19:58:28 GMT
Via: 1.1 2acec57e8768534c84c148ddf3a19316.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:17:50 GMT
Server: AmazonS3
Age: 24183
ETag: "2fce94f027bd7cc7ab7caee8091c8c73"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 758
X-Amz-Cf-Id: TObZ3erMhjfroc6SqAwkhjZBRKWe5DK7JpDLw-9DBEXdxxFXNdAkYw==

GET
H/1.1 200
OK default.js Show response
uf.fusionhq.com/export/mod/noty/themes/ 9 KB
10 KB 464ms
420ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uf.fusionhq.com/export/mod/noty/themes/default.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79d39b39b64b8c4684f88a19b3dce0e82cad4c2fe68f0910f29dc4b62eb5d68f

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 15 Dec 2017 02:40:41 GMT
Via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:17:53 GMT
Server: AmazonS3
ETag: "c9481c262f9991c4ae5a1fc475a2d849"
X-Cache: RefreshHit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 9580
X-Amz-Cf-Id: kRa8TRj83jYNW9KVNJstp7b3aPyJEVIHFrCgTX_dV1Vk0Z0stbX8yA==

GET
H/1.1 200
OK efx.js Show response
uf.fusionhq.com/export/js/ 504 B
981 B 52ms
7ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uf.fusionhq.com/export/js/efx.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8fac267b28c0d913ad778bc78609fe2f8f69cdc6102fd7e7653ec5dec1a35b7

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 06:19:52 GMT
Via: 1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:15:25 GMT
Server: AmazonS3
Age: 24183
ETag: "7630a9c472d0b1e9214515164d1eaf0c"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 504
X-Amz-Cf-Id: uTH136LiU72f94xbRTFKQhm3rDSjJ5DbMFihv9Feuum91vX521INqQ==

GET
H/1.1 200
OK cart.js Show response
uf.fusionhq.com/export/js/ 6 KB
7 KB 39ms
7ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://uf.fusionhq.com/export/js/cart.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b36592d0bdacf08fc95a5665832a38917fb743d670900f8eab46c48f39eb14b4

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 06:19:52 GMT
Via: 1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:15:24 GMT
Server: AmazonS3
Age: 24184
ETag: "f5a669c9e5134f6656322a13aaf416ec"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 6512
X-Amz-Cf-Id: Qa-DM16obS7k7gCF8uN3XJB1tXDBBA_2VR2ijw0CIyNgHVkb2S52Fw==

GET
H/1.1 200
OK api.js Show response
uf.fusionhq.com/export/js/ 885 B
1 KB 37ms
7ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://uf.fusionhq.com/export/js/api.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92d062ee4fdab83de2c3f40ffdef5273c446a10a378736fd1782f14993e6fbb1

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 06:19:52 GMT
Via: 1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Sep 2015 02:44:22 GMT
Server: AmazonS3
Age: 26376
ETag: "d10aaeb99239f8aa98e0c51c49e300d2"
X-Cache: Hit from cloudfront
x-amz-version-id: Zz2CUK8yOMzKBhnHMiqIu_2q0AWOsHJs
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 885
X-Amz-Cf-Id: cCw-IlnrSPoN85WjtwxJP6OIZI1IVP6fYdsHyJVUsQ8zgfXxLRmkUA==

GET
H/1.1 200
OK moment.min.js Show response
uf.fusionhq.com/export/js/ 32 KB
32 KB 51ms
8ms Script
application/x-javascript 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://uf.fusionhq.com/export/js/moment.min.js
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bd36240ad71781368ecd45c09a377794a2c701174e6f37ee42709540fb70589

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 Nov 2017 07:08:49 GMT
Via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
Last-Modified: Thu, 08 Jan 2015 09:15:28 GMT
Server: AmazonS3
Age: 8174
ETag: "be5be64524a54b0247552299e88bc870"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 32370
X-Amz-Cf-Id: 8-Pax7bhlYGI1eD9Quq9iiNEFdDVercMBNM808G4DJdW7PNLuLBVjg==

GET
H/1.1

200
OK

memsite.css
www.fusionhq.com/cssparse/22955/css/
Redirect Chain

http://uf.fusionhq.com/cssparse/22955/css/memsite.css?ts=1422146517
http://fusionhq.com/cssparse/22955/css/memsite.css
http://www.fusionhq.com/cssparse/22955/css/memsite.css

7 KB
2 KB

294ms
177ms

Stylesheet
text/css

52.86.191.1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fusionhq.com/cssparse/22955/css/memsite.css
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 52.86.191.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-86-191-1.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: d9a108bbd7df867bce569e50d752cff2e339e1b8b96a52261da95fe812a5717a

