urlscan.io logo urlscan.io
SecurityTrails logo

t5.boxdivision.com Open in urlscan Pro
99.83.175.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html#nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k
Effective URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824...
Submission: On October 17 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 27 HTTP transactions. The main IP is 99.83.175.80, located in United States and belongs to AMAZON-02, US. The main domain is t5.boxdivision.com.
This is the only time t5.boxdivision.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.5.129.143 16509 (AMAZON-02)
1 1 66.220.30.102 6939 (HURRICANE)
2 23.250.1.134 55286 (SERVER-MANIA)
1 2607:f8b0:400... 15169 (GOOGLE)
1 143.204.146.43 16509 (AMAZON-02)
2 100.24.222.39 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.202.131.178 14618 (AMAZON-AES)
4 99.83.175.80 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:220... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
27 12
1    3.5.129.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
1    66.220.30.102 (Mona, United States)

ASN6939 (HURRICANE, US)
PTR: snugever.net
40kcdi.duckdns.org
2    23.250.1.134 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
blueskyace.com
1    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    143.204.146.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-43.ewr52.r.cloudfront.net
static.traversedlp.com
2    100.24.222.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-222-39.compute-1.amazonaws.com
script.anura.io
1    2606:4700::6812:1e97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
3    34.202.131.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-131-178.compute-1.amazonaws.com
api.traversedlp.com
4    99.83.175.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a2e6b661ca0e4c4c4.awsglobalaccelerator.com
t5.boxdivision.com
5    2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2600:9000:2209:2000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2607:f8b0:4006:80a::2001 (United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
5 google.com
www.google.com — Cisco Umbrella Rank: 2
109 KB
4 cloudfront.net
d38psrni17bvxu.cloudfront.net
21 KB
4 boxdivision.com
t5.boxdivision.com
7 KB
4 traversedlp.com
static.traversedlp.com — Cisco Umbrella Rank: 28669
api.traversedlp.com — Cisco Umbrella Rank: 7302
5 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 13219
1 KB
2 anura.io
script.anura.io — Cisco Umbrella Rank: 49715
20 KB
2 blueskyace.com
blueskyace.com
7 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
631 B
1 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 4447
261 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
39 KB
1 duckdns.org
40kcdi.duckdns.org
361 B
1 amazonaws.com
pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
474 B
27 12
Domain Requested by
5 www.google.com t5.boxdivision.com
www.google.com
4 d38psrni17bvxu.cloudfront.net t5.boxdivision.com
d38psrni17bvxu.cloudfront.net
4 t5.boxdivision.com blueskyace.com
d38psrni17bvxu.cloudfront.net
t5.boxdivision.com
3 api.traversedlp.com static.traversedlp.com
2 afs.googleusercontent.com www.google.com
2 script.anura.io pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
script.anura.io
2 blueskyace.com pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
blueskyace.com
1 partner.googleadservices.com www.google.com
1 signals.aimtell.com blueskyace.com
1 static.traversedlp.com www.googletagmanager.com
1 www.googletagmanager.com blueskyace.com
1 40kcdi.duckdns.org 1 redirects
1 pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
27 13

This site contains no links.

Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.traversedlp.com
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
script.anura.io
Amazon		 2022-05-24 -
2023-06-22		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Frame ID: 8486CF47385B215BA1A24C592066B661
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2663046180937288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r3%7Cs&nocache=3371665996134858&num=0&output=afd_ads&domain_name=t5.boxdivision.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665996134859&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Ft5.boxdivision.com%2Faff_c%3Foffer_id%3D437%26aff_id%3D1016%26aff_sub%3Dtmobile%26aff_sub2%3D202673%26aff_sub3%3D139283eafc26e77269f67824278024f2%26aff_sub4%3D28539%26aff_sub5%3D26&referer=http%3A%2F%2Fblueskyace.com%2F&adbw=master-1%3A530
Frame ID: 461113BCC3409FF0291D0EDBE257E14D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

boxdivision.com

Page URL History Show full URLs

  1. https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html Page URL
  2. http://40kcdi.duckdns.org/nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k HTTP 302
    http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_59390893... Page URL
  3. http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=1392... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

