primescreenstreams.com Open in urlscan Pro
108.157.142.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mytic.wleads.xyz/register.php?sub=hilux
Effective URL:
https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29m...
Submission: On January 29 via api (January 29th 2024, 1:14:50 am UTC) from US — Scanned from US

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 53 domains to perform 116 HTTP transactions. The main IP is 108.157.142.129, located in United States and belongs to AMAZON-02, US. The main domain is primescreenstreams.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 14th 2023. Valid for: a year.

This is the only time primescreenstreams.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2001:df7:5300... 2001:df7:5300:2::71	138115 (IDNIC-DEN...) (IDNIC-DENEVA-AS-ID PT Deneva)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.31 149.56.240.31	16276 (OVH) (OVH)
1	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.157.142.40 108.157.142.40	16509 (AMAZON-02) (AMAZON-02)
3	18.220.111.101 18.220.111.101	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
3	54.230.163.124 54.230.163.124	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
9 9	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2 14	52.71.57.44 52.71.57.44	14618 (AMAZON-AES) (AMAZON-AES)
3 7	23.62.105.110 23.62.105.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.173.132.23 18.173.132.23	16509 (AMAZON-02) (AMAZON-02)
4	23.48.224.242 23.48.224.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
4 5	18.207.77.150 18.207.77.150	14618 (AMAZON-AES) (AMAZON-AES)
3 5	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.203.254.206 52.203.254.206	14618 (AMAZON-AES) (AMAZON-AES)
5 6	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.22.105.156 107.22.105.156	14618 (AMAZON-AES) (AMAZON-AES)
1	52.204.253.76 52.204.253.76	14618 (AMAZON-AES) (AMAZON-AES)
3 4	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.139.29.87 108.139.29.87	16509 (AMAZON-02) (AMAZON-02)
4	3.130.132.252 3.130.132.252	16509 (AMAZON-02) (AMAZON-02)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.79.184.99 23.79.184.99	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.206.55.165 52.206.55.165	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.241.34 34.193.241.34	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.142.88 108.157.142.88	16509 (AMAZON-02) (AMAZON-02)
1 1	51.255.127.45 51.255.127.45	16276 (OVH) (OVH)
1 1	34.90.81.51 34.90.81.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
25	108.157.142.129 108.157.142.129	16509 (AMAZON-02) (AMAZON-02)
1	75.2.13.80 75.2.13.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3036::ac43:a392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	51.222.241.106 51.222.241.106	16276 (OVH) (OVH)
1 2	216.22.16.73 216.22.16.73	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.17.218.204 104.17.218.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.220.12.195 3.220.12.195	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.72.60.253 52.72.60.253	14618 (AMAZON-AES) (AMAZON-AES)
2 2	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.233.54.235 18.233.54.235	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::ac43:dcdb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
116	47

2 2001:df7:5300:2::71 (Jakarta, Indonesia)

ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID)

mytic.wleads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.142.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-40.mci50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.220.111.101 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-111-101.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.163.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-124.ewr53.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.94.170.64 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.33.220.150 (Seattle, United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.71.57.44 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-57-44.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.62.105.110 (Secaucus, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-105-110.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-23.jfk52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.224.242 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-242.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.23 (Chicago, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.207.77.150 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-77-150.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.203.254.206 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-254-206.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.117 (Jersey City, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.105.156 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-105-156.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.253.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-253-76.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.154.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-87.jfk50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.130.132.252 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-132-252.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.184.99 (Marietta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-184-99.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.55.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-165.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.241.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-241-34.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.142.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-88.mci50.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.127.45 (France) 1 redirects

ASN16276 (OVH, FR)

affcpatrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.81.51 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com

watch.primescreenstreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 108.157.142.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-142-129.mci50.r.cloudfront.net

primescreenstreams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a392 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.241.106 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-012.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.73 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.218.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.12.195 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-12-195.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.60.253 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-60-253.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.86 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.233.54.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-54-235.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:dcdb (United States)

ASN13335 (CLOUDFLARENET, US)

pushcity1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	primescreenstreams.com 1 redirects watch.primescreenstreams.com primescreenstreams.com	4 MB
17	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 sync.crwdcntrl.net — Cisco Umbrella Rank: 853 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	29 KB
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 12612 t.sharethis.com — Cisco Umbrella Rank: 5730 sync.sharethis.com — Cisco Umbrella Rank: 2756	17 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	3 KB
7	bluekai.com 3 redirects tags.bluekai.com — Cisco Umbrella Rank: 727 stags.bluekai.com — Cisco Umbrella Rank: 940	3 KB
6	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 490	6 KB
5	gstatic.com fonts.gstatic.com	75 KB
5	tapad.com 5 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
5	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	1 KB
5	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	3 KB
5	onaudience.com 5 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	2 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129	13 KB
4	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	1 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	1 KB
4	yahoo.com 4 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	1 KB
4	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	6 KB
3	pushcity1.xyz pushcity1.xyz	4 KB
3	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859	1 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1870	607 B
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7362	2 KB
3	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 12127 dp1.33across.com — Cisco Umbrella Rank: 7249	1 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13409 ic.tynt.com — Cisco Umbrella Rank: 11236 de.tynt.com — Cisco Umbrella Rank: 1526	9 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	34 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 348541	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	958 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 805	551 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1369	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1347	736 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	499 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	5 KB
2	wleads.xyz mytic.wleads.xyz	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	11 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	605 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	418 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 544	729 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	674 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	1 KB
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1531	324 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2794	550 B
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 1452	350 B
1	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22509	442 B
1	affcpatrk.com 1 redirects affcpatrk.com — Cisco Umbrella Rank: 777403	1 KB
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1555
1	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4440	178 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 6188	16 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	633 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	596 B
0	liadm.com Failed i.liadm.com — Cisco Umbrella Rank: 550 Failed
0	rezync.com Failed live.rezync.com Failed
0	mookie1.com Failed ib.mookie1.com Failed
116	53

	Domain	Requested by
25	primescreenstreams.com	primescreenstreams.com mytic.wleads.xyz
12	sync.crwdcntrl.net	2 redirects bcp.crwdcntrl.net
9	match.adsrvr.org	9 redirects
6	secure.adnxs.com	5 redirects mytic.wleads.xyz
6	tags.bluekai.com	2 redirects mytic.wleads.xyz de.tynt.com tags.bkrtx.com bcp.crwdcntrl.net
5	fonts.gstatic.com	fonts.googleapis.com
5	pixel.tapad.com	5 redirects
5	cm.g.doubleclick.net	3 redirects bcp.crwdcntrl.net
5	ps.eyeota.net	4 redirects mytic.wleads.xyz
5	pixel.onaudience.com	5 redirects
4	sync.sharethis.com	mytic.wleads.xyz bcp.crwdcntrl.net
4	idsync.rlcdn.com	3 redirects mytic.wleads.xyz
4	px.ads.linkedin.com	1 redirects mytic.wleads.xyz
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
3	pushcity1.xyz	primescreenstreams.com pushcity1.xyz
3	ml314.com	1 redirects mytic.wleads.xyz bcp.crwdcntrl.net
3	map.go.affec.tv	2 redirects mytic.wleads.xyz
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	pd.sharethis.com	e.dtscout.com mytic.wleads.xyz t.sharethis.com
3	t.dtscout.com	e.dtscout.com
3	maxcdn.bootstrapcdn.com	mytic.wleads.xyz
2	pushvisit.xyz	pushcity1.xyz
2	fonts.googleapis.com	primescreenstreams.com
2	pixel-sync.sitescout.com	2 redirects
2	dpm.demdex.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.smartadserver.com	1 redirects bcp.crwdcntrl.net
2	s.amazon-adsystem.com	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	ap.lijit.com	1 redirects mytic.wleads.xyz
2	dp2.33across.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	cms.analytics.yahoo.com	2 redirects
2	get.s-onetag.com	e.dtscout.com get.s-onetag.com
2	mytic.wleads.xyz	mytic.wleads.xyz
1	cdnjs.cloudflare.com	primescreenstreams.com
1	ce.lijit.com
1	um.simpli.fi	1 redirects
1	d.turn.com	1 redirects
1	aa.agkn.com	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.srv.stackadapt.com	1 redirects
1	loadus.exelator.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	a.dtssrv.com	e.dtscout.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	watch.primescreenstreams.com	1 redirects
1	affcpatrk.com	1 redirects
1	api.intentiq.com	data-beacons.s-onetag.com
1	track2.securedvisit.com	data-beacons.s-onetag.com
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	pippio.com	1 redirects
1	data-beacons.s-onetag.com	get.s-onetag.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	mytic.wleads.xyz
1	usermatch.krxd.net	1 redirects
1	de.tynt.com	cdn.tynt.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	ic.tynt.com	mytic.wleads.xyz
1	cdn.tynt.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	mytic.wleads.xyz
0	i.liadm.com Failed
0	live.rezync.com Failed
0	ib.mookie1.com Failed	bcp.crwdcntrl.net
116	70

This site contains no links.

Subject Issuer	Validity	Valid
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
primescreenstreams.com Amazon RSA 2048 M01	`2023-09-14` - `2024-10-12`	a year	crt.sh
dtssrv.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.rqtrk.eu RapidSSL TLS RSA CA G1	`2023-06-01` - `2024-05-31`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
pushcity1.xyz GTS CA 1P5	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Frame ID: 33CEEA42073F88E647E10802161C1655
Requests: 74 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001706490880456E0414CDF974EAAB
Frame ID: 46DB14846D930CF8EA94886B5B06D4F9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: AD7B4C08B318133DA7060C6B26949AD6
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212334976291479&ret=html&random=1706490880
Frame ID: 9A03BC317D2ADC3328EEE1EBDBB19B74
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: F344821E3008438DE0A73C02FD2E68D4
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: AA9D7E97B6F37D98E6E59B7A4BA754D4
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPGvsHFisr_UPr7MjF-QmAo&google_cver=1
Frame ID: 89EB7ECF6577DCA00BF3460018B824EA
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=89994
Frame ID: 87AA3D0A533848775AC69FFA78C60A81
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 0097084419DC365F5DE515BAAAA99DBA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Frame ID: F6DA6D5D9138546335003BADA5CB9BC9
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 88031B2F6C88DEC26B8D9FC6599D1EEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PrimeScreen - Access to unlimited Movies and Sport!

