66.29.137.168 Open in urlscan Pro
66.29.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://66.29.137.168/
Submission: On October 10 via manual (October 10th 2021, 1:15:58 pm UTC) — Scanned from DE

Summary HTTP 93 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 40 domains to perform 93 HTTP transactions. The main IP is 66.29.137.168, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 66.29.137.168.

This is the only time 66.29.137.168 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	66.29.137.168 66.29.137.168	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
5	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
3	158.69.139.237 158.69.139.237	16276 (OVH) (OVH)
1	192.99.8.28 192.99.8.28	16276 (OVH) (OVH)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
2	104.18.29.199 104.18.29.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.74.171 104.22.74.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.74 65.9.66.74	16509 (AMAZON-02) (AMAZON-02)
1	3.121.175.251 3.121.175.251	16509 (AMAZON-02) (AMAZON-02)
1 2	51.161.15.92 51.161.15.92	16276 (OVH) (OVH)
1	13.35.253.70 13.35.253.70	16509 (AMAZON-02) (AMAZON-02)
9	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
3	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
2	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 5	84.53.188.214 84.53.188.214	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
1	65.9.66.110 65.9.66.110	16509 (AMAZON-02) (AMAZON-02)
1	104.21.9.70 104.21.9.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 15	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1	104.21.78.98 104.21.78.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	54.36.109.22 54.36.109.22	16276 (OVH) (OVH)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
2 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
3 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
2 2	52.19.186.105 52.19.186.105	16509 (AMAZON-02) (AMAZON-02)
1	51.144.7.192 51.144.7.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.124.181.115 3.124.181.115	16509 (AMAZON-02) (AMAZON-02)
1	52.208.16.1 52.208.16.1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.72.174.10 52.72.174.10	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
2 2	34.253.137.48 34.253.137.48	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.184 199.127.207.184	26120 (RHYTHMONE) (RHYTHMONE)
1	173.231.184.20 173.231.184.20	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
93	33

24 66.29.137.168 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: prediksiku.xyz

66.29.137.168	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 158.69.139.237 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip237.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.28 (Ajax, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.29.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.74.171 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.175.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.15.92 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-70.fra6.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 84.53.188.214 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-188-214.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.9.70 (None, )

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.253.109.165 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.78.98 (None, )

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.109.22 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.186.105 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-105.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.16.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-16-1.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.174.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-10.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Cranford, United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.137.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-137-48.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.184 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.184.20 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-cassandra-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	crwdcntrl.net 3 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
11	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	13 KB
5	bluekai.com 1 redirects tags.bluekai.com	2 KB
5	dtscout.com 1 redirects t.dtscout.com e.dtscout.com	19 KB
5	blogspot.com 1.bp.blogspot.com	659 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	histats.com s10.histats.com s4.histats.com	15 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	tidaltv.com 2 redirects sync.tidaltv.com	687 B
2	clickagy.com 2 redirects aorta.clickagy.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	896 B
2	tapad.com 2 redirects pixel.tapad.com	919 B
2	turn.com 2 redirects d.turn.com	855 B
2	onaudience.com 2 redirects pixel.onaudience.com	719 B
2	dtscdn.com t.dtscdn.com	814 B
2	sharethis.com pd.sharethis.com sync.sharethis.com	255 B
2	amung.us whos.amung.us widgets.amung.us	4 KB
2	gstatic.com fonts.gstatic.com	63 KB
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	adgrx.com cm.adgrx.com	408 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	mookie1.com ib.mookie1.com	994 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	511 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	krxd.net beacon.krxd.net	338 B
1	cintnetworks.com c.cintnetworks.com	328 B
1	avocet.io 1 redirects ads.avocet.io	204 B
1	adsrvr.org match.adsrvr.org	265 B
1	pubmatic.com image6.pubmatic.com	166 B
1	dtssrv.com a.dtssrv.com	558 B
1	dtsedge.com dtsedge.com	569 B
1	waust.at waust.at	4 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	clrstm.com Failed sync.tag.clrstm.com Failed
0	survata.com Failed px.surveywall-api.survata.com Failed
93	40

	Domain	Requested by
8	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
7	bcp.crwdcntrl.net	2 redirects 66.29.137.168 tags.crwdcntrl.net bcp.crwdcntrl.net
7	ic.tynt.com	66.29.137.168
5	tags.bluekai.com	1 redirects 66.29.137.168 bcp.crwdcntrl.net
5	1.bp.blogspot.com	66.29.137.168
4	cm.g.doubleclick.net	2 redirects bcp.crwdcntrl.net
4	id5-sync.com	4 redirects
3	tags.crwdcntrl.net	t.dtscout.com tags.crwdcntrl.net
3	t.dtscout.com	waust.at t.dtscout.com
2	secure.adnxs.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	aorta.clickagy.com	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.avct.cloud	2 redirects
2	pixel.tapad.com	2 redirects
2	d.turn.com	2 redirects
2	de.tynt.com	cdn.tynt.com
2	pixel.onaudience.com	2 redirects
2	t.dtscdn.com	t.dtscout.com e.dtscout.com
2	e.dtscout.com	1 redirects 66.29.137.168
2	cdn.tynt.com	waust.at e.dtscout.com
2	s10.histats.com	66.29.137.168 s10.histats.com
2	fonts.gstatic.com	fonts.googleapis.com
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	bcp.crwdcntrl.net
1	dt-secure.videohub.tv	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	ads.avocet.io	1 redirects
1	match.adsrvr.org	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	a.dtssrv.com	t.dtscout.com
1	dtsedge.com	e.dtscout.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	pd.sharethis.com	t.dtscout.com
1	get.s-onetag.com	t.dtscout.com
1	widgets.amung.us	66.29.137.168
1	whos.amung.us	waust.at
1	s4.histats.com	s10.histats.com
1	waust.at	66.29.137.168
1	fonts.googleapis.com	66.29.137.168
0	sync-tm.everesttech.net Failed	bcp.crwdcntrl.net
0	sync.tag.clrstm.com Failed	bcp.crwdcntrl.net
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
93	50

This site contains links to these domains. Also see Links.