27
Requests

59 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

210 kB
Transfer

496 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html Page URL
  2. http://40kcdi.duckdns.org/nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k HTTP 302
    http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26 Page URL
  3. http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://40kcdi.duckdns.org/nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k HTTP 302
  • http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
anowxaebanorweyvxm.html
pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/ 		106 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.129.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
106
Content-Type
text/html
Date
Mon, 17 Oct 2022 08:42:13 GMT
ETag
"8be61919c113cf5159e4f5376bfd6a33"
Last-Modified
Sat, 15 Oct 2022 14:58:47 GMT
Server
AmazonS3
x-amz-id-2
3UIBxt9sG9PpOe5jUKMd6ehhYnVkHhbxO3tuePITfuP+f7yVSRcWiUbvoiPEMIAsZcerk7z/mN8vlIaRFtS8yQ==
x-amz-request-id
34YCMXVVN1PY9FW6
/
blueskyace.com/ae24577fac00352c646c3804a5536f446/
Redirect Chain
  • http://40kcdi.duckdns.org/nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k
  • http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
Requested by
Host: pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
URL: https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html
Protocol
HTTP/1.1
Server
23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
9623244c1a6e6edb521b35d493518d45fc0821ad7af75b66bd4092909a843374

Request headers

Referer
https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html#nysCrUxtZ4MMb9JTSlDb0WZDF8qzYwb4zvp0zvp3zvp5a5A7Ne3n4Lo8iD0etcb9k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 08:53:42 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 17 Oct 2022 08:42:12 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
gtm.js
www.googletagmanager.com/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Requested by
Host: blueskyace.com
URL: http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ff010f48a048a638fb4511d990d5ff8d13681827708647d9fe6525427e1a10c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://blueskyace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39207
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 08:42:13 GMT
fp.php
blueskyace.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://blueskyace.com/fp.php
Requested by
Host: blueskyace.com
URL: http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
Protocol
HTTP/1.1
Server
23.250.1.134 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 08:53:42 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-43.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

accept-language
en-US,en;q=0.9
Referer
http://blueskyace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
KLbodh6xIMdiUWAxenjc1ByBclqfTj74
Content-Encoding
gzip
Via
1.1 6b40574acc577d1185c505c40886acc6.cloudfront.net (CloudFront)
Date
Mon, 17 Oct 2022 08:26:59 GMT
Last-Modified
Wed, 01 Jun 2022 20:20:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR52-C2
Age
915
ETag
W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
J7JrpPnWcf9HBONCLacrVGtdL7TAVTDOJp9WzBzAQbquM2pSJnb8bw==
request.js
script.anura.io/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=56309078&source=202673&campaign=28539&exid=139283eafc26e77269f67824278024f2&163006039584
Requested by
Host: pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
URL: https://pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com/anowxaebanorweyvxm.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-222-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46720e24355b0edeb355c237d8033c099fd6d37c6aa910b63f2b508600f6a684
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://blueskyace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 08:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
matches
signals.aimtell.com/ 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Requested by
Host: blueskyace.com
URL: http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
http://blueskyace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:13 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
75b7bd5b3ab9188d-EWR
access-control-allow-headers
Content-Type, *
content-length
43
cookie
api.traversedlp.com/retargeting/v1/ 		18 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.131.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-131-178.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

accept-language
en-US,en;q=0.9
Referer
http://blueskyace.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:13 GMT
server
nginx/1.20.0
etag
W/"12-86d81FY+WDtP4sdiTK7DKw"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://blueskyace.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
18
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.131.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-131-178.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://blueskyace.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
http://blueskyace.com
date
Mon, 17 Oct 2022 08:42:13 GMT
access-control-expose-headers
access-control-allow-credentials
true
server
nginx/1.20.0
vary
X-HTTP-Method-Override
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
enqueue
api.traversedlp.com/retargetinginclusion/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.131.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-131-178.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://blueskyace.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
http://blueskyace.com
access-control-expose-headers
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
content-length
228
content-type
text/html; charset=utf-8
date
Mon, 17 Oct 2022 08:42:13 GMT
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
server
nginx/1.20.0
vary
Accept-Encoding
Primary Request aff_c
t5.boxdivision.com/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Requested by
Host: blueskyace.com
URL: http://blueskyace.com/ae24577fac00352c646c3804a5536f446/?sid1=41677_10541508_13&sid2=4718_593908935_41677_41677_0_4439964_26_1516_147008_10541508_10_765&sid3=26
Protocol
HTTP/1.1
Server
99.83.175.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
192fa8579037a8796e752f1470e96c17195349c632239786ed8f307c3c140dce