Page URL History Show full URLs

http://mytic.wleads.xyz/register.php?sub=hilux Page URL
http://affcpatrk.com/link?id=6584377f0332454a0f573137&aff_sub2=hilux HTTP 302
https://watch.primescreenstreams.com/click?pid=1522&offer_id=82180&l=1693486782&to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcm... HTTP 302
https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVh... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

116
Requests

68 %
HTTPS

23 %
IPv6

53
Domains

70
Subdomains

47
IPs

7
Countries

3905 kB
Transfer

4263 kB
Size

100
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mytic.wleads.xyz/register.php?sub=hilux Page URL
http://affcpatrk.com/link?id=6584377f0332454a0f573137&aff_sub2=hilux HTTP 302
https://watch.primescreenstreams.com/click?pid=1522&offer_id=82180&l=1693486782&to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP3BpZD0xNTIyJm9mZmVyX2lkPTgyMTgw&sub1=65b6fc035df50f3b088e20d3&sub5=65719a9c996be9b8804fb681&sub6= HTTP 302
https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://pixel.onaudience.com/?partner=137085098&mapped=6D001706490880456E0414CDF974EAAB HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-YhPfGWZE2pQiDfZOJaq5MDYQ.xLaXFgWNw--~A&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f10daea04ca1bce1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=f10daea04ca1bce1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6719206339047e0c11a1e7fb48fbcf28&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=308c9963372ce69d HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=

Request Chain 21

http://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C HTTP 307
https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Request Chain 22

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706490880669.6 HTTP 302
https://tags.bluekai.com/site/27519?id=212334976291479&ret=html&random=1706490880

Request Chain 23

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706490880669.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706490880669.1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkJmbFFyTC1tbmw1RDgycDV0WE94WEN6eFRQT1NFcVZRMUVVVnA4ckRfOVE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkJmbFFyTC1tbmw1RDgycDV0WE94WEN6eFRQT1NFcVZRMUVVVnA4ckRfOVE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENIT6kh53Zt3NZ2iSie4Z_I&google_cver=1

Request Chain 24

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2&expected_cookie=92c8edd7-d909-40fa-ae4e-4b9c3a288770

Request Chain 25

https://map.go.affec.tv/map/3a/?pid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&ts=1706490880669.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b6fc00c9576b0001e9b4b9%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65b6fc00c9576b0001e9b4b9%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/957343401205608727?ch=65b6fc00c9576b0001e9b4b9&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/38afbb98-ab50-4f4a-9e80-03d10d9abaa7?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 26

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 27

https://dp2.33across.com/ps/?pid=1205&rand=1706490880669.5 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212439925923384

Request Chain 28

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.7&pu=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212461255148182&seg_code=33x&random=1706490880 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212461255148182%26seg_code%3D33x%26random%3D1706490880

Request Chain 32

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=

Request Chain 33

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdVQUJXVzIvQUFBQUFBSURlZThBdz09EAAaDQiA-NutBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&rand=00633921

Request Chain 34

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2HzZ2pJUHsrlFsbrPwrGQbDO4IcUb4WGS6V59tztTbgU&gdpr=0&gdpr_consent=

Request Chain 35

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641682498129756229 HTTP 307
https://ml314.com/csync.ashx?fp=fb7da8a92522b31e7bdb8231504fa2b89d9b15fcd19c1828c85486d676e2b5dbf4cb09cee1a4f8eb&person_id=3641682498129756229&eid=50082

Request Chain 36

https://tags.bluekai.com/site/59574?id=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 38

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 39

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=57838736 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=WVo0YmVId005OVlrMmZqaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPGvsHFisr_UPr7MjF-QmAo&google_cver=1

Request Chain 49

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=6719206339047e0c11a1e7fb48fbcf28 HTTP 307
https://cm.mgid.com/m?c=6719206339047e0c11a1e7fb48fbcf28&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 50

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28&dcc=t

Request Chain 52

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 53

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A236DB4-AA68-47ED-B734-BC6112E4960E&gdpr=0

Request Chain 54

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7/gdpr=0/gdpr_consent=

Request Chain 55

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch= HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D4ab86f06-bcc2-461a-b713-b53cc197bd32%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5354349388531268674&pt=4ab86f06-bcc2-461a-b713-b53cc197bd32%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D4ab86f06-bcc2-461a-b713-b53cc197bd32%2C HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4ab86f06-bcc2-461a-b713-b53cc197bd32

Request Chain 56

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=b73a861c08fb52448514e7d3878c4685

Request Chain 58

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34349640516712727834051638257611467702/gdpr=0

Request Chain 60

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=6719206339047e0c11a1e7fb48fbcf28 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6719206339047e0c11a1e7fb48fbcf28

Request Chain 62

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d8b92780-258e-5bdf-45df-9b3859e34aeb$ip$96.9.249.35&gdpr=0&gdpr_consent=

Request Chain 63

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kYXKrv5E2pxLjrWw_9SpWVavIjCmwFw2M6Y-~A&gdpr=0

Request Chain 64

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69-65b6fc02-5553/gdpr=0

Request Chain 70

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6719206339047e0c11a1e7fb48fbcf28/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4286438472597518537/gdpr=0

Request Chain 71

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=514336319 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5354349388531268674/gdpr=0/rand=514336319

Request Chain 72

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEdqASZHu8SlZMuOR2CH0z5W&rnd=18702 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEdqASZHu8SlZMuOR2CH0z5W&rnd=18702&_li_chk=true&previous_uuid=d1446bf64aed4a4382c79dd37b4edde5 HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4286438472597518537 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d1446bf6-4aed-4a43-82c7-9dd37b4edde5

Request Chain 74

https://um.simpli.fi/lj_match?r=72959 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F90A7F8248BC4D2DB4FC9953E9F356ED

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK register.php Show response
mytic.wleads.xyz/ 5 KB
2 KB 1460ms
399ms Document
text/html 2001:df7:5300:2::71
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

2001:df7:5300:2::71 Jakarta, Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

DomaiNesia /

Resource Hash

df25dd8158393a45dac9f085ef70fcd6ef01a32bdede5a85da19ee6b2f9a68f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
DN-Request-Id: e84277d65d28d0d51f35b78f2561580f
Date: Mon, 29 Jan 2024 01:14:39 GMT
Dynamic-Cache-Status: BYPASS
Server: DomaiNesia
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
mytic.wleads.xyz/include/css/ 2 KB
1 KB 376ms
375ms Stylesheet
text/css 2001:df7:5300:2::71
IDNIC-DENEVA-AS-I...

General

Check archive.org

Show headers Download Go to

Full URL

http://mytic.wleads.xyz/include/css/style.css

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

2001:df7:5300:2::71 Jakarta, Indonesia, ASN138115 (IDNIC-DENEVA-AS-ID PT Deneva, ID),

Reverse DNS

Software

DomaiNesia /

Resource Hash

1427c68123b706628304227b0877d16a6b9ffe0b16b3c9d20345425b3805db84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
DN-Request-Id: f0493a1ef9f35a3340a62f347289c23b
Last-Modified: Tue, 29 Mar 2016 17:26:38 GMT
Server: DomaiNesia
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Static-Cache-Status: REVALIDATED
Cache-Control: max-age=2592000
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Wed, 28 Feb 2024 01:14:39 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
7 KB 64ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:39 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 617, 617
Age: 5756211
Transfer-Encoding: chunked
CDN-CachedAt: 2021-04-13 02:55:53
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
access-control-allow-origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: a4c754a17577d74a872d3c9c794d1a4f
timing-allow-origin: *
CDN-RequestCountryCode: US
CF-RAY: 84cd9e9ddc324bcf-BUF
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
24 KB 70ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 912
Age: 5580328
Transfer-Encoding: chunked
CDN-CachedAt: 06/19/2022 18:35:14
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:58 GMT
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
Server: cloudflare
ETag: W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 2042e61f4290acfb90c02e70d937c0b8
timing-allow-origin: *
CDN-RequestCountryCode: US
CDN-Status: 200
CF-RAY: 84cd9e9dd9394bc3-BUF
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 19 KB
4 KB 67ms
36ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 845
Age: 5844689
Transfer-Encoding: chunked
CDN-CachedAt: 07/18/2022 02:30:42
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:58 GMT
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
Server: cloudflare
ETag: W/"89b29714ad4aaaa3953ef3b51cf9c43a"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 33aee1965e06118563b83c6b33fe4451
timing-allow-origin: *
CDN-RequestCountryCode: US
CDN-Status: 200
CF-RAY: 84cd9e9dd93a4bc3-BUF
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 80ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Server: cloudflare
Age: 51001
ETag: "-375139978"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 84cd9ea039ba4bc9-BUF
Content-Length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 379 B
514 B 90ms
25ms Script
text/html 149.56.240.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4833994&@f16&@g1&@h1&@i1&@j1706490880079&@k0&@l1&@mCLAIM%20NOW&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:112004479&@b3:1706490880&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttp%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash: a530f200e5e84605122d904bf4e4983898ea4879ce7c610acec142218d8bdbef

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:37 GMT
Connection: close
Content-Length: 379
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 7 KB
4 KB 118ms
79ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4833994&@f16&@g1&@h1&@i1&@j1706490880079&@k0&@l1&@mCLAIM%20NOW&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:112004479&@b3:1706490880&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttp%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&@w
Protocol: HTTP/1.1
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ba726992def4811f2cc7e2ed4355ce16bf9b0d1e1d7a233063037ee3ad2902

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
X-T: 0.233
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg2%2BERcuQCeKzRxs147ef5NNry2827cyOaQV6ylFoBJdGwGXa8Wh7wObkvttf7M3XUW3d3bhem%2Bnt3fhRsTdUxUOA3Q2UuF1ib0zJcwglAN1J0CfRGqsDj46N6V9qx6mIe21jvetgvydU%2Fo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-S: mtl1
CF-RAY: 84cd9ea16cf54bd8-BUF
Expires: Mon, 29 Jan 2024 01:14:39 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 46DB 1 KB
919 B 144ms
72ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001706490880456E0414CDF974EAAB
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e446ae247fac9ab3a16cb8b1d3cb60b020f86a74016a4d1debb9d14c41b873be

Request headers

Referer: http://mytic.wleads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84cd9ea26b534bc9-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:14:40 GMT
expires: Mon, 29 Jan 2024 01:14:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXQDfoGTNs0r%2B9okA3tFazGlKfo0egy26aNtmpLoL9TwhhtUQuXZLzWajYQk%2BaEA2rJixvi6thh8fbMWd%2BVNoYpYfr%2FbWL%2FQmvgU3yFI0FvC5a%2FmgVhfVrfgnS9jRHPvQyEkk9GJEk%2F1yy4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 165ms
49ms Script
text/javascript 108.157.142.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-40.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:34:48 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront)
x-amz-cf-pop: MCI50-P1
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 20393
x-amz-cf-id: HzTM2upIvwXWBQ7bFCbmOV4fdVKqeYEj68qN1_TbCBfogiM66opLWQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 193ms
42ms Script
application/javascript 18.220.111.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.111.101 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-111-101.us-east-2.compute.amazonaws.com

Software

Resource Hash

00597cc541a08823313afe238d6ac2a6675682a862e92e1fe5c0275d52729230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 145ms
44ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 45303
etag: W/"651ed192-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84cd9ea29932a252-YYZ
expires: Thu, 01 Feb 2024 01:14:40 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
360 B 146ms
75ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=mytic.wleads.xyz&_ss=5i4r39tx1p&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=672j&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55490a7e8ea5499528e533fb4f921369d3a2cdcb72d29c7ffd09103d9b629122