Domain
www.histats.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-01` - `2022-07-31`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.cintnetworks.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-04` - `2022-11-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://66.29.137.168/
Frame ID: CBCA55EBD08056DB92307FA6A505685E
Requests: 68 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401633871753CDBF6FDF43E7B1B931
Frame ID: EE9A071FC4FECA3AFFAFA120280F739E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: AB3406F097AEA780FCF7C81169C5072C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Frame ID: 67074C4C99F2F05B7E51A76A1A59FBF4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prediksiku - Prediksi SGP, Prediksi HK, Prediksi Sydney

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

93
Requests

67 %
HTTPS

0 %
IPv6

40
Domains

50
Subdomains

33
IPs

8
Countries

2019 kB
Transfer

2343 kB
Size

54
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.histats.com/viewstats/?sid=4592483&ccid=437

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j= HTTP 301
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=

Request Chain 50

https://pixel.onaudience.com/?partner=137085098&mapped=10401633871753CDBF6FDF43E7B1B931 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=ab7100ee030d01b3

Request Chain 57

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931

Request Chain 71

https://id5-sync.com/s/19/9.gif?puid=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=cf24c5e52452c0267d64a6a1402a65dc&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=4273169550098875524&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTZlNzJjNWE2MDQyNmQ3ODhiZGQ1YmI2YmE5MmE0N2Y&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw

Request Chain 73

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=07773bce-8cf8-43d9-80ae-67d390786767

Request Chain 74

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511

Request Chain 76

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e6e72c5a60426d788bdd5bb6ba92a47f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=e6e72c5a60426d788bdd5bb6ba92a47f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=64833321786766296523814965083676954407

Request Chain 81

https://aorta.clickagy.com/pixel.gif?ch=120&cm=e6e72c5a60426d788bdd5bb6ba92a47f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzplY2NlNjRlNDQ0NGYwYTY2MGRhNmQ4YmVkYjg3OGEwNw HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEOCdEcBbgxvQ2pyfmFTPr-8&google_cver=1 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07

Request Chain 82

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f

Request Chain 83

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=cc3732bf-48f5-4ebb-a89a-f81930944308?gdpr=1&gdpr_consent=

Request Chain 84

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-39766d6e03f5495c935a2544a6a66c0b

Request Chain 86

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b1e86162-e78b-4500-b989-8b37b056a3ac

Request Chain 87

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=719abb4c-b98d-4562-b4dd-7f002b55d6f0-6162e78b-5553

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Request Chain 91

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/e6e72c5a60426d788bdd5bb6ba92a47f/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7876330726971982980

Request Chain 92

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=563492328%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D563492328%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=563492328/tpid=6366943379052204405/tp=ANXS

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
66.29.137.168/ 64 KB
13 KB 534ms
381ms Document
text/html 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 307824c01a32c19f1dca371c249b4e8072b906d4f4bd45c037738b806284a42d

Request headers

Host: 66.29.137.168
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

keep-alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
link: <http://66.29.137.168/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 10 Oct 2021 13:15:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK style.min.css
66.29.137.168/wp-includes/css/dist/block-library/ 79 KB
13 KB 287ms
154ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 10:26:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 13381
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK style.min.css
66.29.137.168/wp-content/plugins/wp-content-copy-protection/assets/css/ 167 B
497 B 301ms
150ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1629990453
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
last-modified: Thu, 26 Aug 2021 15:07:33 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 167
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK style.min.css
66.29.137.168/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
588 B 303ms
152ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 03:30:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 211
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK screen.min.css
66.29.137.168/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 305ms
153ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 03:30:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 1556
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 41ms
17ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f10.1e100.net

Software

ESF /

Resource Hash

40b1851672e58edc25ad486769af8fc1dfed4ecec9f7943afe1ac733fc6217c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 11:37:15 GMT
server: ESF
date: Sun, 10 Oct 2021 13:15:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 10 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK style.css
66.29.137.168/wp-content/themes/iconic-one-pro/ 47 KB
14 KB 331ms
170ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/style.css?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: f05278f96ad7415dbb871d4679ea83cdbc5f5117f7af5974ba8ff77cc1da21de

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 13849
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK custom.css
66.29.137.168/wp-content/themes/iconic-one-pro/ 74 B
403 B 332ms
170ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/custom.css?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: e4191ce2c1660050aec1e61895d29c91c0f9ea20360086de95c34b00483aee66

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 74
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK font-awesome.min.css
66.29.137.168/wp-content/themes/iconic-one-pro/fonts/ 28 KB
8 KB 443ms
156ms Stylesheet
text/css 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/fonts/font-awesome.min.css?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 7309
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK jquery.min.js Show response
66.29.137.168/wp-includes/js/jquery/ 87 KB
34 KB 451ms
151ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 34819
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
66.29.137.168/wp-includes/js/jquery/ 11 KB
5 KB 453ms
150ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 4461
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK respond.min.js Show response
66.29.137.168/wp-content/themes/iconic-one-pro/js/ 4 KB
2 KB 458ms
154ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/js/respond.min.js?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 80f6c847f65eab4561ee8b0e33fcc1c0d7b0bb950e515b7466c03f885317ed6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 2107
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H2 200 728x90ads.png
1.bp.blogspot.com/-Muo4mbYDD_c/W1lXcBJJQ_I/AAAAAAAACn8/tu4j8Z6ZadwTbAcyLRHjreEqdZnmX37JQCK4BGAYYCw/s728/ 64 KB
65 KB 31ms
8ms Image
image/png 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Muo4mbYDD_c/W1lXcBJJQ_I/AAAAAAAACn8/tu4j8Z6ZadwTbAcyLRHjreEqdZnmX37JQCK4BGAYYCw/s728/728x90ads.png

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

fife /

Resource Hash

afdc161f0a645507416b7dd4764ac961ee455240c975eefab247c6938038ab72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:58 GMT
x-content-type-options: nosniff
age: 7135
content-disposition: inline;filename="728x90ads.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65891
x-xss-protection: 0
server: fife
etag: "va80"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Oct 2021 11:16:58 GMT