Request headers

Referer
http://blueskyace.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 08:42:14 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_rm0MEtQKWTtJB2muyDKdHHK/0iiFrYHUA7xhcKd7QuNVUEz+VOmHWY9vr0s7hJ6tknH0zA5ORY/fMbm1fEdnAg==
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=202673&campaign=28539&exid=139283eafc26e77269f67824278024f2&163006039584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.222.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-222-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://blueskyace.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 08:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
caf.js
www.google.com/adsense/domains/ 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: t5.boxdivision.com
URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4cb52ab80b07293638c8373465dcd288cbae0da143950cd9458ad50a0e032f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 08:42:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"2322277284970504632"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Expires
Mon, 17 Oct 2022 08:42:14 GMT
style.css
d38psrni17bvxu.cloudfront.net/themes/assets/ 		829 B
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/assets/style.css
Requested by
Host: t5.boxdivision.com
URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Protocol
HTTP/1.1
Server
2600:9000:2209:2000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 09:14:42 GMT
Content-Encoding
gzip
Via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
Last-Modified
Tue, 12 May 2020 14:25:52 GMT
Server
nginx
X-Amz-Cf-Pop
EWR53-P1
Age
84452
ETag
W/"5ebab1f0-33d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
5XWGuKfcfh1ZprQ6aMp7ePVwvrjoVtCRo4m_vH33Uvop35-cjq8wxw==
style.css
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
Requested by
Host: t5.boxdivision.com
URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Protocol
HTTP/1.1
Server
2600:9000:2209:2000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d9d67a9789d5456d07acf0c92b41d2b31e269939d490d522dba8a99f3aa61c1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 09:15:20 GMT
Content-Encoding
gzip
Via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
EWR53-P1
Age
84414
ETag
W/"62b4441b-555"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Ju4qTHvYIeRk2tlYskiX_5eW3JqZTdawA3q51D21lhkedRckM-MqXQ==
js3caf.js
d38psrni17bvxu.cloudfront.net/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Requested by
Host: t5.boxdivision.com
URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Protocol
HTTP/1.1
Server
2600:9000:2209:2000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 09:15:07 GMT
Via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jan 2021 10:54:01 GMT
Server
nginx
X-Amz-Cf-Pop
EWR53-P1
Age
84427
ETag
"600022c9-1b58"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7000
X-Amz-Cf-Id
zVyNyCjtIsBTv7XT9T093gEiB1-JycY-XGLfiEdGaln7Eqv4HHOQ8g==
track.php
t5.boxdivision.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t5.boxdivision.com/track.php?domain=boxdivision.com&toggle=browserjs&uid=MTY2NTk5NjEzNC40MTQ3Ojk3ZGU5YmI5MDZjNDczMDgyNjc2YmQyOTk1YjQ5ZTUwNjc5NWIyZDc1YzA4OWY2MzcwM2YwNTBlYjk5ZjdlNjM6NjM0ZDE1NjY2NTNkNA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Protocol
HTTP/1.1
Server
99.83.175.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 08:42:14 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
t5.boxdivision.com/ 		0
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t5.boxdivision.com/ls.php
Requested by
Host: t5.boxdivision.com
URL: http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
Protocol
HTTP/1.1
Server
99.83.175.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 08:42:15 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
http://t5.boxdivision.com
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_jimz9oWkeuNvYdOMD9iKw+KbZKPc9pNnjoVyOUSTLtKZ7OpqiAgHOje/KffEeUnDVqda+Gfc6iR10IKyQUBZBw==
Connection
keep-alive
cookie.js
partner.googleadservices.com/gampad/ 		192 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=t5.boxdivision.com&client=dp-teaminternet04_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a55d5d3d897645e9976c48af7728c52813b92071d3add4e56f9ddb9c5a531102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
186
x-xss-protection
0
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
Protocol
HTTP/1.1
Server
2600:9000:2209:2000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
en-US,en;q=0.9
Referer
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 09:15:24 GMT
Via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
EWR53-P1
Age
84410
ETag
"62b4441b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
vP7_LPSbtS0GNe40KrVK7AT_rhgF6Jnitli-bHFZyiIH_aTPJ7kiyw==
ads
www.google.com/afs/ Frame 4611 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2663046180937288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r3%7Cs&nocache=3371665996134858&num=0&output=afd_ads&domain_name=t5.boxdivision.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665996134859&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Ft5.boxdivision.com%2Faff_c%3Foffer_id%3D437%26aff_id%3D1016%26aff_sub%3Dtmobile%26aff_sub2%3D202673%26aff_sub3%3D139283eafc26e77269f67824278024f2%26aff_sub4%3D28539%26aff_sub5%3D26&referer=http%3A%2F%2Fblueskyace.com%2F&adbw=master-1%3A530
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