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
x-t: 0.191
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGFM1HIxWiDPy%2F%2BsG8E0RvggUn3m32eck41RIVXH2HAVMWoIzUcUqsB03stmmWbQY01jHys0VP15LMwvZCE43OGcPoiA%2FH63HLW2Z73S6gy2AUhQEwsVQSVdEH2PX4xbB5br9Yn0eAdZqyU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84cd9ea26b544bc9-BUF
expires: Mon, 29 Jan 2024 01:14:39 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 121ms
28ms Image
image/gif 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1706490880458&dn=AFWU&iso=0&pu=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&t=CLAIM%20NOW
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 132ms
34ms Script
text/javascript 54.230.163.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:57:47 GMT
content-encoding: gzip
via: 1.1 2ca278c258e2c9c6a2d0cc60b816bd50.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 69414
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JjK3Ntr7-iLaBWdnIrw3XS1kLl1batT8fTzWxLV6t5CfdDGi23jygg==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
596 B 127ms
54ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001706490880456E0414CDF974EAAB&nid=300&p=836148727&t=600&s=1600x1200x24&u=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&r=
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
x-t: 0.95
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sxu67PjQrgbHlxNMwa8VnEJvxyzOsa3Vwosgxhfoq2q39U5oT7J0sfhhBnq9TbL%2Fmipjt3rhaT9NuKdoK8f1atp6lHTbhsnT6%2BZE6d2TN5XFZlCC4c3wt5fzyhEI3KbBMXjuYSAd8hR97w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 84cd9ea39aa94bcd-BUF
expires: Mon, 29 Jan 2024 01:15:14 GMT

GET
H2

200

5386
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001706490880456E0414CDF974EAAB
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&icm&gdpr=0&gdpr_consent=&cver
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-YhPfGWZE2pQiDfZOJaq5MDYQ.xLaXFgWNw--~A&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f10daea04ca1bce1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=f10daea04ca1bce1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6719206339047e0c11a1e7fb48fbcf28&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=308c9963372ce69d
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=

62 B
307 B

105ms
104ms

Image
image/gif

23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 29 Jan 2024 01:14:42 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/5386?id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=
date: Mon, 29 Jan 2024 01:14:41 GMT
server: Kestrel
content-length: 221

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
464 B 123ms
31ms Fetch
application/json 18.173.132.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-23.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:41:38 GMT
via: 1.1 7cd90bfbf5a6ee327baf597a703e2422.cloudfront.net (CloudFront), 1.1 d7365e331e2f3aa085a6501cac42bb72.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 30782
x-amzn-requestid: 877cfaa7-9434-41a5-9290-ccf247dbaf2b
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SQmGaGw-CYcEmDw=
content-length: 50
x-amz-cf-id: KN8sndgEVZp6XkXwOXHosr854rFnoKF8Db0lBVX0Z55BXLKsgXNzWA==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 143ms
28ms Script
application/javascript 23.48.224.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9806690426645928&stid=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.242 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-242.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Mon, 29 Jan 2024 02:14:40 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 41ms
39ms Image
image/gif 18.220.111.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&event_source=dtscout&rnd=0.9806690426645928&exptid=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&fcmp=false

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.111.101 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-111-101.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 73ms
54ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&pu=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 9c84ee0532b479541d5ab45b1095e7dd2511fadff4fc4380c21bda7a23464520

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 29 Jan 2024 01:14:39 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1382
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

t_.htm Show response
t.sharethis.com/a/ Frame AD7B
Redirect Chain

http://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

2 KB
1 KB

29ms
28ms

Document
text/html

23.48.224.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9806690426645928&stid=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.242 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-242.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: http://mytic.wleads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Mon, 29 Jan 2024 01:14:40 GMT
Expires: Mon, 05 Feb 2024 01:14:40 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C#cid=c010&cls=C&rnd=0.9806690426645928&stid=ZGUABWW2%252FAAAAAAIDee8Aw%253D%253D&tt=t.dhj&dhjLcy=1706490880661&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=mytic.wleads.xyz&pn=%2Fregister.php&qs=sub%3Dhilux&rdn=mytic.wleads.xyz&rpn=%2Fregister.php&rqs=sub%3Dhilux&cc=US&cont=NA&ipaddr=
Non-Authoritative-Reason: HSTS

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame 9A03
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706490880669.6
https://tags.bluekai.com/site/27519?id=212334976291479&ret=html&random=1706490880

71 B
553 B

211ms
114ms

Document
text/html

23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212334976291479&ret=html&random=1706490880
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&pu=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: http://mytic.wleads.xyz/register.php?sub=hilux
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

bk-server: 41a8
content-length: 71
content-type: text/html
date: Mon, 29 Jan 2024 01:14:40 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Mon, 29 Jan 2024 01:14:40 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212334976291479&ret=html&random=1706490880
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP018
x-33x-status: 400000000040080C

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706490880669.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1706490880669.1
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkJmbFFyTC1tbmw1RDgycDV0WE94WEN6eFRQT1NFcVZRMUVVVnA4ckRfOVE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkJmbFFyTC1tbmw1RDgycDV0WE94WEN6eFRQT1NFcVZRMUVVVnA4ckRfOVE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENIT6kh53Zt3NZ2iSie4Z_I&google_cver=1

70 B
440 B

43ms
43ms

Image
image/gif

18.207.77.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENIT6kh53Zt3NZ2iSie4Z_I&google_cver=1
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: HTTP/1.1
Server: 18.207.77.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-77-150.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 29 Jan 2024 01:14:41 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENIT6kh53Zt3NZ2iSie4Z_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2&expected_cookie=92c8edd7-d909-40fa-ae4e-4b9c3a288770

0
142 B

138ms
137ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2&expected_cookie=92c8edd7-d909-40fa-ae4e-4b9c3a288770
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7700A6511A0D449CA6978DB0E7322883 Ref B: EWR311000102047 Ref C: 2024-01-29T01:14:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQC17FnX9xNZ1oVviseQ==

Redirect headers

date: Mon, 29 Jan 2024 01:14:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FC30CF9B8B9343EDAAC49D15FF291BD6 Ref B: EWR311000102047 Ref C: 2024-01-29T01:14:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=15927&puuid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&_rand=1706490880669.2&expected_cookie=92c8edd7-d909-40fa-ae4e-4b9c3a288770
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQC17DgB5c/KPzHDRabQ==

GET
H2

204

38afbb98-ab50-4f4a-9e80-03d10d9abaa7
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&ts=1706490880669.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b6fc00c9576b0001e9b4b9%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65b6fc00c9576b0001e9b4b9%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/957343401205608727?ch=65b6fc00c9576b0001e9b4b9&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/38afbb98-ab50-4f4a-9e80-03d10d9abaa7?ttd_puid=&gdpr=0&gdpr_consent=

0
560 B

39ms
37ms

Image
text/plain

52.203.254.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/38afbb98-ab50-4f4a-9e80-03d10d9abaa7?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 52.203.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-254-206.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:41 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/38afbb98-ab50-4f4a-9e80-03d10d9abaa7?ttd_puid=&gdpr=0&gdpr_consent=
date: Mon, 29 Jan 2024 01:14:41 GMT
server: Kestrel
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&ttd_puid=4ab86f06-bcc2-461a-b713-b53cc197bd32%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

162ms
40ms

Image
text/plain

52.204.253.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 52.204.253.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-253-76.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n008-ash-prod.krxd.net
date: Mon, 29 Jan 2024 01:14:41 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1706490881
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Mon, 29 Jan 2024 01:14:41 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1706490880669.5
https://idsync.rlcdn.com/405716.gif?partner_uid=212439925923384

42 B
289 B

131ms
57ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212439925923384
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:40 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212439925923384
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW2%2FAB6mWRPBvLkAg%3D%3D&us_privacy=&random=1706490880669.7&pu=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212461255148182&seg_code=33x&random=1706490880
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212461255148182%26seg_code%3D33x%26random%3D1706490880

43 B
1 KB

38ms
36ms

Image
image/gif

68.67.160.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212461255148182%26seg_code%3D33x%26random%3D1706490880

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

Server

68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/register.php?sub=hilux
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:41 GMT
an-x-request-uuid: d0664f5d-0f91-4e08-a474-54f60429f581
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.35; 96.9.249.35; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:41 GMT
an-x-request-uuid: 2a4701d7-9a29-4ae7-9ce9-35903869965e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212461255148182%26seg_code%3D33x%26random%3D1706490880
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 122ms
25ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 3a80316ee74668c7049eb31054a07168.cloudfront.net (CloudFront)
date: Mon, 29 Jan 2024 01:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 256
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PWy5B4fTVTHl2K-MT0eIV8t7LREVwY2mxnqHeIyYwzbdRoP02o3wPA==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame F344 19 KB
9 KB 31ms
31ms Script
text/javascript 23.48.224.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.242 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-242.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Mon, 05 Feb 2024 01:14:40 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame AA9D 438 B
675 B 38ms
36ms Script
application/javascript 18.220.111.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.220.111.101 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-220-111-101.us-east-2.compute.amazonaws.com

Software

Resource Hash

68f38dfa311954c7dd925783e39c392f84134c1c343b8fb1502437a5ad4efe0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame F344
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=

42 B
297 B

194ms
36ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGUABWW2/AAAAAAIDee8Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7&gdpr=0&gdpr_consent=
date: Mon, 29 Jan 2024 01:14:40 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame F344
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdVQUJXVzIvQUFBQUFBSURlZThBdz09EAAaDQiA-NutBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&rand=00633921

0
143 B

145ms
141ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&rand=00633921
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9108401566B944BE8B32203FB26FA15D Ref B: EWR311000102047 Ref C: 2024-01-29T01:14:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQC17JEcIyFQPPyHbijg==

Redirect headers

date: Mon, 29 Jan 2024 01:14:41 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=53a27cbe8b2733169bedb931e2e99a3f6685870c119298046b9446897beec5da791426b5417dce21&rand=00633921
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame F344
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2HzZ2pJUHsrlFsbrPwrGQbDO4IcUb4WGS6V59tztTbgU&gdpr=0&gdpr_consent=

42 B
297 B

182ms
37ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2HzZ2pJUHsrlFsbrPwrGQbDO4IcUb4WGS6V59tztTbgU&gdpr=0&gdpr_consent=

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGUABWW2/AAAAAAIDee8Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2HzZ2pJUHsrlFsbrPwrGQbDO4IcUb4WGS6V59tztTbgU&gdpr=0&gdpr_consent=
Date: Mon, 29 Jan 2024 01:14:40 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame F344
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641682498129756229
https://ml314.com/csync.ashx?fp=fb7da8a92522b31e7bdb8231504fa2b89d9b15fcd19c1828c85486d676e2b5dbf4cb09cee1a4f8eb&person_id=3641682498129756229&eid=50082

43 B
115 B

74ms
72ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=fb7da8a92522b31e7bdb8231504fa2b89d9b15fcd19c1828c85486d676e2b5dbf4cb09cee1a4f8eb&person_id=3641682498129756229&eid=50082
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 01:14:41 GMT
date: Mon, 29 Jan 2024 01:14:41 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Mon, 29 Jan 2024 01:14:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=fb7da8a92522b31e7bdb8231504fa2b89d9b15fcd19c1828c85486d676e2b5dbf4cb09cee1a4f8eb&person_id=3641682498129756229&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame F344
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