GET
H/1.1 200
OK logo-prediksiku-1.png
66.29.137.168/wp-content/uploads/2021/08/ 6 KB
6 KB 158ms
157ms Image
image/png 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/08/logo-prediksiku-1.png
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 74843a769a5f1d8bdd8c9a35076c17cd0f564125285d5ba843c155bb1df2063d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sun, 15 Aug 2021 02:36:49 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 5736
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK co.js Show response
waust.at/ 8 KB
4 KB 50ms
23ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/co.js
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b957ea339d35a0f04ef914c475611606e5b3b326cf08cb9d68bf78bca23a6521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 696
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 03 May 2021 17:48:21 GMT
Server: cloudflare
etag: W/"60903765-1ee4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFHVEp6BUq7DLzLA5ZKAg22dneQUvNqGrxcaoqpWsW9X2KPddsM4k6JCvns%2FncbKJZ%2FYl7aFlO1ArohfRqDTQ0P9W4Ibn2cYqLA1i0ZQ%2FjI0agBvk6WfWvhY"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 69c01eb8a84627b8-PRG
expires: Mon, 11 Oct 2021 13:04:16 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
66.29.137.168/wp-includes/js/ 18 KB
6 KB 164ms
164ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 07:45:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 5623
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK script.min.js Show response
66.29.137.168/wp-content/plugins/wp-content-copy-protection/assets/js/ 1 KB
944 B 162ms
162ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1629990453
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 15:07:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 553
expires: Sun, 17 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK selectnav.js Show response
66.29.137.168/wp-content/themes/iconic-one-pro/js/ 4 KB
2 KB 150ms
150ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/js/selectnav.js?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 1640
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
66.29.137.168/wp-includes/js/ 1 KB
1 KB 155ms
154ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 01:59:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 778
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK image.js Show response
66.29.137.168/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
1 KB 155ms
154ms Script
application/javascript 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.7.6
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 23:02:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 678
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 42ms
14ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 12:12:58 GMT
x-content-type-options: nosniff
age: 3775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 12:12:58 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
29 KB 30ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 01:44:56 GMT
x-content-type-options: nosniff
age: 473457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 01:44:56 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
66.29.137.168/wp-content/themes/iconic-one-pro/fonts/ 70 KB
71 KB 193ms
163ms Font
font/woff2 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/wp-content/themes/iconic-one-pro/fonts/font-awesome.min.css?ver=5.8.1
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma: no-cache
Origin: http://66.29.137.168
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://66.29.137.168/wp-content/themes/iconic-one-pro/fonts/font-awesome.min.css?ver=5.8.1
Connection: keep-alive
Referer: http://66.29.137.168/wp-content/themes/iconic-one-pro/fonts/font-awesome.min.css?ver=5.8.1
Origin: http://66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sat, 14 Aug 2021 11:35:04 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 71896
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK hk-selasa-1.jpg
66.29.137.168/wp-content/uploads/2021/09/ 142 KB
142 KB 249ms
151ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/09/hk-selasa-1.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: c2e51e5524a754d0a5cec123f055392b27dbf70e059e04b8f27c6ef1cdf12a77

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sun, 26 Sep 2021 01:04:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 145426
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK sydney-selasa.jpg
66.29.137.168/wp-content/uploads/2021/10/ 146 KB
146 KB 266ms
154ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/10/sydney-selasa.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 66f8e645091fb83892b92aff7ae0c905d5df3c1ee1058000201433d066f6ca49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sun, 03 Oct 2021 01:07:01 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 149219
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK hk-senin-1.jpg
66.29.137.168/wp-content/uploads/2021/09/ 147 KB
147 KB 266ms
154ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/09/hk-senin-1.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: a0d4fbed456513da9dfc98fd5f59cc474ceea1391419a2bfb370af28d9e4ce3d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sat, 25 Sep 2021 01:31:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 150467
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK sgp-senin.jpg
66.29.137.168/wp-content/uploads/2021/09/ 289 KB
289 KB 269ms
154ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/09/sgp-senin.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 2a41a9586f6d0ec92c74f313f797a6e14aac6641f88a4bf490c1946f928fc4f8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sun, 05 Sep 2021 09:48:07 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 295445
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK sydney-senin.jpg
66.29.137.168/wp-content/uploads/2021/10/ 145 KB
146 KB 164ms
164ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/10/sydney-senin.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: 8d834678797fe41f49b7354ffa8476fca1385decb0526e106d3ec6ae75b78499

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Cookie: HstCfa4592483=1633871753108; HstCla4592483=1633871753108; HstCmu4592483=1633871753108; HstPn4592483=1; HstPt4592483=1; HstCnv4592483=1; HstCns4592483=1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Sat, 02 Oct 2021 01:43:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 148806
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK hk-minggu-1.jpg
66.29.137.168/wp-content/uploads/2021/09/ 151 KB
151 KB 154ms
154ms Image
image/jpeg 66.29.137.168
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66.29.137.168/wp-content/uploads/2021/09/hk-minggu-1.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 66.29.137.168 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: prediksiku.xyz
Software: LiteSpeed /
Resource Hash: b680a5e1a103b0d7b355fdb67c8e31a74078153979441f9d6d373eeae0350a26

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 66.29.137.168
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://66.29.137.168/
Cookie: HstCfa4592483=1633871753108; HstCla4592483=1633871753108; HstCmu4592483=1633871753108; HstPn4592483=1; HstPt4592483=1; HstCnv4592483=1; HstCns4592483=1
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
last-modified: Fri, 24 Sep 2021 01:04:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
keep-alive: timeout=5, max=100
content-length: 154682
expires: Sun, 17 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 18ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:11:08 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 40745
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: D88372A2:BC50_2E69C9F0:0050_6162E789_167DC:8157
content-length: 4547
x-request-id: 1072237487

GET
H2 200 Buku%2Bmimpi%2B4d.jpg
1.bp.blogspot.com/-9NS5q5YTK1g/YRjXT_ZfiUI/AAAAAAAAAcY/mZRNLOOiM0sScsmYweUS7OsULJhH1zM7ACLcBGAsYHQ/s16000/ 101 KB
101 KB 25ms
23ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9NS5q5YTK1g/YRjXT_ZfiUI/AAAAAAAAAcY/mZRNLOOiM0sScsmYweUS7OsULJhH1zM7ACLcBGAsYHQ/s16000/Buku%2Bmimpi%2B4d.jpg

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

fife /

Resource Hash

da0db141adb317630144c27def570073850a5a6fb9dc72109affcee756c8144d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Buku mimpi 4d.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103158
x-xss-protection: 0
expires: Mon, 11 Oct 2021 13:15:53 GMT

GET
H2 200 Prediksi%2Btogel%2Bsydney.jpg
1.bp.blogspot.com/-AbOM84h8w6s/YRvPMmFLfvI/AAAAAAAAAHI/vi8JwlQT3dc4PXCnS7CG_16EedBnZpG3QCLcBGAsYHQ/s16000/ 156 KB
156 KB 25ms
24ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AbOM84h8w6s/YRvPMmFLfvI/AAAAAAAAAHI/vi8JwlQT3dc4PXCnS7CG_16EedBnZpG3QCLcBGAsYHQ/s16000/Prediksi%2Btogel%2Bsydney.jpg

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

fife /

Resource Hash

d20944b3f152baae67e64f2d14a239da3bbb413fc321f05d8eaac2b672a5104f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Prediksi togel sydney.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159732
x-xss-protection: 0
server: fife
etag: "v75"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 10 Oct 2021 06:57:41 GMT