1a2653c34f44857510385b9943db321ef3407a73e8702398de1b650f50787d1c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://t5.boxdivision.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2057
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 08:42:14 GMT
expires
Mon, 17 Oct 2022 08:42:14 GMT
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame 4611 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2663046180937288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r3%7Cs&nocache=3371665996134858&num=0&output=afd_ads&domain_name=t5.boxdivision.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665996134859&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Ft5.boxdivision.com%2Faff_c%3Foffer_id%3D437%26aff_id%3D1016%26aff_sub%3Dtmobile%26aff_sub2%3D202673%26aff_sub3%3D139283eafc26e77269f67824278024f2%26aff_sub4%3D28539%26aff_sub5%3D26&referer=http%3A%2F%2Fblueskyace.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02ee08c1d44f19418f8c8d2dab51e5ffb6a9cfab2957fa2e7494f1d171dd2ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 08:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"4979029645791870593"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 17 Oct 2022 08:42:14 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 4611 		391 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2663046180937288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r3%7Cs&nocache=3371665996134858&num=0&output=afd_ads&domain_name=t5.boxdivision.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665996134859&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Ft5.boxdivision.com%2Faff_c%3Foffer_id%3D437%26aff_id%3D1016%26aff_sub%3Dtmobile%26aff_sub2%3D202673%26aff_sub3%3D139283eafc26e77269f67824278024f2%26aff_sub4%3D28539%26aff_sub5%3D26&referer=http%3A%2F%2Fblueskyace.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 06:39:36 GMT
age
7359
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
last-modified
Thu, 19 Dec 2019 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 18 Oct 2022 05:39:36 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 4611 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket003&client=dp-teaminternet04_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2663046180937288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956%2C17301063%2C17301066%2C17301094%2C17301097&format=r3%7Cs&nocache=3371665996134858&num=0&output=afd_ads&domain_name=t5.boxdivision.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665996134859&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Ft5.boxdivision.com%2Faff_c%3Foffer_id%3D437%26aff_id%3D1016%26aff_sub%3Dtmobile%26aff_sub2%3D202673%26aff_sub3%3D139283eafc26e77269f67824278024f2%26aff_sub4%3D28539%26aff_sub5%3D26&referer=http%3A%2F%2Fblueskyace.com%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 01:18:15 GMT
age
26640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Tue, 18 Oct 2022 00:18:15 GMT
track.php
t5.boxdivision.com/ 		0
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t5.boxdivision.com/track.php?domain=boxdivision.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2NTk5NjEzNC40MTQ3Ojk3ZGU5YmI5MDZjNDczMDgyNjc2YmQyOTk1YjQ5ZTUwNjc5NWIyZDc1YzA4OWY2MzcwM2YwNTBlYjk5ZjdlNjM6NjM0ZDE1NjY2NTNkNA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Protocol
HTTP/1.1
Server
99.83.175.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e6b661ca0e4c4c4.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/aff_c?offer_id=437&aff_id=1016&aff_sub=tmobile&aff_sub2=202673&aff_sub3=139283eafc26e77269f67824278024f2&aff_sub4=28539&aff_sub5=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 08:42:15 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
answercheck
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
gen_204
www.google.com/afs/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=sbe2s6wt7p7i&aqid=ZhVNY8_QOJDQogavwZ_oDQ&psid=6016880802&pbt=bs&adbx=535&adby=93&adbh=485&adbw=530&adbah=156%2C156%2C156&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=480127119&csala=6%7C0%7C125%7C35%7C406&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 17 Oct 2022 08:42:16 GMT
server
gws
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet04_3ph&output=uds_ads_only&zx=ds83napi8ff7&aqid=ZhVNY8_QOJDQogavwZ_oDQ&psid=6016880802&pbt=bv&adbx=535&adby=93&adbh=485&adbw=530&adbah=156%2C156%2C156&adbn=master-1&eawp=partner-dp-teaminternet04_3ph&errv=480127119&csala=6%7C0%7C125%7C35%7C406&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://t5.boxdivision.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 17 Oct 2022 08:42:17 GMT
server
gws
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| googleNDT_ number| googleAltLoader object| google function| showImprint function| showPolicy object| tcblock object| searchboxBlock boolean| isAdult string| xbase number| xt_auto_load string| ads string| pop_cats string| rxid object| pcrewAdloaded string| uniqueTrackingID string| search boolean| is_afs string| country string| themedata string| domain string| scriptPath string| adtest boolean| useFallbackTerms boolean| pageLoadedCallbackTriggered boolean| fallbackTriggered boolean| formerCalledArguments object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill number| waitTime number| timeout number| waitStep function| listenFor1TierResponse object| xmlHttp function| loadFeed function| relatedCallback function| relatedFallback undefined| links function| ls function| __sasCookie