144ms
36ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGUABWW2/AAAAAAIDee8Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Mon, 29 Jan 2024 01:14:40 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame AA9D 51 KB
16 KB 187ms
53ms Script
application/javascript 23.79.184.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.79.184.99 Marietta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-184-99.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Mon, 29 Jan 2024 01:14:40 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Mon, 05 Feb 2024 01:14:40 GMT

GET
H2

200

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
330 B

46ms
45ms

Fetch
application/json

52.206.55.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Server: 52.206.55.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-55-165.compute-1.amazonaws.com
Software: /
Resource Hash: 46bff755d9f1459d90ececf9421affbd7beb2c669fac19d66492e9192155eeb8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:40 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: http://mytic.wleads.xyz
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

Redirect headers

location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin: http://mytic.wleads.xyz
date: Mon, 29 Jan 2024 01:14:40 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

2981 Show response
tags.bluekai.com/site/ Frame 89EB
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGUABWW2%2FAAAAAAIDee8Aw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%...
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=WVo0YmVId005OVlrMmZqaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPGvsHFisr_UPr7MjF-QmAo&google_cver=1

62 B
307 B

127ms
126ms

Document
image/gif

23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPGvsHFisr_UPr7MjF-QmAo&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Mon, 29 Jan 2024 01:14:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:14:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPGvsHFisr_UPr7MjF-QmAo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 151ms
49ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEdqASZHu8SlZMuOR2CH0z5W
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:41 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 87AA 0
0 172ms
67ms Document
text/plain 108.157.142.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=89994
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-88.mci50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Mon, 29 Jan 2024 01:14:42 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 5f530432caa659f8479164b3918f641e.cloudfront.net (CloudFront)
x-amz-cf-id: vF4SCY2eWx5FPB_SThc-dHPilUm_zohMvlQXa3SoDBdI_BOkx_4zow==
x-amz-cf-pop: MCI50-P1
x-cache: Miss from cloudfront

GET
H2 200 optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 82ms
29ms XHR
application/json 54.230.163.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 11:45:25 GMT
content-encoding: gzip
via: 1.1 9dcf1f784090d97aac2d38aa49e628e2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 48558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-id: CRD6Gpy0QwX6vUXENTUF9MhMAVZ4sYGBEtNsaKlsmw2LgeH3EPbDjQ==

GET
H2

200

Primary Request index.php Show response
primescreenstreams.com/lp/tnk/movieAngleBlack/
Redirect Chain

http://affcpatrk.com/link?id=6584377f0332454a0f573137&aff_sub2=hilux
https://watch.primescreenstreams.com/click?pid=1522&offer_id=82180&l=1693486782&to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP3BpZD0xNTIyJm9mZmVyX2lkPTgyMTgw&sub1=65b6fc035df50f3b088e...
https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJn...

7 KB
3 KB

519ms
333ms

Document
text/html

108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 557a903400af72db6126985c5a5ca38196c833e51b4bfb6f7312ae2040ff37e9

Request headers

Referer: http://mytic.wleads.xyz/register.php?sub=hilux
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

apigw-requestid: SRxQqh9VDoEEP7g=
content-encoding: gzip
content-length: 2320
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:14:43 GMT
server: nginx
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
x-amz-cf-id: n-aXbOsh2VTP2aWSXqj__76-b4UlhaMmUl6S_p18bD1moNR1X7Mlnw==
x-amz-cf-pop: MCI50-P1
x-cache: Miss from cloudfront

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 01:14:43 GMT
location: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

POST
H2 200 /
t.dtscout.com/pv/ 0
333 B 72ms
71ms Ping
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeru0fos3AC5KwtH

Response headers

date: Mon, 29 Jan 2024 01:14:42 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjaQqB2ttvUWm6dl5fk3M8ViNLvFUuNkDvJv%2F2H3ofwslZxjDgkBVtGW8fDvwCxNHmukYPjL%2FVZtADmjJVyfC1ZYhPKOgylXMD05baX4U%2Bh7nSSAC8QtUvjorel%2B2Ry2SXNS9D9HNKAYuos%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84cd9eadd88c4bc9-BUF
expires: Mon, 29 Jan 2024 01:14:41 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 131ms
40ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 01:14:42 GMT
content-length: 0
vary: Origin

POST
H2 200 data
bcp.crwdcntrl.net/6/ 317 B
1 KB 87ms
72ms XHR
application/json 52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://mytic.wleads.xyz
cache-control: no-cache
x-server: 10.40.15.207
access-control-allow-credentials: true
content-length: 317
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
442 B 121ms
53ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=6D001706490880456E0414CDF974EAAB&k=lotpano&v=fc071abd646f68ca84c788d2ffbca9fb927ac0a6d597dc23030c3d269c4c0a25
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fmytic.wleads.xyz%2Fregister.php%3Fsub%3Dhilux&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lFkH6%2BPGi0qaePXhCsj0qEPR4nQ%2BCtrASbU0OQtb%2BgT5LOCiLUHd2F6kEJiQWgFjOnkbK6GgOR1Xitno5CvAmbZ3Vcm9t2ex7T8mCYvZZrvnYRF56mf7t8NWIiS5a%2BNqika5Wo8ml%2BqIl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84cd9eaf6b484bc1-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 0097 2 KB
1 KB 29ms
28ms Document
text/html 54.230.163.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-124.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 69424
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sun, 28 Jan 2024 05:57:39 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2ca278c258e2c9c6a2d0cc60b816bd50.cloudfront.net (CloudFront)
x-amz-cf-id: YeDO94pOAf8Ujo246zi8jqe6fLqotTV1rdr7W2xc8a_PihRB_r3ehg==
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels
bcp.crwdcntrl.net/ Frame F6DA 4 KB
4 KB 40ms
40ms Document
text/html 52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 4003
content-type: text/html
date: Mon, 29 Jan 2024 01:14:42 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.12.241

GET
H2

200

m
cm.mgid.com/ Frame F6DA
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=6719206339047e0c11a1e7fb48fbcf28
https://cm.mgid.com/m?c=6719206339047e0c11a1e7fb48fbcf28&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

58ms
56ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=6719206339047e0c11a1e7fb48fbcf28&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 84cd9eb089064bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=6719206339047e0c11a1e7fb48fbcf28&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 84cd9eb018d34bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F6DA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28&dcc=t

43 B
855 B

63ms
62ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 01:14:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D3KY7AF08441MEAXQ9Q1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 01:14:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 89XWDTKXJ4QNE6S0REYG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=6719206339047e0c11a1e7fb48fbcf28&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
wt.rqtrk.eu/ Frame F6DA 43 B
350 B 85ms
26ms Image
image/gif 51.222.241.106
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=685950284&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=6719206339047e0c11a1e7fb48fbcf28
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.241.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-012.roqad.pl
Software: istio-envoy /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 43
expires: Mon, 29 Jan 2024 01:14:41 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame F6DA
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

0
316 B

32ms
31ms

Image
text/plain

216.22.16.73
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Server: 216.22.16.73 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F6DA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A236DB4-AA68-47ED-B734-BC6112E4960E&gdpr=0

49 B
265 B

57ms
54ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A236DB4-AA68-47ED-B734-BC6112E4960E&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.58.242
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4A236DB4-AA68-47ED-B734-BC6112E4960E&gdpr=0
date: Mon, 29 Jan 2024 01:14:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7/gdpr=0/ Frame F6DA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7/gdpr=0/gdpr_consent=

49 B
265 B

54ms
52ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.212
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=38afbb98-ab50-4f4a-9e80-03d10d9abaa7/gdpr=0/gdpr_consent=
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Kestrel
content-length: 249

GET
H2

200

tpid=4ab86f06-bcc2-461a-b713-b53cc197bd32
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame F6DA
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4ab86f06-bcc2-461a-b713-b53cc197bd32%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5354349388531268674&pt=4ab86f06-bcc2-461a-b713-b53cc197bd32%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4ab86f06-bcc2-461a-b713-b53cc197bd32

49 B
265 B

46ms
46ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4ab86f06-bcc2-461a-b713-b53cc197bd32
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.48.159
content-length: 49
expires: 0

Redirect headers

date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4ab86f06-bcc2-461a-b713-b53cc197bd32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=b73a861c08fb52448514e7d3878c4685
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame F6DA
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=b73a861c08fb52448514e7d3878c4685

49 B
265 B

56ms
55ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=b73a861c08fb52448514e7d3878c4685
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.56.217
content-length: 49
expires: 0

Redirect headers

date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s1a-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=b73a861c08fb52448514e7d3878c4685
access-control-allow-origin: *
cache-control: no-store
cf-ray: 84cd9eb00b5ba1ec-YYZ
expires: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame F6DA 0
324 B 162ms
37ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=6719206339047e0c11a1e7fb48fbcf28&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34349640516712727834051638257611467702/ Frame F6DA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34349640516712727834051638257611467702/gdpr=0

49 B
265 B

45ms
44ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34349640516712727834051638257611467702/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.168
content-length: 49
expires: 0

Redirect headers

dcs: dcs-prod-va6-2-v053-0e893f715.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: eytN/OX5S/M=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=34349640516712727834051638257611467702/gdpr=0
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame F6DA 42 B
297 B 40ms
37ms Image
image/gif 3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:14:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGUABWW2/AAAAAAIDee8Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET

image.sbxx
ib.mookie1.com/ Frame F6DA
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=6719206339047e0c11a1e7fb48fbcf28
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6719206339047e0c11a1e7fb48fbcf28

0
0

GET
H3 200 utsync.ashx
ml314.com/ Frame F6DA 43 B
60 B 73ms
69ms Image
image/gif 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=6719206339047e0c11a1e7fb48fbcf28&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Tue, 30 Jan 2024 01:14:42 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F6DA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d8b92780-258e-5bdf-45df-9b3859e34aeb$ip$96.9.249.35&gdpr=0&gdpr_consent=

49 B
264 B

47ms
46ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d8b92780-258e-5bdf-45df-9b3859e34aeb$ip$96.9.249.35&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.55.18
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-d8b92780-258e-5bdf-45df-9b3859e34aeb$ip$96.9.249.35&gdpr=0&gdpr_consent=
Date: Mon, 29 Jan 2024 01:14:42 GMT
Connection: keep-alive
Content-Length: 165
Content-Type: text/html; charset=utf-8

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F6DA
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kYXKrv5E2pxLjrWw_9SpWVavIjCmwFw2M6Y-~A&gdpr=0

49 B
265 B

50ms
48ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kYXKrv5E2pxLjrWw_9SpWVavIjCmwFw2M6Y-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.48.109
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kYXKrv5E2pxLjrWw_9SpWVavIjCmwFw2M6Y-~A&gdpr=0
date: Mon, 29 Jan 2024 01:14:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69-65b6fc02-5553/ Frame F6DA
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69-65b6fc02-5553/gdpr=0