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Fri, 07 Sep 2018 23:30:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 25 Jan 2015 00:41:57GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Disposition: attachment; filename="memsite.css"
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 1542
Expires: Fri, 21 Sep 2018 23:30:56 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:56 GMT
Server: Apache/2.4.7 (Ubuntu)
Access-Control-Allow-Origin: *
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Location: http://www.fusionhq.com/cssparse/22955/css/memsite.css
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 103
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 1525172808495fef4e4.jpg
uf.fusionhq.com/upload/201805/ 302 KB
303 KB 90ms
90ms Image
image/jpeg 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uf.fusionhq.com/upload/201805/1525172808495fef4e4.jpg
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bcefca0b8bb6818d7cddf244e049df2591141dcc350d7e8cb4bad159ef3aeb9e

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 22:08:22 GMT
Via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
Age: 24185
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33270
Connection: keep-alive
Content-Length: 309647
Last-Modified: Tue, 01 May 2018 11:06:50 GMT
Server: AmazonS3
ETag: "ab39932e9ea652106a92cc582ce69f66"
x-amz-meta-uid: 33
x-amz-meta-gid: 33
x-amz-version-id: aKyQCnsoKeDIqYanXeYzGB4uf5RONIqF
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: uLN-q8ll5IfXv2XqTXziOwlciiE4ct83UE2jwRFPtDcBQBlNNXOrWg==
x-amz-meta-mtime: 1525172809

GET
H/1.1 200
OK 1525172902749baee9e.jpg
uf.fusionhq.com/upload/201805/ 3 MB
3 MB 25ms
25ms Image
image/jpeg 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uf.fusionhq.com/upload/201805/1525172902749baee9e.jpg
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e13e0283dbfd243a232b0c0d01a27cabb5cf01b7d12db2d684634f7e93c1b7c3

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 22:08:22 GMT
Via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
Age: 24184
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33270
Connection: keep-alive
Content-Length: 3401002
Last-Modified: Tue, 01 May 2018 11:08:24 GMT
Server: AmazonS3
ETag: "95070ff3cbcefc51c04b76f22b810090"
x-amz-meta-uid: 33
x-amz-meta-gid: 33
x-amz-version-id: 4FjHP_2aG_uNHj1zCrNnspwy5GodUF0.
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: BcEzLtvv46-WRXzsyNXit8BjzdIu9tDx7ifFzj28kuhSVj6feBtvOw==
x-amz-meta-mtime: 1525172903

GET
H/1.1 200
OK 1525173286793ea8822.jpg
uf.fusionhq.com/upload/201805/ 2 MB
2 MB 23ms
23ms Image
image/jpeg 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uf.fusionhq.com/upload/201805/1525173286793ea8822.jpg
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bbf87c2c7a78d96b795fc7237c3ffab6137b2539f17432d9b31d42be0f0ad99

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 22:08:22 GMT
Via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
Age: 24184
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33270
Connection: keep-alive
Content-Length: 2242860
Last-Modified: Tue, 01 May 2018 11:14:47 GMT
Server: AmazonS3
ETag: "767337e557851b9de59d9cd99d991ffc"
x-amz-meta-uid: 33
x-amz-meta-gid: 33
x-amz-version-id: MbnRuPD2_eIPtQFOK5D9LeL1v37dbVt1
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: kZD_6bfIyipjpdcCfYIP105krKy7yC91k8rCYassOnoZn_4f913UZw==
x-amz-meta-mtime: 1525173286

GET
H/1.1 200
OK 1525176348987691856.jpg
uf.fusionhq.com/upload/201805/ 2 MB
2 MB 74ms
74ms Image
image/jpeg 54.230.93.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uf.fusionhq.com/upload/201805/1525176348987691856.jpg
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 54.230.93.157 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-93-157.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5f8c08384c3c3deff81e68c12c4e9722c0ab0e05fc13333ad314915f6127173

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 03 Sep 2018 22:08:22 GMT
Via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
Age: 24183
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33270
Connection: keep-alive
Content-Length: 2232354
Last-Modified: Tue, 01 May 2018 12:05:49 GMT
Server: AmazonS3
ETag: "85659490cbe1d6b7a2c6ad57e1e1e2dd"
x-amz-meta-uid: 33
x-amz-meta-gid: 33
x-amz-version-id: r7BHi6WlAU9bMUWfGNBSwcQB_z3NHccJ
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: Mb4NXWBbxEMF07h2JFSQBnrGHeGuAvYOwKEmZATS_HzvFJdDxvMvLA==
x-amz-meta-mtime: 1525176348