GET
H2 200 Prediksi%2Btogel%2Bsingapura.jpg
1.bp.blogspot.com/-H73QODq-xYA/YRvPMg-xTOI/AAAAAAAAAHQ/I0rJlgZru7wO8AYuhxGV8La-ieXPxsUbgCLcBGAsYHQ/s16000/ 182 KB
182 KB 34ms
33ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H73QODq-xYA/YRvPMg-xTOI/AAAAAAAAAHQ/I0rJlgZru7wO8AYuhxGV8La-ieXPxsUbgCLcBGAsYHQ/s16000/Prediksi%2Btogel%2Bsingapura.jpg

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

fife /

Resource Hash

4d119f2f5fd2d0be92d5c59db4dd269d58331645ece9b6d6a7114ed1e3d3a7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v76"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Prediksi togel singapura.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186583
x-xss-protection: 0
expires: Mon, 11 Oct 2021 13:15:53 GMT

GET
H2 200 Prediksi%2Btogel%2Bhongkong.jpg
1.bp.blogspot.com/-_cgmErmEVq0/YRvPMq3zrFI/AAAAAAAAAHM/c-Bs7ncKxvw64q43cNcfogn93BWk_RkagCLcBGAsYHQ/s16000/ 154 KB
155 KB 21ms
21ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_cgmErmEVq0/YRvPMq3zrFI/AAAAAAAAAHM/c-Bs7ncKxvw64q43cNcfogn93BWk_RkagCLcBGAsYHQ/s16000/Prediksi%2Btogel%2Bhongkong.jpg

Requested by

Host: 66.29.137.168
URL: http://66.29.137.168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

fife /

Resource Hash

db513e670e73fa87393b90af7599b9b310247105f8c4d310864405a3e66b469d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v75"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Prediksi togel hongkong.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158078
x-xss-protection: 0
expires: Mon, 11 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 8 KB
9 KB 328ms
107ms Script
application/javascript 158.69.139.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Requested by: Host: waust.at
URL: http://waust.at/co.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.237 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18915c0d67936451a4d8a74e5bc6eefe979ee701a39d5c347c5f57cab06b4d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
X-T: 1.013
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl2
Expires: Sun, 10 Oct 2021 13:15:52 GMT

GET
H/1.1 200
OK 4592483.php Show response
s4.histats.com/stats/ 435 B
570 B 320ms
105ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4592483.php?4592483&@f16&@g1&@h1&@i1&@j1633871753108&@k0&@l1&@mPrediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&@n0&@o1000&@q0&@r0&@s437&@ten-US&@u1600&@b1:99755093&@b3:1633871753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F66.29.137.168%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: d8fbb6d080a36243586bf4a149c4b41b3961346df926d6de7e2bebeec7558bb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 28 B
212 B 229ms
112ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=c58xtwzdbx&t=Prediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&c=u&x=http%3A%2F%2F66.29.137.168%2F&y=&a=0&d=1.326&v=27&r=9970
Requested by: Host: waust.at
URL: http://waust.at/co.js
Protocol: HTTP/1.1
Server: 67.202.114.214 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 9732681ee177730cea607e9a793f9d92e08cc1e283c723321435ec379fab1988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 68ms
31ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/co.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 145000
etag: W/"6129520b-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69c01ebb2ee91f51-FRA
expires: Wed, 13 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK /
widgets.amung.us/colwid/ 4 KB
4 KB 31ms
17ms Image
image/png 104.22.74.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widgets.amung.us/colwid/?c=81d742ffffff
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Server: 104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df24697cb57e8f989aca849452dfb70034fa70aa6fac2278e47f1d726ec43dbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
CF-Cache-Status: HIT
Last-Modified: Sat, 09 Oct 2021 06:57:42 GMT
Server: cloudflare
Age: 109091
Vary: Accept-Encoding
Content-Type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
Transfer-Encoding: chunked
content-disposition: filename=wau-widget.png
Connection: keep-alive
CF-RAY: 69c01ebafcfb2c26-FRA
expires: Sun, 10 Oct 2021 06:57:41 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame EE9A 1 KB
752 B 315ms
109ms Document
text/html 158.69.139.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401633871753CDBF6FDF43E7B1B931
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.237 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6d8c3c8c3c0d49ec01bb8334007454650899605d6c1b28635c05871058eda50f

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://66.29.137.168/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; b=1; st=1; oa=1; df=1633871753; l=10401633871753CDBF6FDF43E7B1B931
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 10 Oct 2021 13:15:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Sun, 10 Oct 2021 13:15:52 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 50ms
7ms Script
text/javascript 65.9.66.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 31127
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 10 Oct 2021 04:37:07 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mHeQpgfwgYOHFP-x70BJumnOmIiEi3cHP9_He0XxeqCQ8xobj825AQ==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 40ms
8ms Script
text/plain 3.121.175.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 10 Oct 2021 13:15:53 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 320ms
108ms Script
application/javascript 158.69.139.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=66.29.137.168&_ss=1hry504rgx&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4ixs&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.237 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7ab2d43dbf741599087c69b0d4f374fc1e6edbf85fbdb7578f2d5f070e02369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
X-T: 0.184
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 10 Oct 2021 13:15:52 GMT

GET
H2 200 cc_437.js Show response
s10.histats.com/counters/ 21 KB
10 KB 36ms
16ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_437.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 38b00f9f9767a1924ec776c710e8fe4e1ea7565abab436544888a38b1b981414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:05:34 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "1785250972"
x-cacheable: Matched cache
content-type: text/javascript
x-grace: full
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 9537
x-request-id: 235078726

GET
H/1.1

200
OK

/ Show response
e.dtscout.com/e/
Redirect Chain

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=

8 KB
9 KB

300ms
99ms

Script
application/javascript

51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a24291cb985a52a25dccb012e397664f068232c67bd38b8e6564abb8c7cec977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
X-T: 0.497
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Sun, 10 Oct 2021 13:15:52 GMT