49 B
264 B

59ms
58ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69-65b6fc02-5553/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.63.21
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69-65b6fc02-5553/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame F6DA 0
674 B 151ms
33ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=6719206339047e0c11a1e7fb48fbcf28&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F6DA 170 B
188 B 48ms
46ms Image
image/png 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NjcxOTIwNjMzOTA0N2UwYzExYTFlN2ZiNDhmYmNmMjg&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame F6DA 62 B
307 B 233ms
229ms Image
image/gif 23.62.105.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=d8c8c2b7c79f617b739988ebd7356746
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-105-110.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 29 Jan 2024 01:14:42 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json
aa.agkn.com/adscores/ Frame F6DA 108 B
729 B 119ms
35ms Script
application/json 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
via: 1.1 79f9fb603ee37517dbf3cd108c449392.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 108
x-amz-cf-id: TlaoatajwetPqZSV9LavkPPVOWRll7UgaCU1uuQBWDDO5lgQHHl-ow==
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F6DA 170 B
188 B 43ms
41ms Image
image/png 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=NjcxOTIwNjMzOTA0N2UwYzExYTFlN2ZiNDhmYmNmMjg&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4286438472597518537/ Frame F6DA
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6719206339047e0c11a1e7fb48fbcf28/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4286438472597518537/gdpr=0

49 B
265 B

48ms
48ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4286438472597518537/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.51.222
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4286438472597518537/gdpr=0
pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=514336319
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5354349388531268674/gdpr=0/ Frame F6DA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=514336319
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5354349388531268674/gdpr=0/rand=514336319

49 B
265 B

53ms
52ms

Image
image/gif

52.71.57.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5354349388531268674/gdpr=0/rand=514336319
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C153%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C81%2C78%2C61%2C54%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-57-44.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.13.170
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:14:42 GMT
an-x-request-uuid: 1186e233-6859-4d41-9d6e-8038604af707
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5354349388531268674/gdpr=0/rand=514336319
x-proxy-origin: 96.9.249.35; 96.9.249.35; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
live.rezync.com/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEdqASZHu8SlZMuOR2CH0z5W&rnd=18702
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEdqASZHu8SlZMuOR2CH0z5W&rnd=18702&_li_chk=true&previous_uuid=d1446bf64aed4a4382c79dd37b4edde5
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4286438472597518537
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d1446bf6-4aed-4a43-82c7-9dd37b4edde5

0
0

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
144 B 137ms
137ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IEdqASZHu8SlZMuOR2CH0z5W&rand=40677&pu=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:42 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C31D55FBE0334B41B51006A341539FA6 Ref B: EWR311000102047 Ref C: 2024-01-29T01:14:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQC17mJCGhHT+ZUW5M7Q==

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=72959
https://ce.lijit.com/merge?pid=2&3pid=F90A7F8248BC4D2DB4FC9953E9F356ED

43 B
495 B

252ms
51ms

Image
image/gif

18.233.54.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F90A7F8248BC4D2DB4FC9953E9F356ED
Protocol: H2
Server: 18.233.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-54-235.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mytic.wleads.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Mon, 29 Jan 2024 01:14:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 29 Jan 2024 01:14:43 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F90A7F8248BC4D2DB4FC9953E9F356ED
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 28 Jan 2024 01:14:43 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F344 0
289 B 30ms
29ms Image
text/plain 23.48.224.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGUABWW2%252FAAAAAAIDee8Aw%253D%253D&tt=t.dhj&dhjLcy=1706490880661&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=mytic.wleads.xyz&pn=%2Fregister.php&qs=sub%3Dhilux&rdn=mytic.wleads.xyz&rpn=%2Fregister.php&rqs=sub%3Dhilux&cc=US&cont=NA&evid=8LGyS1YAXTxq9Ic3XNZc&urls=!1!366!b-13j,!0!500!b-13l,!1!365!b-14s,!1!0!b-14t,!1!302!b-150,!1!388!b-16f&rnd=1706490883784&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=38

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.242 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-242.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 01:14:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 29 Jan 2024 01:14:43 GMT

GET 57333
i.liadm.com/s/ 0
0

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 8803 0
0 39ms
38ms Document
text/html 108.157.142.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-40.mci50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://mytic.wleads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 221950
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 26 Jan 2024 11:35:35 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront)
x-amz-cf-id: -EIF6HeBdWYIZ8uqaGVYaCpimdVds6-DoUE2wbTmJY6VyQ-oCxh3Bg==
x-amz-cf-pop: MCI50-P1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 style.min.css
primescreenstreams.com/lp/tnk/movieAngleBlack/styles/ 8 KB
2 KB 46ms
42ms Stylesheet
text/css 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: d6d8205f95c07de8208b1caabc9100d56ac34a8c41be4cf1beff0ec04b322bcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 08:57:40 GMT
content-encoding: br
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 58624
etag: W/"65b3726a-2051"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: OPS-19xKosYjz5jj9-4NIN4XFo1yyEQPTr4G1_hnPZ1lOmy77JU75w==
apigw-requestid: SPiIqglJDoEEMJQ=

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 57 KB
11 KB 119ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Requested by

Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5841573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10301
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-e4d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL630Ok7cRP6HT1WYmscWhgRt0k6JFexkn7%2BX3HlnLnlylcW65A0FeI4s3EQg3Z18teaKMylxp%2F2jFQBcaTsQtruItkNmo02T1Im6yLarsexaxc%2B7thmSqpk0uaQSdllNcpW%2B28ncqQTF6nWu2FnqZm8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84cd9eba19fd4bc6-BUF
expires: Sat, 18 Jan 2025 01:14:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 101ms
41ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7240af635d00ddb6a88777c1ffd762ff0e65032e26210a2377d01bc39e462906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 00:04:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:14:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
1 KB 102ms
43ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&family=Source+Sans+3:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95347fab442992cd6fe3a9e64df6585686524b12705606727ad7e831b4f117d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:14:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:14:44 GMT

GET
H2 200 ace-push.min.js Show response
pushcity1.xyz/ 9 KB
4 KB 441ms
352ms Script
text/javascript 2606:4700:3036::ac43:dcdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pushcity1.xyz/ace-push.min.js
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:dcdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2cd64e28cbf715cce8e902614db1478b2f93e4a5dd2ea61e3786931eef8ee6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:14:44 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 24 Jan 2024 10:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da4eb2040d8a30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGLBB8iKl%2F9dh60dwrEW%2BefVyXs4zbzLR93r8dMaDuLi2eiWM5tw9wiA2jsAZqBsMlfSc5zozX3tLhN2C7tLbFje%2BhKp5ctUYdKQ8dw1oZCIEbjyjLZNX5FE5kabHlp9o92QVPX%2BB86cfHVR"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84cd9eba2fee6aee-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 146 KB
146 KB 46ms
44ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/logo.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 11ccc6eb83440d930d01c6a54ed84ed70adea67154ff74208543b763b6905e1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:25 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56659
etag: "65b3726a-24797"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 149399
apigw-requestid: SJAHVg9qjoEEMow=
x-amz-cf-id: S_zQpkH3yID1jWWQZaaEbODim6wz_PJEiPOJsy55qhfusWsjY8Vt7g==

GET
H2 200 burger.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 234 B
591 B 44ms
42ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/burger.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: c28c4f21354c78f993a2330aea95d000ced8e994c06029c5a965bb3afc8415db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:25 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56659
etag: "65b3726c-ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 234
apigw-requestid: SJAHVhOfDoEEM7w=
x-amz-cf-id: HjKrkSpsYaNcZ9OS-YB-YoL5p7jfVMVoqMuDxCugfDdW7p-OyzhHDQ==

GET
H2 200 header.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 231 KB
231 KB 99ms
93ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/header.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: fa15c47901bd706d39d9bd6c111ad4ad012975c038924f388b9e52106e7880dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:25 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56658
etag: "65b3726a-39a65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 236133
apigw-requestid: SJAHog9UjoEEPCw=
x-amz-cf-id: FyB82oAm1kwpYpkCBX9JgRaOs2baQrSv_ajSUfo6Pceusp-wvSvNiA==

GET
H2 200 icon-pass.webp
primescreenstreams.com/lp/tnk/genericAngleWhite/images/ 753 B
1 KB 54ms
53ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/genericAngleWhite/images/icon-pass.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 44c685efbfc0ba4962d77b3adc0d00848cb883b0c395dd331965254d97a35450

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:28:25 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56779
etag: "65b3726c-2f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 753
apigw-requestid: SJAHqi09DoEEJgA=
x-amz-cf-id: mPa_HuLw27FSCtc4sCgK9Sz2UoiOsZiNlMqTZoIuk8svmkLoQYx0ZQ==

GET
H2 200 man.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 224 KB
225 KB 45ms
44ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/man.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: c6f450eaf0359b5f5ff1098298bf256532493823be43314b056ba16b1ef2a7fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:25 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56659
etag: "65b3726a-38146"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 229702
apigw-requestid: SJAHqhpgjoEEPNA=
x-amz-cf-id: 89FUYoy__9jl0P-mjfjqlQ9NZj3ZM7pI4qvEa-uEUwfjH3b8VWpv_w==

GET
H2 200 1.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 72 KB
72 KB 50ms
49ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/1.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 7369e729d3362682c41f140b3eed203882495569ff4d35cd901446c57817dfbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:07:09 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 40055
etag: "65b3726c-11eee"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 73454
apigw-requestid: SQPeOgIijoEEMQQ=
x-amz-cf-id: YVgz_dMSJcOqWpqe8t-Otomyv71ly-TtiTd9XGeAjFjmPKlt-E-6ow==

GET
H2 200 2.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 68 KB
68 KB 42ms
41ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/2.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 6e72f09bfd31380f639080f5161bee6e6425435f3b6e18daa5c3e644f8d74172

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:59:44 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 54900
etag: "65b3726c-10e91"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 69265
apigw-requestid: SPrOog5njoEEMwQ=
x-amz-cf-id: CM0IjZbXw89W0vKgmcbZArFC-T5WZjkDKTX7NbU2GBZa6VE0eWvJoA==

GET
H2 200 3.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 69 KB
70 KB 42ms
41ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/3.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: eaf083aa4fe34fafe44ae043659f71237741ea0016e87fcff9741549399cd858

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:07:09 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 40055
etag: "65b3726c-115be"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 71102
apigw-requestid: SQPeOi75joEEJ0g=
x-amz-cf-id: uIrJCBmLPqwwups89_Nj-SAv8IZNpzh0f2a8UQwBGRA6_Drmj3lubg==

GET
H2 200 4.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 73 KB
74 KB 51ms
50ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/4.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 242f57c1ca7ff14af0aa5811ba0bd8e512e1703bb41c4e459935f2881bc730cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:37 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56647
etag: "65b3726c-124c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 74949
apigw-requestid: SJAHqit0joEEJ0Q=
x-amz-cf-id: RlE1RsG2bSSJ9qeErTOgHC6Ac6gMBahoKfKPYUx2u9iEy38MIhUdoQ==

GET
H2 200 index.js Show response
primescreenstreams.com/lp/tnk/validation/ 474 B
811 B 41ms
40ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/tnk/validation/index.js
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 22cbeba4d1c406556eb3362bb18bfe80dfef70d00159caca82d8d2e5404728a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:18:29 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:32 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 39375
etag: "65b37258-1da"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 474
apigw-requestid: SQRIaiz6joEEM5A=
x-amz-cf-id: ySdHzdnWe-z_V4733N8ylk9AnC2AU2--8p5WM_6X5KJmoK5UjefS-w==