GET
S 200 138901
warriorplus.com/o2/btn/cn100011001/jmqlvd/x9bcyt/ 21 KB
22 KB 864ms
864ms Image
image/png 104.25.150.118
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/cn100011001/jmqlvd/x9bcyt/138901
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.150.118 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
Resource Hash: 72538ec67a0f9a9cf83ebcbca1017e4427949e4807e2f0b90ef6ca537da25ee2

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Sep 2018 23:30:58 GMT
last-modified: Fri, 07 Sep 2018 23:30:58 GMT
server: cloudflare
x-powered-by: PHP/5.6.37-1+ubuntu14.04.1+deb.sury.org+1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 456cf75458c6bf16-FRA
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK caolcQPRYuo=%26ts%3D924043952%26prj%3D0 Show response
www.fusionhq.com/index.enpact%3Dstat%26node%3D3509587%26split%3DA%26from%3D%26fromsplit%3D%26link%3D%26token%3D1355fae3715721dc%26unique%3D/9vFkqA8FHC8MbF1FWzffr2Wfxd1kYs/ 12 B
573 B 142ms
142ms Script
application/javascript 52.86.191.1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fusionhq.com/index.enpact%3Dstat%26node%3D3509587%26split%3DA%26from%3D%26fromsplit%3D%26link%3D%26token%3D1355fae3715721dc%26unique%3D/9vFkqA8FHC8MbF1FWzffr2Wfxd1kYs/caolcQPRYuo=%26ts%3D924043952%26prj%3D0
Requested by: Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem
Protocol: HTTP/1.1
Server: 52.86.191.1 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-86-191-1.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: 296c157dd6a34720d43bd793e16a333f955909689e61760332775a294f6cd862

Request headers

Referer: http://amzauthorityzone.com/secretsantasystem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Sep 2018 23:30:56 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 12
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 NPCDzdFM_FM
www.youtube.com/embed/ Frame 39A4 0
0 137ms
135ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NPCDzdFM_FM?rel=0&autoplay=1

Requested by

Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/NPCDzdFM_FM?rel=0&autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://amzauthorityzone.com/secretsantasystem
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: http://amzauthorityzone.com/secretsantasystem

Response headers

status: 200
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 EST
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
content-encoding: gzip
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options: nosniff
date: Fri, 07 Sep 2018 23:30:57 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=FRj4PIunYEA; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 08-Sep-2018 00:00:57 GMT YSC=ngcBaMaQ12A; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 09-May-2019 11:23:57 GMT VISITOR_INFO1_LIVE=FRj4PIunYEA; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 6W7tU7Bu03g
www.youtube.com/embed/ Frame DFD7 0
0 155ms
153ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6W7tU7Bu03g

Requested by

Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/6W7tU7Bu03g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://amzauthorityzone.com/secretsantasystem
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: http://amzauthorityzone.com/secretsantasystem

Response headers

status: 200
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: gzip
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Fri, 07 Sep 2018 23:30:57 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=7TC8NKJ8pUA; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 09-May-2019 11:23:57 GMT YSC=kWurk0mZxhY; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 08-Sep-2018 00:00:57 GMT VISITOR_INFO1_LIVE=7TC8NKJ8pUA; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 Wc3sEXAipR0
www.youtube.com/embed/ Frame 3610 0
0 220ms
215ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Wc3sEXAipR0

Requested by

Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Wc3sEXAipR0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://amzauthorityzone.com/secretsantasystem
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: http://amzauthorityzone.com/secretsantasystem

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires: Tue, 27 Apr 1971 19:44:06 EST
cache-control: no-cache
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Sep 2018 23:30:57 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=baTKsNN0aSM; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 08-Sep-2018 00:00:57 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 09-May-2019 11:23:57 GMT YSC=H0AHxiKPkUM; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=baTKsNN0aSM; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 8_Ss5D1FllY
www.youtube.com/embed/ Frame 02C8 0
0 166ms
165ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/8_Ss5D1FllY

Requested by

Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/8_Ss5D1FllY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://amzauthorityzone.com/secretsantasystem
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: http://amzauthorityzone.com/secretsantasystem

Response headers

status: 200
content-encoding: gzip
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 EST
date: Fri, 07 Sep 2018 23:30:57 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=JriM0nSxWMM; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 08-Sep-2018 00:00:57 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 09-May-2019 11:23:57 GMT YSC=zCSR-dKqNU0; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=JriM0nSxWMM; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 tUupUytt57U
www.youtube.com/embed/ Frame 0C80 0
0 182ms
181ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tUupUytt57U

Requested by

Host: amzauthorityzone.com
URL: http://amzauthorityzone.com/secretsantasystem

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/tUupUytt57U
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://amzauthorityzone.com/secretsantasystem
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: DBDD9F368BC5ED908156C0E7B7258613
Referer: http://amzauthorityzone.com/secretsantasystem