Redirect headers

Location: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
Date: Sun, 10 Oct 2021 13:15:53 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
984 B 386ms
360ms Fetch
application/json 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
via: 1.1 6ffd9144e1bc0d7518dfec3f04843cdc.cloudfront.net (CloudFront), 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2, FRA6-C1
x-amzn-requestid: 2a77f944-cfd7-40ac-ae62-3f9d084a382a
x-edge-origin-shield-skipped: 0
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: Miss from cloudfront
x-amz-apigw-id: G_kdjGMmCYcFuxQ=
content-length: 555
x-amz-cf-id: hyX7gezZs6ziFrome0tsN-g0r_HseAHJQPamwL-I-bTRVLXriGLcAQ==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dd170a0e4e69598b3d57786f390f982d082a0122cb1bd988cfdae7ea1b448ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 336ms
109ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg&ct=Prediksiku&t=Prediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&cu=http%3A%2F%2F66.29.137.168%2F
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
12 KB 33ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:05:47 GMT
content-encoding: gzip
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 607
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: TMK1Nd3V_LK2BRD_mQVnUy6NihvaJmbG4bnz28_h0EUNLUkdzFCWYg==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 360ms
90ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401633871753CDBF6FDF43E7B1B931&nid=0&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2F66.29.137.168%2F&r=
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:22:45 GMT
X-T: 1.21
x-server: web13.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 10 Oct 2021 13:22:44 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 206ms
160ms Image
image/gif 84.53.188.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=10401633871753CDBF6FDF43E7B1B931&ret=html&phint=__bk_t%3DPrediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&phint=__bk_l%3Dhttp%3A%2F%2F66.29.137.168%2F&r=67197
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:53 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 2bdf
Content-Type: image/gif

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401633871753CDBF6FDF43E7B1B931
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=ab7100ee030d01b3

62 B
304 B

184ms
162ms

Image
image/gif

84.53.188.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=ab7100ee030d01b3
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:54 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=ab7100ee030d01b3
content-length: 0

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 116ms
109ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!c58xtwzdbx&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:52 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 11 Oct 2021 13:15:53 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg&ct=Prediksiku&t=Prediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&cu=http%3A%2F%2F66.29.137.168%2F
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
828 B 143ms
115ms Fetch
application/json 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
server: restify
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding,origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: http://66.29.137.168
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-id: WskUKx1d47n878yajjWY9tAFQ9FA3xwFt0I8-OXZADI5fjPI7IiPNA==
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 272ms
89ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401633871753CDBF6FDF43E7B1B931&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2F66.29.137.168%2F&r=
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:01:25 GMT
X-T: 1.17
x-server: web16.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 10 Oct 2021 13:01:24 GMT

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 59ms
58ms Script
application/javascript 104.18.29.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 144975
etag: W/"61295205-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69c01ebe2c0d1f51-FRA
expires: Wed, 13 Oct 2021 13:15:53 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ 0
569 B 146ms
119ms Script
application/javascript 104.21.9.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=66.29.137.168
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
x-t: 0.57
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69c01ebe5d052b29-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgfFwHANi%2FrKekLxABSTjm%2Fgd7gSUla4nBoZ4zC311hZZa7F8UNCn%2BGj0EDQNte79w%2BVP5SqYW%2BXf2dlj0YydA148ENyAR4WbFcoCJWmRposYJjhuZZ%2B98xZqy4NKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

tpid=10401633871753CDBF6FDF43E7B1B931
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931

49 B
737 B

44ms
44ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.150
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:54 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401633871753CDBF6FDF43E7B1B931
cache-control: no-cache
x-server: 10.45.16.255
content-length: 0
expires: 0

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 209ms
187ms Image
image/gif 84.53.188.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=10401633871753CDBF6FDF43E7B1B931&ret=html&phint=__bk_t%3DPrediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney&phint=__bk_l%3Dhttp%3A%2F%2F66.29.137.168%2F&r=35877998
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:54 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 5365
Content-Type: image/gif

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg&ct=Prediksiku&t=Prediksiku%20-%20Prediksi%20SGP%2C%20Prediksi%20HK%2C%20Prediksi%20Sydney
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg&ct=Prediksiku
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg&ct=Prediksiku
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0&img=http%3A%2F%2F66.29.137.168%2Fwp-content%2Fuploads%2F2021%2F09%2Fhk-selasa-1.jpg
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 110ms
109ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!c58xtwzdbx~wu!&dn=AFWU&cc=2&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Mon, 11 Oct 2021 13:15:54 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
112ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!c58xtwzdbx&lm=0&ts=1633871753499&dn=TC&iso=0
Requested by: Host: 66.29.137.168
URL: http://66.29.137.168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 414ms
398ms XHR
application/json 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://66.29.137.168/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 10 Oct 2021 13:15:55 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-cache: Miss from cloudfront
x-amz-cf-id: VhC5LjCsoAAolGUiLWQqBNhJTLU27dlPRYpvkcD7veScj2EITzF__g==
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 306 B
1 KB 86ms
85ms XHR
application/json 34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 594744814c35c79cc28631d840478bcfe512ae95261a027d5ec3011c22f36a6a

Request headers

Referer: http://66.29.137.168/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://66.29.137.168
cache-control: no-cache
x-server: 10.45.27.254
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 306
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
558 B 278ms
237ms Ping
text/html 104.21.78.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=10401633871753CDBF6FDF43E7B1B931&k=lotpano&v=dbe73c047958e556f49a1a2cf5b54945a7028211c5d314f5801270e41b3545ca
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2F66.29.137.168%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://66.29.137.168/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Oct 2021 13:15:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a51CxpDqErlMFEk2OLFwaTscTtn7JB6n8SnRTmqooKhLd3YapGH4KFHUN7VCkNWWs8BN2sR3LtS3VG74ZDljE8%2FZFqpqRaz5sJkgDIg6uGVwA%2F%2BQtcj8zWhK9ygKq0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 69c01ec55f252798-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame AB34 2 KB
1 KB 7ms
7ms Document
text/html 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://66.29.137.168/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=e6e72c5a60426d788bdd5bb6ba92a47f; _cc_cc="ACZ4XmNQSDVLNTdKNk00MzAxMksxt7BISkkxTUoyS0q0NEo0MU9jAILEpOfd%2F4GAH8QBA57jm6awMH6UZfjPyMjw8bMljLn8TyGMefzoIWYY%2B9KpR2ww9u59lwVg7A8N9%2BHsw4vnwE2cfkIdpuTdEoTwmg1PuWHiEz9O0IaxAfa%2BQm4%3D"; _cc_aud="ABR4XmNgYGBITHreDaQggJmBgWsGmLmoFUQyPqwHkgBo%2BwVj"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://66.29.137.168/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 10 Oct 2021 01:33:40 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -zoVCcq-FvXLWsztJl28kyyYDKvbIdc2ouDj9-qYTOogJdVkwnMQRA==
age: 42136

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 6707 3 KB
3 KB 32ms
32ms Document
text/html 34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6c113bb94416799f113627c875a83d36ddcf24e94dcf6fb874f64e4cc3f385b4