GET
H2 200 script.js Show response
primescreenstreams.com/lp/tnk/movieAngleBlack/scripts/ 4 KB
1 KB 42ms
41ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/scripts/script.js
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 5184ed76af13f694e89ec50b4e1950f56df03e0903e14a7c567880ca7c7b1ea4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 13:29:05 GMT
content-encoding: br
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 42339
etag: W/"65b3726a-1151"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8k3kadIPMq4RDbcSwcgFAxTTPb81TkNR5Vt9aS7b5AlHuuBgZrks2w==
apigw-requestid: SQJ5PghfjoEEJWA=

GET
H2 200 back-header.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 2 MB
2 MB 46ms
45ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/back-header.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 84166a2510e711840185fc06ab0f41077aa20375b90649629100a52998d1cffe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:07:10 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 40054
etag: "65b3726a-1c0cd1"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 1838289
apigw-requestid: SQPePih5DoEEJIQ=
x-amz-cf-id: pO92atn7VjKxFY6ahDmrn7gqaYTmZSn4CnB5W1viRWQBwMcWZEm5HQ==

GET
H2 200 mail.webp
primescreenstreams.com/lp/tnk/genericAngleWhite/images/ 370 B
725 B 91ms
88ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/genericAngleWhite/images/mail.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 0f4d808a90209da2971482114536085ba5f64e53f037574236cfa4c07e949007

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:28:33 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56771
etag: "65b3726c-172"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 370
apigw-requestid: SJAHsgJgDoEEMlQ=
x-amz-cf-id: nsNx3W6cT5JewAaPrchlZL_y2d42UAEfSQ9hjevSBYTd8XThkeuJhg==

GET
H2 200 padlock.webp
primescreenstreams.com/lp/tnk/genericAngleWhite/images/ 417 B
754 B 91ms
89ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/genericAngleWhite/images/padlock.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 3a247e29789c8714b07919c8cd2202a3b2351988aa72ca81e98f008fb82d46bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:18:31 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:52 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 39373
etag: "65b3726c-1a1"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 417
apigw-requestid: SQRIpgL-joEEP8A=
x-amz-cf-id: brYEacVTcQXBCI_5_CwpbtarBUkQ2O8IJR6QZ2ARkAB_Jk0Yb5srFg==

GET
H2 200 icon.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 1 KB
2 KB 91ms
88ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/icon.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 74754fc39e036318e45a5ba8662ee8b5d9c9028ddd8542d20c85a2045f8d76d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:59:44 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 54900
etag: "65b3726a-515"
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 1301
apigw-requestid: SPrOpgj7joEEJsg=
x-amz-cf-id: UPeD1BfTAZ07L5wQbBYGNKXgqDWZutqC0gG3P8vBtGFcAJhyDnbegg==

GET
H2 200 women.webp
primescreenstreams.com/lp/tnk/movieAngleBlack/image/ 963 KB
964 KB 108ms
105ms Image
image/webp 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/image/women.webp
Requested by: Host: primescreenstreams.com
URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 23602e0fa0f52791830fb212aac10bdb73a7c0349a9fd0d0e18b86a4115c3209

Request headers

accept-language: en-US,en;q=0.9
Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/styles/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:30:37 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:50:50 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56647
etag: "65b3726a-f0bb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 986035
apigw-requestid: SJAKXhshDoEEPuA=
x-amz-cf-id: FtyhWRAJfb_cYXZqnjZzYTSq7YWnkzHXwcIThgFH84iGnm3uaRkB7Q==

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 93ms
25ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&family=Source+Sans+3:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:00:34 GMT
x-content-type-options: nosniff
age: 242050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:00:34 GMT

GET
H2 200 nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 28 KB
28 KB 96ms
28ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesans3/v15/nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:28:37 GMT
x-content-type-options: nosniff
age: 463567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28816
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 16:28:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 127ms
59ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 04:14:19 GMT
x-content-type-options: nosniff
age: 421225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 04:14:19 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 125ms
57ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:32:09 GMT
x-content-type-options: nosniff
age: 456155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 18:32:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 133ms
65ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:28:28 GMT
x-content-type-options: nosniff
age: 463576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 16:28:28 GMT

GET
H2 200 utils.js Show response
primescreenstreams.com/lp/sdk/utils/ 8 KB
2 KB 162ms
142ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/utils/utils.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 7c68ceca8bba6a980cc0dafb9206b8c194cf1f30f72f16cc55c8c9155556172a

Request headers

Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:21:28 GMT
content-encoding: br
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 57196
etag: W/"65b37319-1ece"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
x-amz-cf-id: -no-21gzRklhmvrDDSpEFpsAv4ftSxuqnyXSugTSlT5p3tKQQrLL9A==
apigw-requestid: SI_IpgqADoEEMng=

GET
H2 200 tnkApi.js Show response
primescreenstreams.com/lp/sdk/tnk/scripts/ 339 B
737 B 160ms
142ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/tnk/scripts/tnkApi.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: ce31f868d8d3750c8e3da1430709263c1f6cc48e65af6e9e392b51e781340abf

Request headers

Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:28:27 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56777
etag: "65b37319-153"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
accept-ranges: bytes
content-length: 339
apigw-requestid: SJAHtiU2DoEEMEg=
x-amz-cf-id: QuVzYQU8ZZuzNg_LBtAi0W5VVKgpqjBguPCh7q4Bm6KAignH2H80kA==

GET
H2 200 utils.js Show response
primescreenstreams.com/lp/sdk/tnk/utils/ 355 B
752 B 158ms
141ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/tnk/utils/utils.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: e559bc3850cc8ca277e16b48d611c60b4886e0b34d433422bbfa48e895f1cd1f

Request headers

Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:28:27 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56777
etag: "65b37319-163"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
accept-ranges: bytes
content-length: 355
apigw-requestid: SJAHth5bDoEEMnQ=
x-amz-cf-id: 8-tc1IHCpToDJg4qaHT8kkyloZHPai1uIc8qvC2EhcTVnz3oNGrrIw==

GET
H2 200 preland.js Show response
primescreenstreams.com/lp/sdk/aff/ 1 KB
953 B 159ms
143ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/aff/preland.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 1217b55c36f5db48674e31d5305fa69fecf4b34ae425b6edd3363a0f2ddb30dd

Request headers

Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:20:14 GMT
content-encoding: br
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 57270
etag: W/"65b37319-535"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
x-amz-cf-id: UOvJuUgGb1zkYH_jIFp4sQ2GUV8Z0qnYLITH8bLw6fNcfL8ctZa6PA==
apigw-requestid: SI_IngAejoEEMVA=

GET
H2 200 content.js Show response
primescreenstreams.com/lp/sdk/tnk/services/ 4 KB
2 KB 156ms
144ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/tnk/services/content.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: e7e283f5203b155a8f91d1dc8bf4f054042dd9710d03b784c8d8aad177759d9a

Request headers

Referer: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:20:48 GMT
content-encoding: br
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 57236
etag: W/"65b37319-1040"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
x-amz-cf-id: W3kBX7Ot22S_Sy4tK0Zo4OVILWWbXbVUXXz-5Wl1m7-4VkYlKHyyGA==
apigw-requestid: SI_Ipg3DDoEEM0w=

GET
H2 200 utilsConstant.js Show response
primescreenstreams.com/lp/sdk/utils/ 100 B
497 B 41ms
40ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/utils/utilsConstant.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: efc12605f96404738d9bfb5d2f34ba5205ff18ff14417946b8a3c64b9076a8c8

Request headers

Referer: https://primescreenstreams.com/lp/sdk/utils/utils.js
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:28:27 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 56777
etag: "65b37319-64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
accept-ranges: bytes
content-length: 100
apigw-requestid: SJAIbhmFDoEEPxw=
x-amz-cf-id: sIO9IW57sZDrbxsAjhsqr3DDXrdh1GS_t9sEu0v3leSP7tAxZZqcgw==

GET
H2 200 abstractapi.js Show response
primescreenstreams.com/lp/sdk/api/abs/ 360 B
741 B 41ms
41ms Script
application/javascript 108.157.142.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://primescreenstreams.com/lp/sdk/api/abs/abstractapi.js
Requested by: Host: mytic.wleads.xyz
URL: http://mytic.wleads.xyz/register.php?sub=hilux
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.142.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-142-129.mci50.r.cloudfront.net
Software: nginx /
Resource Hash: 1576b8420b1d280e8ecd19b3733435c539150a63519cfc4dac98393209868a99

Request headers

Referer: https://primescreenstreams.com/lp/sdk/tnk/scripts/tnkApi.js
Origin: https://primescreenstreams.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 14:18:34 GMT
via: 1.1 b0a64e9cc5e3b7be7927374083991434.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 08:53:45 GMT
server: nginx
x-amz-cf-pop: MCI50-P1
age: 39370
etag: "65b37319-168"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: https://primescreenstreams.com
accept-ranges: bytes
content-length: 360
apigw-requestid: SQRJHjk2DoEEQtw=
x-amz-cf-id: oH3MD_mn4FmRnLGWWlhX3-ni0by2ZvcTgv7_9v46JLE2NCT2YwtAwA==

POST
H2 200 visit Show response
pushvisit.xyz/api/v1/ 2 KB
2 KB 102ms
102ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Requested by: Host: pushcity1.xyz
URL: https://pushcity1.xyz/ace-push.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8fa89fe00316120f6108d4bd56272445339c8c6b272870d53aa0e611ed64bc92

Request headers

Referer: https://primescreenstreams.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 29 Jan 2024 01:14:44 GMT
server: Kestrel
content-length: 1650
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visit
pushvisit.xyz/api/v1/ Frame 0
0 439ms
96ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://primescreenstreams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Mon, 29 Jan 2024 01:14:45 GMT

POST
H3 200 log-client-error
pushcity1.xyz/api/v1/visit/ 0
0 113ms
113ms Fetch 2606:4700:3036::ac43:dcdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pushcity1.xyz/api/v1/visit/log-client-error
Requested by: Host: pushcity1.xyz
URL: https://pushcity1.xyz/ace-push.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:dcdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://primescreenstreams.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 29 Jan 2024 01:14:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS3%2BRpcuZ2Zw78KFU8RObxt2UbdaTuLcZfrQAyRP1a9pXDqtgZDLsAu2vpNobbDmTY%2Fu4mtdf%2BAqXpdWRuvkhMYUsLYJ8JxHS3wc4VKO7ctkmGNN0jHIhvuv9c7jSUBMdkuCEUjSCtoA3ZJr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 84cd9ec71c684bc1-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
pushcity1.xyz/api/v1/visit/ Frame 0
0 419ms
354ms Preflight 2606:4700:3036::ac43:dcdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pushcity1.xyz/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:dcdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://primescreenstreams.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84cd9ec4db3e4bc1-BUF
content-length: 0
date: Mon, 29 Jan 2024 01:14:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH4TOE63f3iPH%2FF34u709TuRpeclgMxHFUoQ7Vi6khhe%2BA%2FY%2F4MBzrT%2BYYSnR3xbiBhc6KaPEIitoQK2yL6VtdmxS3Zjc18Wpp2UYUdMuBvVAPpMgD4xEjHsEh4T1mjh54uF4yj9DTySrsyz"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.mookie1.com
URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6719206339047e0c11a1e7fb48fbcf28