Response headers

status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
cache-control: no-cache
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Fri, 07 Sep 2018 23:30:57 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=a_pdhyey8Gw; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly VISITOR_INFO1_LIVE=a_pdhyey8Gw; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 23:30:57 GMT; httponly YSC=sjuSN0pzmoM; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 09-May-2019 11:23:57 GMT GPS=1; path=/; domain=.youtube.com; expires=Sat, 08-Sep-2018 00:00:57 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pippio.com
URL: https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIr5TM3AUSBAgCEAA&google_gid=CAESENIVuFx6eWn9X5AQC1Dw9QA&google_cver=1

Domain: pixel.prfct.co
URL: https://pixel.prfct.co/cb?partnerId=mrin

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-18 23:05:15	Name: VISITOR_INFO1_LIVE Value: baTKsNN0aSM
.youtube.com/	1970-01-19 00:36:41	Name: PREF Value: f1=50000000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: H0AHxiKPkUM
.youtube.com/	1970-01-18 18:46:04	Name: GPS Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
amzauthorityzone.com
analytics.twitter.com
cdn.onesignal.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
fusionhq.com
ib.adnxs.com
onesignal.com
pippio.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
s.adroll.com
secure.adnxs.com
stats.g.doubleclick.net
tag.marinsm.com
uf.fusionhq.com
us-u.openx.net
warriorplus.com
www.facebook.com
www.fusionhq.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
pippio.com
pixel.prfct.co
104.244.42.131
104.25.150.118
151.101.132.65
172.217.18.2
173.241.240.143
176.34.118.81
18.153.11.33
2.18.233.40
2400:cb00:2048:1::6810:cea5
2a00:1288:110:422::3000
2a00:1450:4001:815::200e
2a00:1450:4001:818::2004
2a00:1450:4001:818::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::2008
2a00:1450:400c:c0c::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
34.246.133.158
37.252.172.27
37.252.172.40
52.86.191.1
54.165.199.35
54.173.90.219
54.228.234.5
54.230.93.157
69.173.144.136
0c96f50234b2e1684ae996e32a66fc46572cedb2770ada818b2c37a8f5131565
296c157dd6a34720d43bd793e16a333f955909689e61760332775a294f6cd862
3bbf87c2c7a78d96b795fc7237c3ffab6137b2539f17432d9b31d42be0f0ad99
3d2ecfdc02421ba5f62ad7aa09a548b0d8c11972c24031556d6492fa1362927a
5dbe71facfdf5aa35dd81d9d08e9117c90d503bcfc427ef243e15f1df485df9a
6bd36240ad71781368ecd45c09a377794a2c701174e6f37ee42709540fb70589
72538ec67a0f9a9cf83ebcbca1017e4427949e4807e2f0b90ef6ca537da25ee2
79d39b39b64b8c4684f88a19b3dce0e82cad4c2fe68f0910f29dc4b62eb5d68f
7aa2cfa31da0a292a1ff30707bc8ad237bfdd7b407e203eade082824f9bdb754
85d72f785f28e0481fc86070e20964718ddbd415ecd89b867d02cdb038c90af6
92d062ee4fdab83de2c3f40ffdef5273c446a10a378736fd1782f14993e6fbb1
9adf2d04b1a1ae901a059db6475c4dd9a30ba1e22d6efa1809c6c78108b94eb1
b36592d0bdacf08fc95a5665832a38917fb743d670900f8eab46c48f39eb14b4
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bcefca0b8bb6818d7cddf244e049df2591141dcc350d7e8cb4bad159ef3aeb9e
c5f8c08384c3c3deff81e68c12c4e9722c0ab0e05fc13333ad314915f6127173
d9a108bbd7df867bce569e50d752cff2e339e1b8b96a52261da95fe812a5717a
e13e0283dbfd243a232b0c0d01a27cabb5cf01b7d12db2d684634f7e93c1b7c3
f8fac267b28c0d913ad778bc78609fe2f8f69cdc6102fd7e7653ec5dec1a35b7

amzauthorityzone.com Open in urlscan Pro 54.173.90.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

77 %HTTPS

37 %IPv6

22 Domains

29 Subdomains

23 IPs

4 Countries

8403 kBTransfer

8977 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

amzauthorityzone.com Open in urlscan Pro
54.173.90.219 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

77 %
HTTPS

37 %
IPv6

22
Domains

29
Subdomains

23
IPs

4
Countries

8403 kB
Transfer

8977 kB
Size

4
Cookies

56 HTTP transactions
0 data transactions