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=e6e72c5a60426d788bdd5bb6ba92a47f; _cc_cc="ACZ4XmNQSDVLNTdKNk00MzAxMksxt7BISkkxTUoyS0q0NEo0MU9jAILEpOfd%2F4GAH8QBA57jm6awMH6UZfjPyMjw8bMljLn8TyGMefzoIWYY%2B9KpR2ww9u59lwVg7A8N9%2BHsw4vnwE2cfkIdpuTdEoTwmg1PuWHiEz9O0IaxAfa%2BQm4%3D"; _cc_aud="ABR4XmNgYGBITHreDaQggJmBgWsGmLmoFUQyPqwHkgBo%2BwVj"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Sun, 10 Oct 2021 13:15:55 GMT
content-type: text/html
content-length: 3291
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.24.225
server: Jetty(9.4.38.v20210224)

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6707 0
166 B 71ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6707
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=cf24c5e52452c0267d64a6a1402a65dc&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=4273169550098875524&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZH...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTZlNzJjNWE2MDQyNmQ3ODhiZGQ1YmI2YmE5MmE0N2Y&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTZlNzJjNWE2MDQyNmQ3ODhiZGQ1YmI2YmE5MmE0N2Y&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZTZlNzJjNWE2MDQyNmQ3ODhiZGQ1YmI2YmE5MmE0N2Y&google_redir={xENCODEDURL}&id5id=ID5-ZHMOXq8x-erMjyJyuSd_Wc6TRZHLcLNxm66xfosfZw
cache-control: no-cache
x-server: 10.45.8.252
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6707 70 B
265 B 103ms
32ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

tpid=07773bce-8cf8-43d9-80ae-67d390786767
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 6707
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=07773bce-8cf8-43d9-80ae-67d390786767

49 B
265 B

43ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=07773bce-8cf8-43d9-80ae-67d390786767
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.113
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=07773bce-8cf8-43d9-80ae-67d390786767
date: Sun, 10 Oct 2021 13:15:55 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

403

tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511
sync.crwdcntrl.net/map/c=10492/tp=AVCT/ Frame 6707
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10492%2Ftp%3DAVCT%2Ftpid%3D%7B%7BUUID%7D%7D
https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511

49 B
269 B

32ms
32ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.254
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511
date: Sun, 10 Oct 2021 13:15:55 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 111
content-type: text/html; charset=utf-8

GET t
px.surveywall-api.survata.com/ Frame 6707 0
0

GET
H2

200

tpid=64833321786766296523814965083676954407
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 6707
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e6e72c5a60426d788bdd5bb6ba92a47f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=e6e72c5a60426d788bdd5bb6ba92a47f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=64833321786766296523814965083676954407

49 B
264 B

36ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=64833321786766296523814965083676954407
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.53
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v018-0fec05bf5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YRp0WyPPQFM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=64833321786766296523814965083676954407
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 6707 0
328 B 261ms
32ms Image
text/plain 51.144.7.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&id=Lotame:e6e72c5a60426d788bdd5bb6ba92a47f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:54 GMT
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity: true
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5
Content-Length: 0

GET sync
sync.tag.clrstm.com/lotame/ Frame 6707 0
0

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 6707 42 B
167 B 42ms
8ms Image
image/gif 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/lotame?uid=e6e72c5a60426d788bdd5bb6ba92a47f&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:55 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 6707 0
338 B 102ms
29ms Image
text/plain 52.208.16.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=e6e72c5a60426d788bdd5bb6ba92a47f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.16.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-16-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1633871755
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame 6707
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=e6e72c5a60426d788bdd5bb6ba92a47f
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzplY2NlNjRlNDQ0NGYwYTY2MGRhNmQ4YmVkYjg3OGEwNw
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEOCdEcBbgxvQ2pyfmFTPr-8&google_cver=1
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07

0
66 B

605ms
14ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 13:15:56 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Sun, 10 Oct 2021 13:15:55 GMT
server: Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-16-25.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 6707
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f

120 B
994 B

1148ms
160ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Oct 2021 13:15:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS03
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Sun, 10 Oct 2021 13:15:56 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=e6e72c5a60426d788bdd5bb6ba92a47f
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: NY16
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H2

200

tpid=cc3732bf-48f5-4ebb-a89a-f81930944308
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 6707
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=cc3732bf-48f5-4ebb-a89a-f81930944308?gdpr=1&gdpr_consent=

49 B
265 B

36ms
36ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=cc3732bf-48f5-4ebb-a89a-f81930944308?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.19.134
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=cc3732bf-48f5-4ebb-a89a-f81930944308?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

tpid=CI-39766d6e03f5495c935a2544a6a66c0b
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 6707
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-39766d6e03f5495c935a2544a6a66c0b

49 B
264 B

35ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-39766d6e03f5495c935a2544a6a66c0b
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.16
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-39766d6e03f5495c935a2544a6a66c0b
Date: Sun, 10 Oct 2021 13:15:55 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 6707 43 B
408 B 270ms
85ms Image
image/gif 173.231.184.20
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.184.20 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: lga-cassandra-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Oct 2021 13:15:55 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: lga-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6707
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b1e86162-e78b-4500-b989-8b37b056a3ac

49 B
265 B

35ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b1e86162-e78b-4500-b989-8b37b056a3ac
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.190
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Sun, 10 Oct 2021 13:15:55 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=b1e86162-e78b-4500-b989-8b37b056a3ac
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 10 Oct 2021 13:15:54 GMT

GET
H2

200

tpid=719abb4c-b98d-4562-b4dd-7f002b55d6f0-6162e78b-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 6707
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=719abb4c-b98d-4562-b4dd-7f002b55d6f0-6162e78b-5553

49 B
264 B

2362ms
2362ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=719abb4c-b98d-4562-b4dd-7f002b55d6f0-6162e78b-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:57 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.146
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:54 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=719abb4c-b98d-4562-b4dd-7f002b55d6f0-6162e78b-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET bsTd8NdE
sync-tm.everesttech.net/upi/pid/ Frame 6707 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6707
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

170 B
188 B

31ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 6707 62 B
304 B 197ms
196ms Image
image/gif 84.53.188.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=cf24c5e52452c0267d64a6a1402a65dc
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a84-53-188-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 13:15:55 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=7876330726971982980
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 6707
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/e6e72c5a60426d788bdd5bb6ba92a47f/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7876330726971982980

49 B
264 B

36ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7876330726971982980
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.150
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7876330726971982980
pragma: no-cache
date: Sun, 10 Oct 2021 13:15:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=563492328/tpid=6366943379052204405/ Frame 6707
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=563492328%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D563492328%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=563492328/tpid=6366943379052204405/tp=ANXS