Domain: live.rezync.com
URL: https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d1446bf6-4aed-4a43-82c7-9dd37b4edde5

Domain: i.liadm.com
URL: https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IEdqASZHu8SlZMuOR2CH0z5W&rnd=38994

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker

100 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 18:44:42	Name: _li_ss Value: ChcKBgjSARCLFwoGCKIBEIsXCgUIDBCVFw
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstCfa4833994 Value: 1706490880079
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstCla4833994 Value: 1706490880079
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstCmu4833994 Value: 1706490880079
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstPn4833994 Value: 1
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstPt4833994 Value: 1
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstCnv4833994 Value: 1
mytic.wleads.xyz/	1970-01-21 02:47:06	Name: HstCns4833994 Value: 1
.wleads.xyz/	1970-01-20 20:06:47	Name: __dtsu Value: 6D001706490880456E0414CDF974EAAB
.sharethis.com/	1970-01-21 02:48:33	Name: __stid Value: ZGUABWW2/AAAAAAIDee8Aw==
.sharethis.com/	1970-01-21 02:48:33	Name: __stidv Value: 2
.tynt.com/	1970-01-21 02:47:06	Name: uid Value: CoIKSWW2/AB6mWRPBvLkAg==
.dtscdn.com/	1970-01-20 22:19:16	Name: uid Value: 6D001706490880456E0414CDF974EAAB
.wleads.xyz/	1970-01-20 18:01:30	Name: lotame_domain_check Value: wleads.xyz
.tynt.com/	1970-01-20 20:11:06	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1706490880669%7D%5D
.t.sharethis.com/	1970-01-20 18:21:40	Name: pxcelPage_default_c010_C Value: 1_0_1706490880783
.33across.com/	1970-01-21 02:47:06	Name: 33x_ps Value: u%3D212461255148182%3As1%3D1706490880783%3Ats%3D1706490880783
.tapad.com/	1970-01-20 19:27:54	Name: TapAd_TS Value: 1706490880786
.tapad.com/	1970-01-20 19:27:54	Name: TapAd_DID Value: 4ab86f06-bcc2-461a-b713-b53cc197bd32
.go.affec.tv/	1970-01-21 02:47:06	Name: ck Value: 65b6fc00c9576b0001e9b4b8
.go.affec.tv/	1970-01-21 02:47:06	Name: oo Value: 1
.onaudience.com/	1970-01-21 02:47:06	Name: cookie Value: f10daea04ca1bce1
.onaudience.com/	1970-01-20 18:02:57	Name: done_redirects147 Value: 1
.linkedin.com/	1970-01-20 20:11:06	Name: li_sugr Value: 92c8edd7-d909-40fa-ae4e-4b9c3a288770
.linkedin.com/	1970-01-21 02:47:06	Name: bcookie Value: "v=2&58dbd8cf-76f9-4ba4-8152-d8c9d0e070ee"
.linkedin.com/	1970-01-20 18:02:57	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2702:u=1:x=1:i=1706490880:t=1706577280:v=2:sig=AQGiBKZLgHGVBEOZMremNnsy1u57Fulz"
.adsrvr.org/	1970-01-21 02:48:33	Name: TDID Value: 38afbb98-ab50-4f4a-9e80-03d10d9abaa7
.eyeota.net/	1970-01-21 02:48:33	Name: mako_uid Value: 18d52c8637e-1cec0000010a5f29
.adnxs.com/	1970-01-21 03:37:30	Name: receive-cookie-deprecation Value: 1
.rlcdn.com/	1970-01-21 02:47:06	Name: rlas3 Value: 1sqNNk3X6Z1gWBoWkqfIHG82dZRVKVHbC+129CeR9P0=
.ml314.com/	1970-01-21 02:48:33	Name: pi Value: 3641682498129756229
.eyeota.net/	1970-01-20 18:01:31	Name: SERVERID Value: 24361~DM
.lijit.com/	1970-01-21 02:47:06	Name: ljt_reader Value: IEdqASZHu8SlZMuOR2CH0z5W
.rlcdn.com/	1970-01-20 19:27:54	Name: pxrc Value: CID4260GEgUI204QAA==
.bluekai.com/	1970-01-20 22:20:42	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:23:35	Name: bku Value: +rQ999eX+ZVFqwGB
.onaudience.com/	1970-01-20 18:02:57	Name: done_redirects252 Value: 1
.adnxs.com/	1970-01-20 20:11:06	Name: XANDR_PANID Value: MapNvXVO1uTZXBii4X-t80-keUROHjnMkdJC05IlXAxLTTTOPFavJ49aiUcCrQRsSeOoQ6eUTgDx4R5nP4Y0PG7bsOlTkbw9nd2NezBZawM.
.adnxs.com/	1970-01-20 20:11:06	Name: uuid2 Value: 5354349388531268674
.pippio.com/	1970-01-21 02:47:06	Name: did Value: 4XJi0_Fl-deWJyjm
.pippio.com/	1970-01-21 02:47:06	Name: didts Value: 1706490881
.pippio.com/	1970-01-20 19:27:54	Name: nnls Value:
.pippio.com/	1970-01-20 19:27:54	Name: pxrc Value: CIH4260GEgYIgr0rEAA=
.adnxs.com/	1970-01-20 20:11:06	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hc#DNfrd!@wnf-Te9(>wL5L!!'UX$leTS
.go.affec.tv/	1970-01-21 02:47:06	Name: pt Value: eyJhbiI6eyJkdCI6MTcwNjQ5MDg4MSwiaWQiOiI5NTczNDM0MDEyMDU2MDg3MjciLCJscyI6MTcwNjQ5MDg4MX0sInR0Ijp7ImR0IjoxNzA2NDkwODgwLCJpZCI6IkNvSUtTV1cyL0FCNm1XUlBCdkxrQWc9PSIsImxzIjoxNzA2NDkwODgwfSwidGQiOnsiZHQiOjE3MDY0OTA4ODEsImlkIjoiMzhhZmJiOTgtYWI1MC00ZjRhLTllODAtMDNkMTBkOWFiYWE3IiwibHMiOjE3MDY0OTA4ODF9LCJ2IjowfQ==\|1706490881\|9aac2051d73a1ce62a6099b6ec82f2c5bd9f9a82
.doubleclick.net/	1970-01-21 03:37:30	Name: IDE Value: AHWqTUkMuXxvGMteyqdPQ9RxMB-3F-Jq9D7EPsvi0nKpZJ-ooR6Ve1Nl8q8v-pFLRg0
.yahoo.com/	1970-01-21 02:47:28	Name: A3 Value: d=AQABBAH8tmUCECfci45EjpbigYgEl1XDvF0FEgEBAQFNuGXAZdxH0iMA_eMAAA&S=AQAAAmc6LKoX6ZGG6PbMH5xmWi8
.krxd.net/	1970-01-20 22:20:42	Name: _kuid_ Value: QEFFzTo7
.onaudience.com/	1970-01-20 18:02:57	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1970-01-21 00:30:18	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:30:18	Name: _cc_id Value: 6719206339047e0c11a1e7fb48fbcf28
.onaudience.com/	1970-01-20 18:02:57	Name: done_redirects109 Value: 1
.intentiq.com/	1970-01-21 03:37:30	Name: IQver Value: 1.9
.crwdcntrl.net/	1970-01-21 00:30:18	Name: _cc_cc Value: "ACZ4XmNQMDM3tDQyMDM2tjQwMU81SDY0TDRMNU9LMrFIS0pOM7JgAILUbX%2BY%2FgMBP4gDBrzXD7caMX6UZfjPyMhw74MljNm%2B7ik3jH3u6CFmGPvnxiksMPalU4%2FYYOzd%2By4LwNgfGu7D2YcXz4Gr%2Fz3zABNMzfZuLRjz3RKEkob%2FmjBhAIOTRXo%3D"
.crwdcntrl.net/	1970-01-21 00:30:18	Name: _cc_aud Value: "ABR4XmNgYGBI3faHCUhBADMDA9cMMHNRK4hkfFgPJAFmRAVH"
.wleads.xyz/	1970-01-21 00:30:18	Name: _cc_id Value: 6719206339047e0c11a1e7fb48fbcf28
.wleads.xyz/	1970-01-20 18:02:57	Name: panoramaId_expiry Value: 1706577282341
.wleads.xyz/	1970-01-20 18:02:57	Name: panoramaId Value: fc071abd646f68ca84c788d2ffbca9fb927ac0a6d597dc23030c3d269c4c0a25
.wleads.xyz/	1970-01-20 18:02:57	Name: panoramaIdType Value: panoDevice
.adsrvr.org/	1970-01-21 02:48:33	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCPD5wsS2nNA8EAUYASABKAIyCwiY4bv3zJzQPBAFOAFaBmxvdGFtZWAC
.rqtrk.eu/	1970-01-20 18:11:35	Name: browser_id Value: 1:afe11ae5-3b83-4e2b-8541-2774eb840805
.analytics.yahoo.com/	1970-01-21 02:47:06	Name: IDSYNC Value: "199z~2gg1:19bk~2gg1"
.pubmatic.com/	1970-01-20 18:02:57	Name: KTPCACOOKIE Value: YES
.truoptik.com/	1970-01-21 02:47:06	Name: to_master_s Value: b73a861c08fb52448514e7d3878c4685
.truoptik.com/	1970-01-21 02:47:06	Name: to_version_s Value: b2
.agkn.com/	1970-01-21 02:47:06	Name: ab Value: 0001%3A%2F%2FTBZcREWKfKQtY9FmgNKMOOReN1GqFD
.pubmatic.com/	1970-01-21 02:47:06	Name: KADUSERCOOKIE Value: 4A236DB4-AA68-47ED-B734-BC6112E4960E
.mgid.com/	1970-01-21 02:47:06	Name: muidn Value: o0sG5LNAg0eh
.mgid.com/	1970-01-20 18:01:32	Name: __cf_bm Value: Hl5o4xSkVtaDK_2aK4Q_.ZwQy19r.r3zF3fP_sKSgg8-1706490882-1-AZWf82ig13VH+m7YZ0NyYzBNmT/ta0HpX/3Pu3MpV2flqs4UGuGy3+hodvwDjWsxX+y1nh3YEWCOqqzen89VOnc=
.smartadserver.com/	1970-01-21 02:48:33	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:48:33	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.demdex.net/	1970-01-20 22:20:42	Name: demdex Value: 34349640516712727834051638257611467702
.tapad.com/	1970-01-20 19:27:54	Name: TapAd_3WAY_SYNCS Value: 1!697-2!697
.smartadserver.com/	1970-01-21 02:48:33	Name: pid Value: 3729478519239469587
.amazon-adsystem.com/	1970-01-20 23:55:45	Name: ad-id Value: A4e2quyCA0caiSFjLxtwmgA
.amazon-adsystem.com/	1970-01-21 03:37:30	Name: ad-privacy Value: 0
.dpm.demdex.net/	1970-01-20 22:20:42	Name: dpm Value: 34349640516712727834051638257611467702
cm.mgid.com/	1970-01-20 18:44:42	Name: mg_sync Value: {}
.sitescout.com/	1970-01-21 02:47:06	Name: ssi Value: 803ee2c9-7aef-49fb-8c5d-3ec36cc4ed69#1706490882687
sync.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id Value: s%3A0-d8b92780-258e-5bdf-45df-9b3859e34aeb.sKyAXXnQmzYepGykx196k8gHwq0UE8XaEeb3e1bcTZI
.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id Value: s%3A0-d8b92780-258e-5bdf-45df-9b3859e34aeb.sKyAXXnQmzYepGykx196k8gHwq0UE8XaEeb3e1bcTZI
sync.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id-v2 Value: s%3A2LkngCWOW99F35s4WeNK62AJ-SM.je%2Bl6WIGFML0rtAPwd8EmHT%2Ft0l80OF8vrHf3JoAT5E
.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id-v2 Value: s%3A2LkngCWOW99F35s4WeNK62AJ-SM.je%2Bl6WIGFML0rtAPwd8EmHT%2Ft0l80OF8vrHf3JoAT5E
sync.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id-v3 Value: s%3AAQAKIK_3Oa1C5FMlGhAAEwI4dJZitugoxf_-CFunWht8VrRMEHwYBCCC-NutBjABOgQ7vvenQgS9WJ0E.SqeoDbMUhRlYZs5Kyn9xwcU%2BX8NUByzOzd9Bf8htghs
.srv.stackadapt.com/	1970-01-21 02:47:06	Name: sa-user-id-v3 Value: s%3AAQAKIK_3Oa1C5FMlGhAAEwI4dJZitugoxf_-CFunWht8VrRMEHwYBCCC-NutBjABOgQ7vvenQgS9WJ0E.SqeoDbMUhRlYZs5Kyn9xwcU%2BX8NUByzOzd9Bf8htghs
.sitescout.com/	1970-01-20 18:44:42	Name: _ssuma Value: eyI3IjoxNzA2NDkwODgyNzI2fQ
.rubiconproject.com/	1970-01-21 02:47:06	Name: khaos Value: LRY8M0A4-17-HS
.rubiconproject.com/	1970-01-21 02:47:06	Name: audit Value: 1\|wU+aPg3hy+YrgD96OjpT9m+o9tFjVplXUyO45ENZan0JuCL1SieyTZW8Wau0mJifPH1WciyYZeNCbuL7wqM7W80qs7nZ3hbKLUx5g/4HlbKq7ZSe2GdqLIxY1fqIbYD1o9Ug/f/lytrmM9hfUY6Tc32NFdeBSG8DIMI8Z44gR8I=
.turn.com/	1970-01-20 22:20:42	Name: uid Value: 4286438472597518537
.liadm.com/	1970-01-21 03:37:30	Name: lidid Value: d1446bf6-4aed-4a43-82c7-9dd37b4edde5
watch.primescreenstreams.com/	1970-01-21 02:47:06	Name: afclick Value: 65b6fc03067ca00001bdc025
watch.primescreenstreams.com/	1970-01-21 02:47:06	Name: afoffers Value: {"82180":1706490883}
.simpli.fi/	1970-01-21 02:48:33	Name: suid Value: F90A7F8248BC4D2DB4FC9953E9F356ED
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aja4vdlgy2myrfnplhirjqwd
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 42
.lijit.com/	1970-01-21 02:47:06	Name: _ljtrtb_2 Value: F90A7F8248BC4D2DB4FC9953E9F356ED
.pushcity1.xyz/	1970-01-20 18:01:34	Name: TiPMix Value: 28.695539127727088
.pushcity1.xyz/	1970-01-20 18:01:34	Name: x-ms-routing-name Value: self