3 Cookies

Domain/Path Name / Value
blueskyace.com/ Name: clkcheck28539
Value: 139283eafc26e77269f67824278024f2_202673
.t5.boxdivision.com/ Name: __gsas
Value: ID=c99d9740baaeed21:T=1665996134:S=ALNI_MYKHlNK_O6rPVxzy3hXzMIcwjfvbQ
.google.com/ Name: NID
Value: 511=e4AnOCXSn9Q2O4sseDVnLYixCM2Gq0YVPFCYOFAQDGju-NRXWV-WGRiDebe4oaWFaY3LnN85S-DMWpAMYYZ_GETSysWKRw7Sml8q_eXs5ZNjgZmEy5MCk9QQ1diNMGnTNLkUI3T9jvzHvg_jOn1XHMZ1TN4mfRTH2sMvQlS3irk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40kcdi.duckdns.org
afs.googleusercontent.com
api.traversedlp.com
blueskyace.com
d38psrni17bvxu.cloudfront.net
partner.googleadservices.com
pxkaglhxbxkccboqei.s3.us-east-2.amazonaws.com
script.anura.io
signals.aimtell.com
static.traversedlp.com
t5.boxdivision.com
www.google.com
www.googletagmanager.com
100.24.222.39
143.204.146.43
23.250.1.134
2600:9000:2209:2000:1d:4618:5c80:21
2606:4700::6812:1e97
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::2001
2607:f8b0:4006:822::2004
3.5.129.143
34.202.131.178
66.220.30.102
99.83.175.80
02ee08c1d44f19418f8c8d2dab51e5ffb6a9cfab2957fa2e7494f1d171dd2ab4
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
192fa8579037a8796e752f1470e96c17195349c632239786ed8f307c3c140dce
1a2653c34f44857510385b9943db321ef3407a73e8702398de1b650f50787d1c
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
46720e24355b0edeb355c237d8033c099fd6d37c6aa910b63f2b508600f6a684
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5d9d67a9789d5456d07acf0c92b41d2b31e269939d490d522dba8a99f3aa61c1
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
7ff010f48a048a638fb4511d990d5ff8d13681827708647d9fe6525427e1a10c
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b
9623244c1a6e6edb521b35d493518d45fc0821ad7af75b66bd4092909a843374
a4cb52ab80b07293638c8373465dcd288cbae0da143950cd9458ad50a0e032f1
a55d5d3d897645e9976c48af7728c52813b92071d3add4e56f9ddb9c5a531102
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855