49 B
264 B

35ms
35ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=563492328/tpid=6366943379052204405/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C97%2C95%2C94%2C92%2C90%2C81%2C80%2C79%2C78%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 13:15:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.234
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 10 Oct 2021 13:15:55 GMT
X-Proxy-Origin: 216.131.114.162; 216.131.114.162; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1257f8df-72f4-4ed8-9a91-95b9e1f1edb5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=563492328/tpid=6366943379052204405/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Domain: sync.tag.clrstm.com
URL: https://sync.tag.clrstm.com/lotame/sync?uid=e6e72c5a60426d788bdd5bb6ba92a47f

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
66.29.137.168/	1970-01-20 06:36:47	Name: HstCfa4592483 Value: 1633871753108
66.29.137.168/	1970-01-20 06:36:47	Name: HstCla4592483 Value: 1633871753108
66.29.137.168/	1970-01-20 06:36:47	Name: HstCmu4592483 Value: 1633871753108
66.29.137.168/	1970-01-20 06:36:47	Name: HstPn4592483 Value: 1
66.29.137.168/	1970-01-20 06:36:47	Name: HstPt4592483 Value: 1
66.29.137.168/	1970-01-20 06:36:47	Name: HstCnv4592483 Value: 1
66.29.137.168/	1970-01-20 06:36:47	Name: HstCns4592483 Value: 1
.dtscout.com/	1970-01-20 00:15:11	Name: df Value: 1633871753
.dtscout.com/	1970-01-19 23:57:54	Name: l Value: 10401633871753CDBF6FDF43E7B1B931
66.29.137.168/	1970-01-19 23:56:28	Name: __dtsu Value: 10401633871753CDBF6FDF43E7B1B931
66.29.137.168/	1970-01-19 21:51:11	Name: lotame_domain_check Value: 66.29.137.168
.onaudience.com/	1970-01-20 06:36:47	Name: cookie Value: 6af0372d78805bcf
.onaudience.com/	1970-01-19 21:52:38	Name: done_redirects109 Value: 1
.dtscout.com/	1970-01-19 21:51:16	Name: m Value: 2
.dtscout.com/	1970-01-19 21:51:29	Name: b Value: 2
.dtscout.com/	1970-01-19 21:51:15	Name: st Value: 2
.dtscout.com/	1970-01-19 21:51:26	Name: oa Value: 2
.crwdcntrl.net/	1970-01-20 04:19:59	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:19:59	Name: _cc_id Value: e6e72c5a60426d788bdd5bb6ba92a47f
.dtscdn.com/	1970-01-20 02:08:57	Name: uid Value: 10401633871753CDBF6FDF43E7B1B931
.crwdcntrl.net/	1970-01-20 04:19:59	Name: _cc_cc Value: "ACZ4XmNQSDVLNTdKNk00MzAxMksxt7BISkkxTUoyS0q0NEo0MU9jAILEpOfd%2F4GAH8QBA57jm6awMH6UZfjPyMjw8bMljLn8TyGMefzoIWYY%2B9KpR2ww9u59lwVg7A8N9%2BHsw4vnwE2cfkIdpuTdEoTwmg1PuWHiEz9O0IaxAfa%2BQm4%3D"
.crwdcntrl.net/	1970-01-20 04:19:59	Name: _cc_aud Value: "ABR4XmNgYGBITHreDaQggJmBgWsGmLmoFUQyPqwHkgBo%2BwVj"
66.29.137.168/	1970-01-20 04:19:59	Name: _cc_id Value: e6e72c5a60426d788bdd5bb6ba92a47f
66.29.137.168/	1970-01-19 22:01:16	Name: panoramaId_expiry Value: 1634476554969
66.29.137.168/	1970-01-19 22:01:16	Name: panoramaId Value: dbe73c047958e556f49a1a2cf5b54945a7028211c5d314f5801270e41b3545ca
.tapad.com/	1970-01-19 23:17:35	Name: TapAd_TS Value: 1633871755139
.tapad.com/	1970-01-19 23:17:35	Name: TapAd_DID Value: 07773bce-8cf8-43d9-80ae-67d390786767
.id5-sync.com/	1970-01-19 21:51:12	Name: cf Value:
.id5-sync.com/	1970-01-19 21:51:12	Name: cip Value:
.id5-sync.com/	1970-01-19 21:51:12	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:51:12	Name: car Value:
.id5-sync.com/	1970-01-19 21:51:12	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:51:12	Name: callback Value:
.id5-sync.com/	1970-01-20 00:00:47	Name: id5 Value: 99485605-e93a-4770-ac5f-5f61a0baf187#1633871751168#2
.tapad.com/	1970-01-19 23:17:35	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 02:10:23	Name: _kuid_ Value: OaZ6FIhD
.demdex.net/	1970-01-20 02:10:23	Name: demdex Value: 64833321786766296523814965083676954407
ads.avct.cloud/	1970-01-20 06:36:47	Name: uuid Value: 97a7eb52-b9ac-4e26-914a-d39520eaf511
.dpm.demdex.net/	1970-01-20 02:10:23	Name: dpm Value: 64833321786766296523814965083676954407
.mathtag.com/	1970-01-20 07:17:06	Name: uuid Value: b1e86162-e78b-4500-b989-8b37b056a3ac
.tidaltv.com/	1970-01-20 06:36:47	Name: tidal_ttid Value: cc3732bf-48f5-4ebb-a89a-f81930944308
.tidaltv.com/	1970-01-20 06:36:47	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQwtDI0NAAAWULQ5wkAAAA="
.sitescout.com/	1970-01-20 06:36:47	Name: ssi Value: 719abb4c-b98d-4562-b4dd-7f002b55d6f0#1633871755400
.adnxs.com/	1970-01-20 00:00:47	Name: uuid2 Value: 6366943379052204405
.turn.com/	1970-01-20 02:10:23	Name: uid Value: 4273169550098875524
.sitescout.com/	1970-01-19 22:34:23	Name: _ssuma Value: eyI3IjoxNjMzODcxNzU1NDI0fQ
.id5-sync.com/	1970-01-20 00:00:47	Name: 3pi Value: 224#1633871751457#2122696826\|321#1633871751394#-1897356074\|19#1633871751176#-1694757428#e6e72c5a60426d788bdd5bb6ba92a47f\|398#1633871751457#-1526291661
.videohub.tv/	1970-01-20 06:36:47	Name: UIXX_UPDT Value: "UILO=1633871755460"
.videohub.tv/	1970-01-20 06:36:47	Name: uid Value: CI-39766d6e03f5495c935a2544a6a66c0b
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: z0lrup5mizwyol1n5ugc4yzb
.doubleclick.net/	1970-01-20 15:22:23	Name: IDE Value: AHWqTUl8Mdd7QPoDSaOPy2OyfkL56kZYcXZ0CKbI5QthCEHxnGtj3aL9pb6hbvUeNh8
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: e3lv4c5gpsli35310kwqxwtn
.ib.mookie1.com/	1970-01-20 06:36:47	Name: ibkukiuno Value: s=676a4764-cb1a-49de-b7ff-881af1abe7e0&h=&v=480946075221&l=-8585677351289105366&op=&hl=0&vlu=3&tcs=1&dcc=-8585677351289105366
.ib.mookie1.com/	1970-01-20 06:36:47	Name: ibkukinet Value: 3632493218=-8585677351289105366