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://mytic.wleads.xyz/register.php?sub=hilux Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEdqASZHu8SlZMuOR2CH0z5W' because its MIME type ('image/gif') is not executable.
other	error	URL: https://primescreenstreams.com/lp/tnk/movieAngleBlack/index.php?to=aHR0cHM6Ly93YXRjaC5wcmltZXNjcmVlbnN0cmVhbXMuY29tL2NsaWNrP29mZmVyX2lkPTgyMTgwJnBpZD0xNTIyJnN1YjE9NjViNmZjMDM1ZGY1MGYzYjA4OGUyMGQzJnN1YjU9NjU3MTlhOWM5OTZiZTliODgwNGZiNjgx Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
affcpatrk.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
i.liadm.com
ib.mookie1.com
ic.tynt.com
idsync.rlcdn.com
image6.pubmatic.com
live.rezync.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
mytic.wleads.xyz
onetag-geo.s-onetag.com
pd.sharethis.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
primescreenstreams.com
ps.eyeota.net
pushcity1.xyz
pushvisit.xyz
px.ads.linkedin.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
sync.crwdcntrl.net
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track2.securedvisit.com
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
watch.primescreenstreams.com
wt.rqtrk.eu
i.liadm.com
ib.mookie1.com
live.rezync.com
104.17.218.204
107.178.254.65
107.22.105.156
108.139.29.87
108.157.142.129
108.157.142.40
108.157.142.88
13.225.214.117
141.94.170.64
142.250.65.194
149.56.240.31
172.64.153.173
18.173.132.23
18.207.77.150
18.220.111.101
18.233.54.235
20.50.64.3
2001:df7:5300:2::71
207.198.113.86
216.22.16.73
23.48.224.242
23.62.105.110
23.79.184.99
2606:4700:10::6814:4f63
2606:4700:1::6813:844c
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2606:4700:3036::ac43:a392
2606:4700:3036::ac43:dcdb
2606:4700::6811:180e
2606:4700::6812:acf
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2003
2620:112:f002:bbbb::23
2620:1ec:21::14
3.130.132.252
3.220.12.195
3.33.220.150
34.111.113.62
34.117.77.79
34.150.170.96
34.193.241.34
34.200.65.202
34.90.81.51
35.244.154.8
50.16.197.56
51.222.241.106
51.255.127.45
52.203.254.206
52.204.253.76
52.206.55.165
52.46.130.91
52.71.57.44
52.72.60.253
54.230.163.124
67.202.105.23
67.202.105.33
68.67.160.117
69.173.151.100
75.2.13.80
8.28.7.81
00597cc541a08823313afe238d6ac2a6675682a862e92e1fe5c0275d52729230
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0f4d808a90209da2971482114536085ba5f64e53f037574236cfa4c07e949007
11ccc6eb83440d930d01c6a54ed84ed70adea67154ff74208543b763b6905e1f
1217b55c36f5db48674e31d5305fa69fecf4b34ae425b6edd3363a0f2ddb30dd
1427c68123b706628304227b0877d16a6b9ffe0b16b3c9d20345425b3805db84
1576b8420b1d280e8ecd19b3733435c539150a63519cfc4dac98393209868a99
22cbeba4d1c406556eb3362bb18bfe80dfef70d00159caca82d8d2e5404728a6
23602e0fa0f52791830fb212aac10bdb73a7c0349a9fd0d0e18b86a4115c3209
242f57c1ca7ff14af0aa5811ba0bd8e512e1703bb41c4e459935f2881bc730cd
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
30ba726992def4811f2cc7e2ed4355ce16bf9b0d1e1d7a233063037ee3ad2902
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3a247e29789c8714b07919c8cd2202a3b2351988aa72ca81e98f008fb82d46bd
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
44c685efbfc0ba4962d77b3adc0d00848cb883b0c395dd331965254d97a35450
46bff755d9f1459d90ececf9421affbd7beb2c669fac19d66492e9192155eeb8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5184ed76af13f694e89ec50b4e1950f56df03e0903e14a7c567880ca7c7b1ea4
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55490a7e8ea5499528e533fb4f921369d3a2cdcb72d29c7ffd09103d9b629122
557a903400af72db6126985c5a5ca38196c833e51b4bfb6f7312ae2040ff37e9
68f38dfa311954c7dd925783e39c392f84134c1c343b8fb1502437a5ad4efe0c
6e72f09bfd31380f639080f5161bee6e6425435f3b6e18daa5c3e644f8d74172
7240af635d00ddb6a88777c1ffd762ff0e65032e26210a2377d01bc39e462906
7369e729d3362682c41f140b3eed203882495569ff4d35cd901446c57817dfbf
74754fc39e036318e45a5ba8662ee8b5d9c9028ddd8542d20c85a2045f8d76d8
7c68ceca8bba6a980cc0dafb9206b8c194cf1f30f72f16cc55c8c9155556172a
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84166a2510e711840185fc06ab0f41077aa20375b90649629100a52998d1cffe
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8fa89fe00316120f6108d4bd56272445339c8c6b272870d53aa0e611ed64bc92
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95347fab442992cd6fe3a9e64df6585686524b12705606727ad7e831b4f117d4
9c84ee0532b479541d5ab45b1095e7dd2511fadff4fc4380c21bda7a23464520
a530f200e5e84605122d904bf4e4983898ea4879ce7c610acec142218d8bdbef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67
c28c4f21354c78f993a2330aea95d000ced8e994c06029c5a965bb3afc8415db
c6f450eaf0359b5f5ff1098298bf256532493823be43314b056ba16b1ef2a7fa
c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4
ce31f868d8d3750c8e3da1430709263c1f6cc48e65af6e9e392b51e781340abf
d6d8205f95c07de8208b1caabc9100d56ac34a8c41be4cf1beff0ec04b322bcf
de2cd64e28cbf715cce8e902614db1478b2f93e4a5dd2ea61e3786931eef8ee6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df25dd8158393a45dac9f085ef70fcd6ef01a32bdede5a85da19ee6b2f9a68f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e446ae247fac9ab3a16cb8b1d3cb60b020f86a74016a4d1debb9d14c41b873be
e559bc3850cc8ca277e16b48d611c60b4886e0b34d433422bbfa48e895f1cd1f
e7e283f5203b155a8f91d1dc8bf4f054042dd9710d03b784c8d8aad177759d9a
eaf083aa4fe34fafe44ae043659f71237741ea0016e87fcff9741549399cd858
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc12605f96404738d9bfb5d2f34ba5205ff18ff14417946b8a3c64b9076a8c8
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa15c47901bd706d39d9bd6c111ad4ad012975c038924f388b9e52106e7880dd

primescreenstreams.com Open in urlscan Pro 108.157.142.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

68 %HTTPS

23 %IPv6

53 Domains

70 Subdomains

47 IPs

7 Countries

3905 kBTransfer

4263 kBSize

100 Cookies

0 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

primescreenstreams.com Open in urlscan Pro
108.157.142.129 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

68 %
HTTPS

23 %
IPv6

53
Domains

70
Subdomains

47
IPs

7
Countries

3905 kB
Transfer

4263 kB
Size

100
Cookies

116 HTTP transactions
0 data transactions