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.tag.clrstm.com/lotame/sync?uid=e6e72c5a60426d788bdd5bb6ba92a47f Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://sync.crwdcntrl.net/map/c=10492/tp=AVCT/tpid=97a7eb52-b9ac-4e26-914a-d39520eaf511 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ecce64e4444f0a660da6d8bedb878a07 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.dtssrv.com
ads.avct.cloud
ads.avocet.io
aorta.clickagy.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
d.turn.com
de.tynt.com
dpm.demdex.net
dt-secure.videohub.tv
dtsedge.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
px.surveywall-api.survata.com
s10.histats.com
s4.histats.com
secure.adnxs.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
waust.at
whos.amung.us
widgets.amung.us
px.surveywall-api.survata.com
sync-tm.everesttech.net
sync.tag.clrstm.com
104.18.29.199
104.21.78.98
104.21.9.70
104.22.74.171
13.35.253.70
142.250.186.34
142.250.186.35
146.59.148.16
158.69.139.237
172.217.16.129
172.217.18.106
172.67.71.57
173.231.184.20
185.29.134.248
185.64.190.78
192.99.8.28
199.127.207.184
3.121.175.251
3.124.181.115
34.253.109.165
34.253.137.48
35.227.248.159
35.244.174.68
37.252.172.250
45.55.96.63
46.105.201.240
46.228.164.13
51.144.7.192
51.161.15.92
52.17.151.21
52.19.186.105
52.208.16.1
52.72.174.10
54.36.109.22
64.58.232.177
65.9.66.110
65.9.66.74
65.9.66.97
66.155.71.25
66.29.137.168
67.202.105.33
67.202.114.214
69.169.86.38
76.223.111.131
84.53.188.214
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18915c0d67936451a4d8a74e5bc6eefe979ee701a39d5c347c5f57cab06b4d54
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
2a41a9586f6d0ec92c74f313f797a6e14aac6641f88a4bf490c1946f928fc4f8
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
307824c01a32c19f1dca371c249b4e8072b906d4f4bd45c037738b806284a42d
38b00f9f9767a1924ec776c710e8fe4e1ea7565abab436544888a38b1b981414
40b1851672e58edc25ad486769af8fc1dfed4ecec9f7943afe1ac733fc6217c9
42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4d119f2f5fd2d0be92d5c59db4dd269d58331645ece9b6d6a7114ed1e3d3a7f3
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
594744814c35c79cc28631d840478bcfe512ae95261a027d5ec3011c22f36a6a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dd170a0e4e69598b3d57786f390f982d082a0122cb1bd988cfdae7ea1b448ad
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
66f8e645091fb83892b92aff7ae0c905d5df3c1ee1058000201433d066f6ca49
6c113bb94416799f113627c875a83d36ddcf24e94dcf6fb874f64e4cc3f385b4
6d8c3c8c3c0d49ec01bb8334007454650899605d6c1b28635c05871058eda50f
6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674
74843a769a5f1d8bdd8c9a35076c17cd0f564125285d5ba843c155bb1df2063d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
80f6c847f65eab4561ee8b0e33fcc1c0d7b0bb950e515b7466c03f885317ed6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d834678797fe41f49b7354ffa8476fca1385decb0526e106d3ec6ae75b78499
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9732681ee177730cea607e9a793f9d92e08cc1e283c723321435ec379fab1988
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a0d4fbed456513da9dfc98fd5f59cc474ceea1391419a2bfb370af28d9e4ce3d
a24291cb985a52a25dccb012e397664f068232c67bd38b8e6564abb8c7cec977
a7ab2d43dbf741599087c69b0d4f374fc1e6edbf85fbdb7578f2d5f070e02369
a8c1883b9e9af2d6d6f791d51ef4ba5eebb7e06afbb6ab42ac6067e81373460a
afdc161f0a645507416b7dd4764ac961ee455240c975eefab247c6938038ab72
b680a5e1a103b0d7b355fdb67c8e31a74078153979441f9d6d373eeae0350a26
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
b957ea339d35a0f04ef914c475611606e5b3b326cf08cb9d68bf78bca23a6521
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2e51e5524a754d0a5cec123f055392b27dbf70e059e04b8f27c6ef1cdf12a77
caacfc6a3602fe9a189a4bd15792c4bed2fce634c04716f515e6c07cda07315a
d20944b3f152baae67e64f2d14a239da3bbb413fc321f05d8eaac2b672a5104f
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d8fbb6d080a36243586bf4a149c4b41b3961346df926d6de7e2bebeec7558bb8
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
da0db141adb317630144c27def570073850a5a6fb9dc72109affcee756c8144d
db513e670e73fa87393b90af7599b9b310247105f8c4d310864405a3e66b469d
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df24697cb57e8f989aca849452dfb70034fa70aa6fac2278e47f1d726ec43dbf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4191ce2c1660050aec1e61895d29c91c0f9ea20360086de95c34b00483aee66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05278f96ad7415dbb871d4679ea83cdbc5f5117f7af5974ba8ff77cc1da21de
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d

66.29.137.168 Open in urlscan Pro 66.29.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

67 %HTTPS

0 %IPv6

40 Domains

50 Subdomains

33 IPs

8 Countries

2019 kBTransfer

2343 kBSize

54 Cookies

1 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

66.29.137.168 Open in urlscan Pro
66.29.137.168 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

67 %
HTTPS

0 %
IPv6

40
Domains

50
Subdomains

33
IPs

8
Countries

2019 kB
Transfer

2343 kB
Size

54
Cookies

93 HTTP transactions
1 data transactions